This bug was fixed in the package pidgin - 1:2.7.3-1ubuntu3.1
---------------
pidgin (1:2.7.3-1ubuntu3.1) maverick-security; urgency=low
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/61_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/plugins/perl/common/Util.xs,
libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
- CVE-2010-3711
-- Marc Deslauriers <[email protected]> Tue, 02 Nov 2010 17:17:40
-0400
** Changed in: pidgin (Ubuntu Maverick)
Status: Confirmed => Fix Released
** Changed in: pidgin (Ubuntu Lucid)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1624
--
CVE-2010-3711 security vulnerability in pidgin < 2.7.4
https://bugs.launchpad.net/bugs/666998
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
