Steffen Joeris
2007-Aug-22 06:55 UTC
[SECURITY] [DTSA-55-1] New centerim packages fix multiple buffer overflows
- -------------------------------------------------------------------------- Debian Testing Security Advisory DTSA-55-1 September 1st , 2007 secure-testing-team at lists.alioth.debian.org Steffen Joeris http://secure-testing-master.debian.net/ - -------------------------------------------------------------------------- Package : centerim Vulnerability : buffer overflows Problem-Scope : remote Debian-specific: no CVE ID : CVE-2007-3713 It was discovered that there are multiple buffer overflows, which could lead to the execution of arbitrary code. For the testing distribution (lenny) this is fixed in version 4.22.1-2lenny1 For the unstable distribution (sid) this is fixed in version 4.22.1-2.1 This upgrade is recommended if you use centerim (centerim-common, centerim, centerim-utf8, centerim-fribidi, centericq, centericq-utf8, centericq-fribidi) Upgrade Instructions - -------------------- To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: deb http://security.debian.org/ testing/updates main contrib non-free deb-src http://security.debian.org/ testing/updates main contrib non-free To install the update, run this command as root: apt-get update && apt-get upgrade For further information about the Debian testing security team, please refer to http://secure-testing-master.debian.net/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-announce/attachments/20070822/fbd40257/attachment.pgp