Ubuntu
ekg package

Change logs for ekg source package in Gutsy

Gutsy (7.10)
Change log

ekg (1:1.7~rc2-2ubuntu0.7.10.1) gutsy-security; urgency=low

  * SECURITY UPDATE: remote denial of service.
    - lib/events.c: upstream fixes.
    - CVE-2008-4776

 -- Kees Cook <email address hidden>   Sat, 06 Dec 2008 19:36:13 -0800

ekg (1:1.7~rc2-2) unstable; urgency=high

  * Security upload, for sid and etch
  * Patched three medium severity security issues in src/events.c:
    - CVE-2007-1663 A memory leak in handling image messages, which may cause
      memory exhaustion resulting in a DoS (ekg program crash). Exploitable by
      a hostile GG user.
    - CVE-2007-1664 off-by-one in token OCR function, which may cause a null
      pointer dereference resulting in a DoS (ekg program crash). Exploitable
      by MiTM (hostile HTTP proxy or TCP stream injection) or a hostile GG
      server.
    - CVE-2007-1665 potential memory exhaust in token OCR function, which may
      cause memory exhaustion resulting in a DoS (ekg program crash).
      Exploitable by MiTM (hostile HTTP proxy or TCP stream injection) or a
      hostile GG server.

 -- Michael Bienia <email address hidden>   Wed,  28 Mar 2007 14:16:11 +0100

Ubuntuekg package

Change logs for ekg source package in Gutsy

Ubuntu
ekg package