'www/info' - MARC

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    www/info
From:       Dirk Mueller <mueller () kde ! org>
Date:       2005-07-21 0:09:30
Message-ID: 1121904570.362388.4487.nullmailer () svn ! kde ! org
[Download RAW message or body]

SVN commit 437112 by mueller:

libgadu vulnerabilites


 M  +1 -1      3.2.1.php  
 M  +1 -1      3.2.2.php  
 M  +1 -1      3.2.3.php  
 M  +1 -1      3.2.php  
 M  +9 -1      3.3.1.php  
 M  +9 -1      3.3.2.php  
 M  +8 -2      3.3.php  
 M  +7 -1      3.4.1.php  
 M  +9 -1      3.4.php  
 A             security/advisory-20050721-1.txt  
 M  +1 -0      security/index.php  


--- trunk/www/info/3.2.1.php #437111:437112
@@ -127,7 +127,7 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
 
--- trunk/www/info/3.2.2.php #437111:437112
@@ -127,7 +127,7 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
 
--- trunk/www/info/3.2.3.php #437111:437112
@@ -121,7 +121,7 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
 
--- trunk/www/info/3.2.php #437111:437112
@@ -127,7 +127,7 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
 
--- trunk/www/info/3.3.1.php #437111:437112
@@ -114,12 +114,20 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.3.x up to including KDE 3.4.1 are affected.
+</li>
 
 
 
+
 </ul>
 
 <h2><a name="bugs">Bugs</a></h2>
--- trunk/www/info/3.3.2.php #437111:437112
@@ -94,12 +94,20 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.3.x up to including KDE 3.4.1 are affected.
+</li>
 
 
 
+
 </ul>
 
 <h2><a name="bugs">Bugs</a></h2>
--- trunk/www/info/3.3.php #437111:437112
@@ -111,12 +111,18 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
 
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.3.x up to including KDE 3.4.1 are affected.
+</li>
 
-
 </ul>
 
 <h2><a name="bugs">Bugs</a></h2>
--- trunk/www/info/3.4.1.php #437111:437112
@@ -20,7 +20,13 @@
 unless stated otherwise.</p>
 
 <ul>
-<li>None known yet</li>
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.3.x up to including KDE 3.4.1 are affected.
+</li>
 </ul>
 
 
--- trunk/www/info/3.4.php #437111:437112
@@ -38,11 +38,19 @@
 generates a backup file with default permissions upon saving. Depending
 on the setup, this could cause file content leak to local and remote
 (due to network transparency) users.
-<br>Read the <a href="security/advisory-20050718-3.txt">detailed advisory</a>.
+<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
 KDE 3.2.x up to including KDE 3.4.0 are affected.
 </li>
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.3.x up to including KDE 3.4.1 are affected.
+</li>
 
 
+
 </ul>
 
 
--- trunk/www/info/security/index.php #437111:437112
@@ -21,6 +21,7 @@
 has its own security page</a>.</p>
 
 <ul>
+  <li><a href="./advisory-20050721-1.txt">2005-07-21 libgadu multiple vulnerabilities</a></li>
   <li><a href="./advisory-20050718-1.txt">2005-07-18 Kate backup file permission leak</a></li>
   <li><a href="./advisory-20050504-1.txt">2005-05-04 Patch updates for kimgio and Kommander</a></li>
   <li><a href="./advisory-20050421-1.txt">2005-04-21 kimgio input validation errors</a></li>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic