drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Ekiga
| Name: |
Denial of Service in Ekiga |
|
| ID: |
FEDORA-2013-2890 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 17 |
|
| Datum: |
Mo, 4. März 2013, 15:34 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5621 |
|
| Applikationen: |
Ekiga |
|
Originalnachricht |
Name : ekiga
Product : Fedora 17
Version : 4.0.1
Release : 1.fc17
URL : http://www.ekiga.org/
Summary : A Gnome based SIP/H323 teleconferencing application
Description :
Ekiga is a tool to communicate with video and audio over the internet.
It uses the standard SIP and H323 protocols.
-------------------------------------------------------------------------------
-
Update Information:
New upstream ekiga 4.0.1 release
* Core fixes
- Fix crash when quitting ekiga while receiving presence information
- Fix crash when quitting ekiga right after starting it (before STUN ending)
- Fix crash when disabling an account while icons in roster are changing
- Fix crash when receiving call a second time
- Fix crash in XML parsing in case of malicious code (CVE-2012-5621)
- Fix increasing CPU usage after hours of usage caused by endless OPTIONS
- Several fixes for H.323:
- fix H.323 parsing
- add the username in authentication
- fix unregistering the gatekeeper
- fix registration
- assign gk_name only if success
- do not propose adding an H.323 account if the protocol is not built-in
- Fix registration for registrars accepting the last Contact item offered
- Allow to change the REGISTER compatibility mode of an existing registration
- Fix impossibility to hangup active call after a missed call
- Fix busy or call forwarding on busy occuring when connection is released
- Fix subscribing/unsubscribing when enabling and disabling SIP accounts
- Do not show is-typing messages sent by other programs during chatting
- Stop ongoing registration when remove account
- Use meaningful names for ALSA sub-devices
- Allow to enter contact addresses without host part, and choose the host
later
- Increase number of characters shown in device names
- Use a better icon for call history in addressbook
- Show the address instead of "telephoneNumber" in addressbook
- Deactivate NullAudio ptlib's device for audio input too
- Do not send OPTIONS messages once the account is disabled
- Hide the main window immediately on exit
- Handle xa status as away
- Fix debugging message when registering
- Fix race condition leading to duplicate entry in call history
- Fix incoming call if two INVITE's in a fork arrive very close together
- Use correct username in OPTIONS messages
- Allow to have message waiting indication even if asterisk's vmexten is
off
- Send OPTION only on the right interface
- Fix buttons direction in dialpad for RTL languages
- Fix aborting RTP receiver with Polycom HDX8000
- Fix possible incorrect jitter calculation for RTCP
- Only kill REGISTER/SUBSCRIBE forks if a "try again" response is
received
- Various other fixes
* Distributor-visible changes
* Build fixes
- Fix building opal when java SDK installed and swig is not
- Some code cleanup
* Translation updates
- Update translations: fr, ml, pt_BR
- Update help translations: pt_BR
-------------------------------------------------------------------------------
-
ChangeLog:
* Wed Feb 20 2013 Peter Robinson <pbrobinson@fedoraproject.org> 4.0.1-1
- Ekiga 4.0.1 stable release - Changelog
http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.1.news
* Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora@m4x.org> - 4.0.0-3
- Rebuild for Boost-1.53.0
* Tue Dec 25 2012 Bruno Wolff III <bruno@wolff.to> 4.0.0-2
- Rebuild for libcamel soname bump
* Mon Nov 26 2012 Peter Robinson <pbrobinson@fedoraproject.org> 4.0.0-1
- Ekiga 4.0.0 stable release - Changelog
http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news
* Tue Nov 20 2012 Milan Crha <mcrha@redhat.com> - 3.9.90-3
- Rebuild against newer evolution-data-server
* Thu Oct 25 2012 Milan Crha <mcrha@redhat.com> - 3.9.90-2
- Rebuild against newer evolution-data-server
* Sat Aug 25 2012 Peter Robinson <pbrobinson@fedoraproject.org> -
3.9.90-1
- Ekiga 3.9.90 devel - Changelog
ftp://ftp.gnome.org/pub/gnome/sources/ekiga/3.9/ekiga-3.9.90.news
* Wed Jul 18 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 3.3.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #883058 - CVE-2012-5621 ekiga: DoS (crash) after receiving call
from other party with not UTF-8 valid name
https://bugzilla.redhat.com/show_bug.cgi?id=883058
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update ekiga' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
