pidgin (1:2.6.2-1ubuntu7.3) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
libpurple/protocols/msn/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/69_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/plugins/perl/common/Util.xs,
libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
- CVE-2010-3711
Date: Wed, 03 Nov 2010 09:02:12 -0400
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/karmic/+source/pidgin/1:2.6.2-1ubuntu7.3
Format: 1.8
Date: Wed, 03 Nov 2010 09:02:12 -0400
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev
libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.6.2-1ubuntu7.3
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
finch - text-based multi-protocol instant messaging client
finch-dev - text-based multi-protocol instant messaging client - development
libpurple-bin - multi-protocol instant messaging library - extra utilities
libpurple-dev - multi-protocol instant messaging library - development files
libpurple0 - multi-protocol instant messaging library
pidgin - graphical multi-protocol instant messaging client for X
pidgin-data - multi-protocol instant messaging client - data files
pidgin-dbg - Debugging symbols for Pidgin
pidgin-dev - multi-protocol instant messaging client - development files
Changes:
pidgin (1:2.6.2-1ubuntu7.3) karmic-security; urgency=low
.
* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
libpurple/protocols/msn/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/69_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/plugins/perl/common/Util.xs,
libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
- CVE-2010-3711
Checksums-Sha1:
bd910895e8859219fa21306b61beb5ee2e6eaf7e 2663 pidgin_2.6.2-1ubuntu7.3.dsc
6bf796dda41d54e463f1baca193797a3903ad901 69189 pidgin_2.6.2-1ubuntu7.3.diff.gz
Checksums-Sha256:
4a0a419edc13d6e3d4d1172e1f1e29c2c4866b68ffe6c7b28dfcad6e01313f88 2663
pidgin_2.6.2-1ubuntu7.3.dsc
1a5cfbfed3c1b198b81c7cd11687f02d48beec395c90ff13b7e98f4befa8a94f 69189
pidgin_2.6.2-1ubuntu7.3.diff.gz
Files:
44bdd8e9998600fe412257c07e35dd0a 2663 net optional pidgin_2.6.2-1ubuntu7.3.dsc
31240de647279ce482dcae85476dbcb1 69189 net optional
pidgin_2.6.2-1ubuntu7.3.diff.gz
Launchpad-Bugs-Fixed: 666998
Original-Maintainer: Ari Pollak <[email protected]>
--
Karmic-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/karmic-changes
