Hosting Provided By

[SECURITY] [DSA 1433-1] New centericq packages fix execution of code

From: Steve Kemp <skx(at)debian.org>
Date: Sun Dec 16 2007 - 14:54:43 EST

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

------------------------------------------------------------------------ Debian Security Advisory DSA-1433-1 security@debian.org http://www.debian.org/security/ Steve Kemp December 16, 2007 http://www.debian.org/security/faq
------------------------------------------------------------------------

Package        : centericq
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-3713

Several remote vulnerabilities have been discovered in centericq, a text-mode multi-protocol instant messenger client, which could allow remote attackers to execute arbitary code due to insufficient bounds-testing.

For the stable distribution (etch), this problem has been fixed in version 4.21.0-18etch1.

For the old stable distribution (sarge), this problem has been fixed in version 4.20.0-1sarge5.

We recommend that you upgrade your centericq package.

Upgrade instructions

- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

Do you need help?

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

- --------------------------------

Source archives:

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5.dsc
    Size/MD5 checksum:      875 0e3de98bb55d5af241acbb7c42c47cd0
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5.diff.gz
    Size/MD5 checksum:   117817 a0d486891cbf0dbafd36acda7d329e7a
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0.orig.tar.gz
    Size/MD5 checksum:  1796894 874165f4fbd40e3be677bdd1696cee9d

alpha architecture (DEC Alpha)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_alpha.deb
    Size/MD5 checksum:  1651664 69022dfe5342b1056abca9c9b433532d
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_alpha.deb
    Size/MD5 checksum:   337338 b408f37c75ebff4cca8e0fd9bae2a2e2
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_alpha.deb
    Size/MD5 checksum:  1652642 b1e027154c70c15250c131bcd1584c30
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_alpha.deb
    Size/MD5 checksum:  1651712 1fc9e5fbf1d193d8d6ec6c2fa9cf28bf

amd64 architecture (AMD x86_64 (AMD64))

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_amd64.deb
    Size/MD5 checksum:   335496 e89f821a32c11d314b397ee454da5094
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_amd64.deb
    Size/MD5 checksum:  1355704 f3371f5f48e1057f1fb80714c0ea98bc
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_amd64.deb
    Size/MD5 checksum:  1355942 dbaa8f53bcddceb3828e3b8b857bf833
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_amd64.deb
    Size/MD5 checksum:  1355764 2752c6ff95628f99693521617bc32d73

arm architecture (ARM)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_arm.deb
    Size/MD5 checksum:  2184304 34cd68e7c3f0374c40e545a61446f48c
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_arm.deb
    Size/MD5 checksum:  2185094 7cbfa8db84b905a267ddf518415a7553
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_arm.deb
    Size/MD5 checksum:   336124 19e8fc68148e1ebc8dc6a51c2c488689
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_arm.deb
    Size/MD5 checksum:  2184366 b5ac5dffa73e7273a3e03b91e4413be0

Do you need more help?

hppa architecture (HP PA RISC)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_hppa.deb
    Size/MD5 checksum:  1812692 c21a00400546a5fbf571cf517bd34657
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_hppa.deb
    Size/MD5 checksum:  1813624 f48400ea56e3027d2e828b3353442131
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_hppa.deb
    Size/MD5 checksum:   336228 035a6af70173afb011a9a77631bdab3b
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_hppa.deb
    Size/MD5 checksum:  1812750 10f3220cf0a0334113b4eb6b03e7f63c

i386 architecture (Intel ia32)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_i386.deb
    Size/MD5 checksum:  1350010 fbf767b42da3ffc738073577afea697a
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_i386.deb
    Size/MD5 checksum:  1350074 9d6774522a6bbf7e84d0f87ce82e9f58
Can we help you? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_i386.deb
    Size/MD5 checksum:   334110 b97efb9fceb7f63e09ef0def30f716cf
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_i386.deb
    Size/MD5 checksum:  1350550 fa68852ebf0a4ecc46b0935469421c38

