Hmm we've fixed this a long time ago. CenterIM doesn't seem to have a maintainer anymore.
2009/12/7 Michael Gilbert <michael.s.gilb...@gmail.com>: > Package: centerim > Version: 4.22.7-1.1 > Severity: important > Tags: security > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for libgadu. Centerim embeds libgadu, so it is affected. > > CVE-2008-4776[0]: > | libgadu before 1.8.2 allows remote servers to cause a denial of > | service (crash) via a contact description with a large length, which > | triggers a buffer over-read. > > If you fix the vulnerability please also make sure to include the > CVE id in your changelog entry. > > For further information see: > > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776 > http://security-tracker.debian.org/tracker/CVE-2008-4776 > > > > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
