Ubuntu
pidgin-otr package

pidgin-otr security fix

Bug #1000392 reported by Jacob Appelbaum
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pidgin-otr (Ubuntu)
New
Undecided
Unassigned

Bug Description

intrigeri has discovered a format string bug in the most recently packaged versions of pidgin-otr; I've tested the patch and built fixed packages, it's quite simple and the patch is as follows:

- --- a/otr-plugin.c
+++ b/otr-plugin.c
@@ -296,7 +296,7 @@ static void still_secure_cb(void *opdata, ConnContext *conte

 static void log_message_cb(void *opdata, const char *message)
 {
- - purple_debug_info("otr", message);
+ purple_debug_info("otr", "%s", message);
 }

 static int max_message_size_cb(void *opdata, ConnContext *context)

There are two easy ways to fix this - the first is to simply bump all pidgin-otr packages to the newest version:

Source code:
    http://otr.cypherpunks.ca/pidgin-otr-3.2.1.tar.gz
gpg signature:
    http://otr.cypherpunks.ca/pidgin-otr-3.2.1.tar.gz.asc

git repository:
    git://otr.git.sourceforge.net/gitroot/otr/pidgin-otr (branch 3.2_dev)

The other is to apply the fix above.

Read more about this bug on the OTR mailing list:
http://lists.cypherpunks.ca/pipermail/otr-users/2012-May/002007.html

Jacob Appelbaum (jacob-appelbaum)
visibility: private → public
affects: netbeans (Ubuntu) → pidgin-otr (Ubuntu)
Revision history for this message
Jacob Appelbaum (jacob-appelbaum) wrote :

This is also a debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673154

Revision history for this message
Jacob Appelbaum (jacob-appelbaum) wrote :

It appears that this is a dupe but the bug system is crashing when i try to mark it as such:
https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/1000363

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.