-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package: gaim Version: 1:1.2.1-1.4 Severity: normal Tags: security
Gaim in Sarge appears to be affected by CVE-2005-2369: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2369 When 1:1.5.0-1 was uploaded to unstable it resolved this problem (and it has since migrated to testing), but the issue still remains in Sarge. The issue has to do with libgadu (part of ekg) which is bundled with gaim. Other similar issues having to do with this library were fixed in 1:1.4.0-5 were CVE-2005-2370, CVE-2005-2102, CVE-2005-2370, and CVE-2005-2103 but CVE-2005-2369 seems to have slipped through. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD2Ysb9n4qXRzy1ioRAg4fAJ9tDvJIgHQA/QRRraYbs+M83XbsdwCdGfFq RojPIk8SzeL1L+wlc/oplko= =4jJJ -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

