pidgin (1:2.2.1-1ubuntu4.1) gutsy-security; urgency=low
* SECURITY UPDATE: (LP: #158400) + CVE-2007-4999: libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996. * debian/patches/99_CVE-2007-4999.patch: - Applied patch by upstream - Link: http://developer.pidgin.im/viewmtn/revision/diff/0810c68ce97a8213a5edbf5ffe7c1418915d3dfe/with/aff089bc73ecc6fe8ebbeac670db8be13511fcf4 * References: CVE-2007-4999 http://developer.pidgin.im/ticket/3436
-- Stephan Hermann <email address hidden> Mon, 26 Nov 2007 16:32:57 +0100
pidgin (1:2.2. 1-1ubuntu4. 1) gutsy-security; urgency=low
* SECURITY UPDATE: (LP: #158400) patches/ 99_CVE- 2007-4999. patch: developer. pidgin. im/viewmtn/ revision/ diff/0810c68ce9 7a8213a5edbf5ff e7c1418915d3dfe /with/aff089bc7 3ecc6fe8ebbeac6 70db8be13511fcf 4 developer. pidgin. im/ticket/ 3436
+ CVE-2007-4999: libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML
logging, allows remote attackers to cause a denial of service (NULL
dereference and application crash) via a message that contains invalid HTML
data, a different vector than CVE-2007-4996.
* debian/
- Applied patch by upstream
- Link: http://
* References:
CVE-2007-4999
http://
-- Stephan Hermann <email address hidden> Mon, 26 Nov 2007 16:32:57 +0100