Comment 3 for bug 666998

This bug was fixed in the package pidgin - 1:2.6.2-1ubuntu7.3

---------------
pidgin (1:2.6.2-1ubuntu7.3) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:02:12 -0400