* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
libpurple/protocols/msn/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/69_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/plugins/perl/common/Util.xs,
libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:02:12 -0400
This bug was fixed in the package pidgin - 1:2.6.2-1ubuntu7.3
--------------- 2-1ubuntu7. 3) karmic-security; urgency=low
pidgin (1:2.6.
* SECURITY UPDATE: denial of service via custom emoticon patches/ 68_CVE- 2010-1624. patch: make sure body is valid in /protocols/ msn/slp. c. patches/ 69_CVE- 2010-3711. patch: correctly handle base64_ decode return codes in libpurple/ntlm.c, /plugins/ perl/common/ Util.xs, /protocols/ {jabber/ auth.c, msn/slp. c,myspace/ message. c, clientlogin. c,qq/im. c,yahoo/ libymsg. c}.
- debian/
libpurple
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/
purple_
libpurple
libpurple
oscar/
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:02:12 -0400