[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: www/info
From: Dirk Mueller <mueller () kde ! org>
Date: 2005-07-21 2:55:29
Message-ID: 1121914529.466323.8135.nullmailer () svn ! kde ! org
[Download RAW message or body]
SVN commit 437146 by mueller:
damn. KDE 3.2.3 is affected :(
M +7 -2 3.2.3.php
M +13 -6 security/advisory-20050721-1.txt
--- trunk/www/info/3.2.3.php #437145:437146
@@ -124,9 +124,14 @@
<br>Read the <a href="security/advisory-20050718-1.txt">detailed advisory</a>.
KDE 3.2.x up to including KDE 3.4.0 are affected.
</li>
+<li>
+The Gadu-Gadu protocol handler of Kopete 3.3 and above contains a copy
+of libgadu, that is used if there is no system installed libgadu library.
+Multiple integer overflow vulnerabilities have been found in libgadu.
+<br>Read the <a href="security/advisory-20050721-1.txt">detailed advisory</a>.
+KDE 3.2.3 up to including KDE 3.4.1 are affected.
+</li>
-
-
</ul>
<h2><a name="bugs">Bugs</a></h2>
--- trunk/www/info/security/advisory-20050721-1.txt #437145:437146
@@ -12,11 +12,13 @@
1. Systems affected:
- All versions of Kopete as included in
- KDE 3.3.x up to including 3.4.1. KDE 3.2.x and older
- are not affected.
+ All versions of Kopete as included in KDE 3.2.3 up to including
+ KDE 3.4.1. KDE 3.2.2 and older are not affected.
+ Kopete 0.9.x releases starting with 0.9.4 and Kopete 0.10.3
+ or newer are unaffected.
+
2. Overview:
Kopete contains a copy of libgadu that is used if
@@ -53,11 +55,16 @@
73ebcef42173bf567d473414693898b0 post-3.3.2-kdenetwork-libgadu.patch
+ A patch for KDE 3.2.3 is available from
+ ftp://ftp.kde.org/pub/kde/security_patches :
+ 69e3379085aeaeecf034468d18a900f6 post-3.2.3-kdenetwork-libgadu.patch
+
+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
-iD8DBQFC3uf4vsXr+iuy1UoRAuttAKCn8JCEHHacoQRhi9li4INeKho2awCgn848
-8jtYgBYreyyqEeObXP2im3k=
-=wUq5
+iD8DBQFC3w5pvsXr+iuy1UoRAuAyAKC5MQPmvhpYiOtypx50dk7fkLCxWACgg0Lv
+XiS2yq32alcX2bEhEArot+Y=
+=FoUx
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic