Debian Security Advisory DSA 813-1 (centericq)

The remote host is missing an update to centericq announced via advisory DSA 813-1. Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2369 Multiple integer signedness errors may allow remote attackers to cause a denial of service or execute arbitrary code. CVE-2005-2370 Memory alignment errors may allows remote attackers to cause a denial of service on certain architectures such as sparc. CVE-2005-2448 Several endianness errors may allow remote attackers to cause a denial of service. The old stable distribution (woody) is not affected by these problems.

For the stable distribution (sarge) these problems have been fixed in version 4.20.0-1sarge2. For the unstable distribution (sid) these problems have been fixed in version 4.20.0-9. We recommend that you upgrade your centericq package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20813-1