[Bug 416306] Re: CVE-2009-2694 Security vulnerability in pidgin < 2.5.9

Kees Cook Thu, 20 Aug 2009 13:30:31 -0700

This bug was fixed in the package pidgin - 1:2.5.5-1ubuntu8.4

---------------
pidgin (1:2.5.5-1ubuntu8.4) jaunty-security; urgency=low


  * SECURITY UPDATE: arbitrary code execution via crafted MSNSLP packet
    (LP: #415863)
    - debian/patches/78_security_CVE-2009-2694.patch: properly destroy
      slpmsg in libpurple/protocols/{msn,msnp9}/slplink.c.
    - CVE-2009-2694

 -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 19 Aug 2009
12:49:11 -0400


** This bug is no longer a duplicate of bug 415863
   CVE-2009-2694: MSN overflow parsing SLP messages leads to remote 
vulnerability

** Changed in: pidgin (Ubuntu)
       Status: New => Fix Released

-- 
CVE-2009-2694 Security vulnerability in pidgin < 2.5.9
https://bugs.launchpad.net/bugs/416306
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 416306] Re: CVE-2009-2694 Security vulnerability in pidgin < 2.5.9

Reply via email to