pidgin (1:2.6.6-1ubuntu4.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service via custom emoticon - debian/patches/93_CVE-2010-1624.patch: make sure body is valid in libpurple/protocols/msn/slp.c. - CVE-2010-1624 * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998) - debian/patches/94_CVE-2010-3711.patch: correctly handle purple_base64_decode return codes in libpurple/ntlm.c, libpurple/plugins/perl/common/Util.xs, libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c, myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}. - CVE-2010-3711
Date: Wed, 03 Nov 2010 08:51:08 -0400 Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Maintainer: Ubuntu Desktop Team <ubuntu-desk...@lists.ubuntu.com> https://launchpad.net/ubuntu/lucid/+source/pidgin/1:2.6.6-1ubuntu4.1
Format: 1.8 Date: Wed, 03 Nov 2010 08:51:08 -0400 Source: pidgin Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin Architecture: source Version: 1:2.6.6-1ubuntu4.1 Distribution: lucid-security Urgency: low Maintainer: Ubuntu Desktop Team <ubuntu-desk...@lists.ubuntu.com> Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com> Description: finch - text-based multi-protocol instant messaging client finch-dev - text-based multi-protocol instant messaging client - development libpurple-bin - multi-protocol instant messaging library - extra utilities libpurple-dev - multi-protocol instant messaging library - development files libpurple0 - multi-protocol instant messaging library pidgin - graphical multi-protocol instant messaging client for X pidgin-data - multi-protocol instant messaging client - data files pidgin-dbg - Debugging symbols for Pidgin pidgin-dev - multi-protocol instant messaging client - development files Launchpad-Bugs-Fixed: 666998 Changes: pidgin (1:2.6.6-1ubuntu4.1) lucid-security; urgency=low . * SECURITY UPDATE: denial of service via custom emoticon - debian/patches/93_CVE-2010-1624.patch: make sure body is valid in libpurple/protocols/msn/slp.c. - CVE-2010-1624 * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998) - debian/patches/94_CVE-2010-3711.patch: correctly handle purple_base64_decode return codes in libpurple/ntlm.c, libpurple/plugins/perl/common/Util.xs, libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c, myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}. - CVE-2010-3711 Checksums-Sha1: 3ce0439c795fa011e977849cad7fc5e75124a5a7 2727 pidgin_2.6.6-1ubuntu4.1.dsc 488b2513b3b1d86ef776e075e15e728f86f5bf61 67576 pidgin_2.6.6-1ubuntu4.1.debian.tar.gz Checksums-Sha256: 6cf997ea80d1aaaa19dd17c02b7e07ee9b50779e1ca190880e8f2d73c942b100 2727 pidgin_2.6.6-1ubuntu4.1.dsc 4322eeb5ed0c9315d71f44f8e3c6956831c54e80d5f862e24ce553e7f0986fb1 67576 pidgin_2.6.6-1ubuntu4.1.debian.tar.gz Files: 74d2c2971488583a01c49802823b0cc9 2727 net optional pidgin_2.6.6-1ubuntu4.1.dsc ad6479976dd8bc7ba4d1ca0c2251176c 67576 net optional pidgin_2.6.6-1ubuntu4.1.debian.tar.gz Original-Maintainer: Ari Pollak <a...@debian.org>
-- Lucid-changes mailing list Lucid-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/lucid-changes