DSA-2102-1 barnowl -- unchecked return valueID: oval:org.secpod.oval:def:600021 | Date: (C)2011-01-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
It has been discovered that in barnowl, a curses-based instant-messaging client, the return codes of calls to the ZPending and ZReceiveNotice functions in libzephyr were not checked, allowing attackers to cause a denial of service , and possibly execute arbitrary code. For the stable distribution , this problem has been fixed in version 1.0.1-4+lenny2. For the testing distribution , this problem has been fixed in version 1.6.2-1. For the unstable distribution , this problem has been fixed in version 1.6.2-1. We recommend that you upgrade your barnowl packages.