pidgin (1:2.5.2-0ubuntu1.7) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service via malformed SLP message
- debian/patches/93_security_CVE-2010-0277.patch: validate input in
libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
- CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
- debian/patches/93_security_CVE-2010-0420.patch: properly unescape
text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
- CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
- debian/patches/93_security_CVE-2010-0423.patch: limit the number of
smileys in pidgin/gtkimhtml.c.
- CVE-2010-0423
Date: Thu, 18 Feb 2010 14:45:12 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Core Developers <[email protected]>
https://launchpad.net/ubuntu/intrepid/+source/pidgin/1:2.5.2-0ubuntu1.7
Format: 1.8
Date: Thu, 18 Feb 2010 14:45:12 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev
libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.5.2-0ubuntu1.7
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
finch - text-based multi-protocol instant messaging client
finch-dev - text-based multi-protocol instant messaging client - development
libpurple-bin - multi-protocol instant messaging library - extra utilities
libpurple-dev - multi-protocol instant messaging library - development files
libpurple0 - multi-protocol instant messaging library
pidgin - graphical multi-protocol instant messaging client for X
pidgin-data - multi-protocol instant messaging client - data files
pidgin-dbg - Debugging symbols for Pidgin
pidgin-dev - multi-protocol instant messaging client - development files
Changes:
pidgin (1:2.5.2-0ubuntu1.7) intrepid-security; urgency=low
.
* SECURITY UPDATE: denial of service via malformed SLP message
- debian/patches/93_security_CVE-2010-0277.patch: validate input in
libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
- CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
- debian/patches/93_security_CVE-2010-0420.patch: properly unescape
text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
- CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
- debian/patches/93_security_CVE-2010-0423.patch: limit the number of
smileys in pidgin/gtkimhtml.c.
- CVE-2010-0423
Checksums-Sha1:
576a437ee19abd5b550f5bf2cb9a755d3e800923 1996 pidgin_2.5.2-0ubuntu1.7.dsc
927486bea38d85005f6a5b2a8da7593030bbbe4d 68645 pidgin_2.5.2-0ubuntu1.7.diff.gz
Checksums-Sha256:
79a5ec5122b8a9edd43f5efb6fd2c6f6e49570ac7b3b20fbc3f933f43891b891 1996
pidgin_2.5.2-0ubuntu1.7.dsc
d0485d0ad6da505efe818b327e4d5b7d893a8857b866d609255f4eeb5c9fcd6b 68645
pidgin_2.5.2-0ubuntu1.7.diff.gz
Files:
f92183d83936a98a31cba9a83076fbbd 1996 net optional pidgin_2.5.2-0ubuntu1.7.dsc
10a6edc458a50f014284b0f203623ecb 68645 net optional
pidgin_2.5.2-0ubuntu1.7.diff.gz
Original-Maintainer: Robert McQueen <[email protected]>
--
Intrepid-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/intrepid-changes
