English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 105790 CVE descriptions
and 56160 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-2869
2008-04-01 21:13:52
--------------------------------------------------------------------------------

Name        : centerim
Product     : Fedora 7
Version     : 4.22.4
Release     : 1.fc7.1
URL         : http://www.centerim.org/
Summary     : Text mode menu- and window-driven IM
Description :
CenterIM is a text mode menu- and window-driven IM interface that supports
the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols.
Internal RSS reader and a client for LiveJournal are provided.

--------------------------------------------------------------------------------
Update Information:

This update fixes the CVE-2008-1467 security issue by disabling the "actions"
configuration altogether. Furthermore the default web browser is no longer
configurable in CenterIM. The links get open in the default web browser
configured, using xdg-utils.    There won't be any update for centericq. All
users of centericq packages are advised to switch to centerim. In Fedora 7
centerim package provides symbolic link "centericq" that points to centerim
binary for compatibility with centericq. Note that centerim packages in later
releases of Fedora no longer provide this. CenterIM will automatically use
CenterICQ settings if ones are found in all releases of Fedora.    This release
adds support for new versions of Yahoo IM protocol. Unless you apply this
update, you won't be able to use Yahoo IM after April 2nd 2008.    Please note:
To avoid compatibility and confidentiality problems with an undocumented
protocol transported unencrypted over third-party controlled network, all users
of Yahoo IM protocol are encouraged to switch to open and free alternatives,
such as XMPP used in Jabber network.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #438871 - CVE-2008-1467 CenterIM passes unescaped URLs to shell
        https://bugzilla.redhat.com/show_bug.cgi?id=438871
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update centerim' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.