English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 105790 CVE descriptions
and 56160 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2867
2008-04-01 21:13:43
--------------------------------------------------------------------------------

Name        : centerim
Product     : Fedora 8
Version     : 4.22.4
Release     : 1.fc8
URL         : http://www.centerim.org/
Summary     : Text mode menu- and window-driven IM
Description :
CenterIM is a text mode menu- and window-driven IM interface that supports
the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols.
Internal RSS reader and a client for LiveJournal are provided.

--------------------------------------------------------------------------------
Update Information:

This update fixes the CVE-2008-1467 security issue by disabling the "actions"
configuration altogether. Furthermore the default web browser is no longer
configurable in CenterIM. The links get open in the default web browser
configured, using xdg-utils.    This release adds support for new versions of
Yahoo IM protocol. Unless you apply this update, you won't be able to use Yahoo
IM after April 2nd 2008.    Please note:    To avoid compatibility and
confidentiality problems with an undocumented protocol transported unencrypted
over third-party controlled network, all users of Yahoo IM protocol are
encouraged to switch to open and free alternatives, such as XMPP used in Jabber
network.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #438871 - CVE-2008-1467 CenterIM passes unescaped URLs to shell
        https://bugzilla.redhat.com/show_bug.cgi?id=438871
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update centerim' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.