ia64 architecture (Intel ia64)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_ia64.deb
    Size/MD5 checksum:  1881868 43d4acbfdcb7fe40a37be589e3f1f889
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_ia64.deb
    Size/MD5 checksum:  1881936 77abc6350d8bc87065f52f5f95517661
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_ia64.deb
    Size/MD5 checksum:   335478 059947842bbad6c936d26dad1608f1b7
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_ia64.deb
    Size/MD5 checksum:  1882632 d5697b2646c2e8bfc70132a7bc717a2c

mips architecture (MIPS (Big Endian))

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_mips.deb
    Size/MD5 checksum:  1494318 a6ca9d6156ba31fa7cd7ffa86551b415
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_mips.deb
    Size/MD5 checksum:   336222 b36d254b280b4817945617ddf9d08c86
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_mips.deb
    Size/MD5 checksum:  1493754 3935ca3729f8f1a63b734c71ab1082cb
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_mips.deb
    Size/MD5 checksum:  1493802 4bbb63baee483c25d48fb2a45d852d68

mipsel architecture (MIPS (Little Endian))

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_mipsel.deb
    Size/MD5 checksum:  1483882 08845c3905f49deee47a32ec6f141e01
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_mipsel.deb
    Size/MD5 checksum:  1483826 f498fa3e3266fadf9455624b888e3e11
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_mipsel.deb
    Size/MD5 checksum:   335516 90293d75d806c9f0e9e2cb0808be8a03
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_mipsel.deb
    Size/MD5 checksum:  1484294 09f5eecfa682de17906ae9fab9e490cd

powerpc architecture (PowerPC)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_powerpc.deb
    Size/MD5 checksum:  1385530 66197219a21450010715aa61d5b63026
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_powerpc.deb
    Size/MD5 checksum:   336260 642dc7dc6ca14af4c1c97d0e0f8cb23a
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_powerpc.deb
    Size/MD5 checksum:  1386120 15e00fa3f3c728902fdf6a64b6528ea2
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_powerpc.deb
    Size/MD5 checksum:  1385434 ea1138910698ebef3337537d1932ca42

s390 architecture (IBM S/390)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_s390.deb
    Size/MD5 checksum:  1194316 5e5f8199585fb6fcf5c8172d2744be03
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_s390.deb
    Size/MD5 checksum:  1194618 b83b1a8b33b8321260af0ac1528c9910
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_s390.deb
    Size/MD5 checksum:   336242 1fc6dda424f7529cc278080d02843034
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_s390.deb
    Size/MD5 checksum:  1194362 68dbcf90234bc1de031663c253a4c416

sparc architecture (Sun SPARC/UltraSPARC)

  
http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge5_sparc.deb
    Size/MD5 checksum:   336256 0f6b5e98f6540f55f6e8fd7bfa7f3134
  
http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge5_sparc.deb
    Size/MD5 checksum:  1326176 41af440700265be09e94ca88f59dd96c
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge5_sparc.deb
    Size/MD5 checksum:  1327002 b801913a67e8bed0765f0ea35e588cac
Don't know where to look next? 
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software:Learn more about Pantek's Technical Support offerings
Place an order for 24/7/365 Technical Support here
Learn more about Pantek, who we are, and what we do
Chat with a Live Operator
Related lists.debian.org Links
debian-announce
debian-apache
debian-arm-changes
debian-beowulf
debian-boot
debian-cd
debian-cd-vendors
debian-changes
debian-changes-digest
debian-isp
debian-kde
debian-laptop
debian-mirrors-announce
debian-news
debian-security
debian-security-announce
debian-testing
debian-user
debian-user-digest
Request more information about Pantek
  
http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge5_sparc.deb
    Size/MD5 checksum:  1326220 23a77450f96324bc0149b3539b04bb56

Can't find what you're looking for?

Debian GNU/Linux 4.0 alias etch

- --------------------------------