Debian Security Advisory DSA 1318-1 (ekg)

The remote host is missing an update to ekg announced via advisory DSA 1318-1.

Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2370 It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on certain architectures such as sparc. This only affects Debian Sarge. CVE-2005-2448 It was discovered that several endianness errors may allow remote attackers to cause a denial of service. This only affects Debian Sarge. CVE-2007-1663 It was discovered that a memory leak in handling image messages may lead to denial of service. This only affects Debian Etch. CVE-2007-1664 It was discovered that a null pointer deference in the token OCR code may lead to denial of service. This only affects Debian Etch. CVE-2007-1665 It was discovered that a memory leak in the token OCR code may lead to denial of service. This only affects Debian Etch. For the oldstable distribution (sarge) these problems have been fixed in version 1.5+20050411-7. This updates lacks updated packages for the m68k architecture. They will be provided later. For the stable distribution (etch) these problems have been fixed in version 1:1.7~rc2-1etch1. For the unstable distribution (sid) these problems have been fixed in version 1:1.7~rc2-2. We recommend that you upgrade your ekg packages.

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201318-1