drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Ekiga
Name: |
Denial of Service in Ekiga |
|
ID: |
FEDORA-2013-2890 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 17 |
|
Datum: |
Mo, 4. März 2013, 15:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5621 |
|
Applikationen: |
Ekiga |
|
Originalnachricht |
Name : ekiga Product : Fedora 17 Version : 4.0.1 Release : 1.fc17 URL : http://www.ekiga.org/ Summary : A Gnome based SIP/H323 teleconferencing application Description : Ekiga is a tool to communicate with video and audio over the internet. It uses the standard SIP and H323 protocols.
------------------------------------------------------------------------------- - Update Information:
New upstream ekiga 4.0.1 release
* Core fixes
- Fix crash when quitting ekiga while receiving presence information
- Fix crash when quitting ekiga right after starting it (before STUN ending)
- Fix crash when disabling an account while icons in roster are changing
- Fix crash when receiving call a second time
- Fix crash in XML parsing in case of malicious code (CVE-2012-5621)
- Fix increasing CPU usage after hours of usage caused by endless OPTIONS
- Several fixes for H.323:
- fix H.323 parsing
- add the username in authentication
- fix unregistering the gatekeeper
- fix registration
- assign gk_name only if success
- do not propose adding an H.323 account if the protocol is not built-in
- Fix registration for registrars accepting the last Contact item offered
- Allow to change the REGISTER compatibility mode of an existing registration
- Fix impossibility to hangup active call after a missed call
- Fix busy or call forwarding on busy occuring when connection is released
- Fix subscribing/unsubscribing when enabling and disabling SIP accounts
- Do not show is-typing messages sent by other programs during chatting
- Stop ongoing registration when remove account
- Use meaningful names for ALSA sub-devices
- Allow to enter contact addresses without host part, and choose the host later
- Increase number of characters shown in device names
- Use a better icon for call history in addressbook
- Show the address instead of "telephoneNumber" in addressbook
- Deactivate NullAudio ptlib's device for audio input too
- Do not send OPTIONS messages once the account is disabled
- Hide the main window immediately on exit
- Handle xa status as away
- Fix debugging message when registering
- Fix race condition leading to duplicate entry in call history
- Fix incoming call if two INVITE's in a fork arrive very close together
- Use correct username in OPTIONS messages
- Allow to have message waiting indication even if asterisk's vmexten is off
- Send OPTION only on the right interface
- Fix buttons direction in dialpad for RTL languages
- Fix aborting RTP receiver with Polycom HDX8000
- Fix possible incorrect jitter calculation for RTCP
- Only kill REGISTER/SUBSCRIBE forks if a "try again" response is received
- Various other fixes
* Distributor-visible changes
* Build fixes
- Fix building opal when java SDK installed and swig is not
- Some code cleanup
* Translation updates
- Update translations: fr, ml, pt_BR
- Update help translations: pt_BR ------------------------------------------------------------------------------- - ChangeLog:
* Wed Feb 20 2013 Peter Robinson <pbrobinson@fedoraproject.org> 4.0.1-1 - Ekiga 4.0.1 stable release - Changelog http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.1.news * Sat Feb 9 2013 Denis Arnaud <denis.arnaud_fedora@m4x.org> - 4.0.0-3 - Rebuild for Boost-1.53.0 * Tue Dec 25 2012 Bruno Wolff III <bruno@wolff.to> 4.0.0-2 - Rebuild for libcamel soname bump * Mon Nov 26 2012 Peter Robinson <pbrobinson@fedoraproject.org> 4.0.0-1 - Ekiga 4.0.0 stable release - Changelog http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news * Tue Nov 20 2012 Milan Crha <mcrha@redhat.com> - 3.9.90-3 - Rebuild against newer evolution-data-server * Thu Oct 25 2012 Milan Crha <mcrha@redhat.com> - 3.9.90-2 - Rebuild against newer evolution-data-server * Sat Aug 25 2012 Peter Robinson <pbrobinson@fedoraproject.org> - 3.9.90-1 - Ekiga 3.9.90 devel - Changelog ftp://ftp.gnome.org/pub/gnome/sources/ekiga/3.9/ekiga-3.9.90.news * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #883058 - CVE-2012-5621 ekiga: DoS (crash) after receiving call from other party with not UTF-8 valid name https://bugzilla.redhat.com/show_bug.cgi?id=883058 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update ekiga' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|