Package: gaim-encryption Version: 2.38-1 Severity: normal When an ICQ Buddy sends a special message the application crashes. I've found the problem when i just clicked on the encryption button in the IM-Window. The other person didn't know what to do with the message since it is used for GAIM to GAIM encryption and just sent it back (copy and paste). Then my GAIM application crashed. This is reproducable even with other people's clients. The Message you need to send is:
*** Encrypted with the Gaim-Encryption plugin <A HREF=": Key: Prot NSS 1.0: Len 249 1ShR9YBpgmjZ2pCZFXQNiRCyI2dNSmC,MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCvANJpA/+j+k+RzfDwUDC6w5EHHWYEj10qd3EfHQnSK1h1L4ZjBZqnrTdaCRZFr5WvDgqjqMaUZg7NNFlfkWrJpDoW3fbSZ7eegQUbUdGwGLuqxExy+Sd2B4ngln3bPtNATcziX2ikzadCldkL4R/EFyYpc/nRWRs++ooOJ0iZQIDAQAB"></A> It does not work, when you send it from inside GAIM, but when you send it from licq it works. I think this is a serious bug. Maybe even a security hole. Regards, Jörg -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.13.4-jkur Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-1) (ignored: LC_ALL set to de_DE) Versions of packages gaim-encryption depends on: ii gaim 1:1.5.0-1 multi-protocol instant messaging c ii libc6 2.3.5-3 GNU C Library: Shared libraries an ii libnspr4 2:1.7.12-1 Netscape Portable Runtime Library ii libnss3 2:1.7.7-2 Network Security Service Libraries gaim-encryption recommends no packages. -- no debconf information
