[Bug 666998] Re: CVE-2010-3711 security vulnerability in pidgin < 2.7.4

Launchpad Bug Tracker Thu, 04 Nov 2010 06:21:43 -0700

This bug was fixed in the package pidgin - 1:2.4.1-1ubuntu2.10

---------------
pidgin (1:2.4.1-1ubuntu2.10) hardy-security; urgency=low


  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <[email protected]>   Wed, 03 Nov 2010 09:36:41 
-0400

-- 
CVE-2010-3711 security vulnerability in pidgin < 2.7.4
https://bugs.launchpad.net/bugs/666998
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 666998] Re: CVE-2010-3711 security vulnerability in pidgin < 2.7.4

Reply via email to