Kopete: Vulnerability in included Gadu library Kopete is vulnerable to several input validation vulnerabilities which may lead to execution of arbitrary code. kopete July 25, 2005 July 25, 2005: 01 99754 remote 3.4.1-r1 3.3.2-r2 3.4.1-r1 3.4.1-r1 3.4.1-r1

KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. Kopete (also part of kdenetwork) is the KDE Instant Messenger.

Kopete contains an internal copy of libgadu and is therefore subject to several input validation vulnerabilities in libgadu.

A remote attacker could exploit this vulnerability to execute arbitrary code or crash Kopete.

Delete all Gadu Gadu contacts.

All Kopete users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose kde-base/kdenetwork

All KDE Split Ebuild Kopete users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=kde-base/kopete-3.4.1-r1"
KDE Security Advisory: libgadu vulnerabilities CAN-2005-1852 jaervosz jaervosz