To: [email protected]Subject: [ MDVSA-2008:159 ] licq
Date: Wed, 30 Jul 2008 16:03:00 -0600
From: [email protected]
Reply-To: <xsecurity@mandriva.com.>
Message-Id: <E1KOJl6-00077Z-HF@titan.mandriva.com.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:159
http://www.mandriva.com/security/
_______________________________________________________________________
Package : licq
Date : July 30, 2008
Affected: Corporate 3.0
_______________________________________________________________________
Problem Description:
A flaw was discovered in licq versions prior to 1.3.6 that allowed
a remote attacker to cause a denial of service (crash) via a large
number of connections (CVE-2008-1996).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996
_______________________________________________________________________
Updated Packages:
Corporate 3.0:
21eeaee9cb3cf2d08ae88d8b7cf2fa37 corporate/3.0/i586/licq-1.2.6-4.1.C30mdk.i586.rpm
c34da703336360445712ef3ee0084044 corporate/3.0/i586/licq-console-1.2.6-4.1.C30mdk.i586.rpm
e96365e0de435b58da9bfa1a4eb97c05 corporate/3.0/i586/licq-devel-1.2.6-4.1.C30mdk.i586.rpm
ff6519f33221014a561cc0b58c922759 corporate/3.0/i586/licq-kde-1.2.6-4.1.C30mdk.i586.rpm
21407c1b60968e5fc53f53547dd9ead3 corporate/3.0/i586/licq-rms-1.2.6-4.1.C30mdk.i586.rpm
d8f945d6cc1d68661e86671292792570 corporate/3.0/SRPMS/licq-1.2.6-4.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
9c5b08c20bf4b3c27f48c4949989ac3e corporate/3.0/x86_64/licq-1.2.6-4.1.C30mdk.x86_64.rpm
8f0f0817583ccd0b53849fc5d4dc6b96 corporate/3.0/x86_64/licq-console-1.2.6-4.1.C30mdk.x86_64.rpm
461b4806220a35965e765d3cd74bd8df corporate/3.0/x86_64/licq-devel-1.2.6-4.1.C30mdk.x86_64.rpm
4bfd1a25ac3a1a359b3eeba8cac747a1 corporate/3.0/x86_64/licq-kde-1.2.6-4.1.C30mdk.x86_64.rpm
b5587b1c7d2aaf5976ef3690d4a2f090 corporate/3.0/x86_64/licq-rms-1.2.6-4.1.C30mdk.x86_64.rpm
d8f945d6cc1d68661e86671292792570 corporate/3.0/SRPMS/licq-1.2.6-4.1.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIkLpdmqjQ0CJFipgRAuWrAKCQJvXnfiPqkWhzBXJwbyUiQUJzCQCgpZ6Z
yPJs5VizxlzN5Wpa2QiRoQ8=
=zsIO
-----END PGP SIGNATURE-----