gaim (SSA:2004-239-01)
Posted on: 08/27/2004 07:53 AM

New gaim packages are available for Slackware 9.1, 10.0 and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.

Here are the details from the Slackware 10.0 ChangeLog:
Thu Aug 26 17:14:09 PDT 2004
Upgraded to gaim-0.82 and gaim-encryption-2.29.
Fixes several security issues:
Content-length DOS (malloc error) (no CAN ID on this one)
MSN strncpy buffer overflow (CAN-2004-0500)
Groupware message receive integer overflow (CAN-2004-0754)
Smiley theme installation lack of escaping (CAN-2004-0784)
RTF message buffer overflow, Local hostname resolution buffer overflow,
URL decode buffer overflow (these 3 are CAN-2004-0785)
For more details, see:
(* Security fix *)

Where to find the new packages:

Updated package for Slackware 9.1:

Updated package for Slackware 10.0:

Updated package for Slackware -current:

MD5 signatures:

Slackware 9.1 package:
2034d5d16ab7ea82d03f52df7b1e31c5 gaim-0.82-i486-1.tgz

Slackware 10.0 package:
1b779612c3a82f173a297e5c13dbd239 gaim-0.82-i486-1.tgz

Slackware -current package:
196d30002d2175e6eb0f90f2a9fc62d8 gaim-0.82-i486-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg gaim-0.82-i486-1.tgz

Printed from Linux Compatible (