Log in

No account? Create an account

anatomy · of · distance

Gaim full of holes

Recent Entries · Archive · Friends · Profile

* * *
Critical security holes found in Gaim, the Linux IM client; these holes are pretty serious and allow any script kiddie to 0wn your account and (given a local-root exploit) your machine merely by throwing packets at you. Mind you, the Gaim maintainers aren't releasing a new version until the other changes they had in mind are good and ready, so the onus is on the user to download the source, patch it and compile it.

I wonder how long it'll take Debian to get a fixed Gaim .deb; given that it usually takes 2-4 weeks for Gaim to propagate through the Debian system, I wouldn't hold my breath.
Current Music:
Interpol - Obstacle 2
* * *
* * *
[User Picture]
On February 4th, 2004 08:53 am (UTC), hilker commented:
Fixed .debs have been in sid since the 27th (not for arm, mipsel or s390 yet), and can be downloaded here and installed manually using dpkg.
Replies Frozen · Thread
[User Picture]
On February 4th, 2004 09:44 pm (UTC), kineticfactory replied:
Thanks. That's the version I've been using for the past week or so.
Replies Frozen · Parent · Thread
* * *

Previous Entry · Share · Flag · Next Entry