ekg 1:1.7~rc2-2 source package in Ubuntu
Changelog
ekg (1:1.7~rc2-2) unstable; urgency=high
* Security upload, for sid and etch
* Patched three medium severity security issues in src/events.c:
- CVE-2007-1663 A memory leak in handling image messages, which may cause
memory exhaustion resulting in a DoS (ekg program crash). Exploitable by
a hostile GG user.
- CVE-2007-1664 off-by-one in token OCR function, which may cause a null
pointer dereference resulting in a DoS (ekg program crash). Exploitable
by MiTM (hostile HTTP proxy or TCP stream injection) or a hostile GG
server.
- CVE-2007-1665 potential memory exhaust in token OCR function, which may
cause memory exhaustion resulting in a DoS (ekg program crash).
Exploitable by MiTM (hostile HTTP proxy or TCP stream injection) or a
hostile GG server.
-- Michael Bienia <email address hidden> Wed, 28 Mar 2007 14:16:11 +0100
Upload details
- Uploaded by:
- Michael Bienia
- Uploaded to:
- Feisty
- Original maintainer:
- Marcin Owsiany
- Architectures:
- any
- Section:
- net
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ekg_1.7~rc2.orig.tar.gz | 502.0 KiB | 17b42147dfe4ef8b7d901e285d68c490f7c645240c6934c23f0db82e61ace915 |
| ekg_1.7~rc2-2.diff.gz | 36.0 KiB | be472cc9ee70341ee3cb6b10fac7844b6b256a3ace637519299c87d0f98ac635 |
| ekg_1.7~rc2-2.dsc | 740 bytes | 11201607fcd1381b990ab297a3e38dfb602bc5de397dd63c5e3d4fbbef349d0c |
Binary packages built by this source
- ekg: No summary available for ekg in ubuntu feisty.
No description available for ekg in ubuntu feisty.
- libgadu-dev: No summary available for libgadu-dev in ubuntu feisty.
No description available for libgadu-dev in ubuntu feisty.
- libgadu3: No summary available for libgadu3 in ubuntu hardy.
No description available for libgadu3 in ubuntu hardy.
