[Secure-testing-team] Security update for Debian Testing - 2008-11-03

Jarek Kamiński jarek at vilo.eu.org
Mon Nov 3 20:22:29 UTC 2008


On Mon, Nov 03, 2008 at 02:04:55AM +0100, secure-testing-team at lists.alioth.debian.org wrote:
> This automatic mail gives an overview over security issues that were recently 
> fixed in Debian Testing. The majority of fixed packages migrate to testing 
> from unstable. If this would take too long, fixed packages are uploaded to the 
> testing-security repository instead. It can also happen that vulnerable 
> packages are removed from Debian testing.
> 
> Migrated from unstable:
> =======================
> libgadu 1:1.8.0+r592-3:
> CVE-2008-4776: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776
>                http://bugs.debian.org/503916

At first glance it looks, that kadu may also be affected. It isn't
linked to libgadu from libgadu3 package and comes with own copy of
libgadu sources (not patched). Can someone confirm that?

I won't have time to fully verify it before Friday, so excuse me, if
it's just a false alarm.

Jarek.



More information about the Secure-testing-team mailing list