* SECURITY UPDATE: denial of service via crafted contact list data
- debian/patches/63_security_CVE-2009-3615.patch: validate contact
list structure in libpurple/protocols/oscar/oscar.c.
- CVE-2009-3615
* SECURITY UPDATE: directory traversal via custom smiley request
(LP: #501089)
- debian/patches/64_security_CVE-2010-0013.patch: ignore request for
smileys that don't exist in the image store in
libpurple/protocols/msn/slp.c.
- CVE-2010-0013
-- Marc Deslauriers <email address hidden> Thu, 14 Jan 2010 11:22:13 -0500
This bug was fixed in the package pidgin - 1:2.6.2-1ubuntu7.1
--------------- 2-1ubuntu7. 1) karmic-security; urgency=low
pidgin (1:2.6.
* SECURITY UPDATE: denial of service via crafted contact list data patches/ 63_security_ CVE-2009- 3615.patch: validate contact protocols/ oscar/oscar. c. patches/ 64_security_ CVE-2010- 0013.patch: ignore request for /protocols/ msn/slp. c.
- debian/
list structure in libpurple/
- CVE-2009-3615
* SECURITY UPDATE: directory traversal via custom smiley request
(LP: #501089)
- debian/
smileys that don't exist in the image store in
libpurple
- CVE-2010-0013
-- Marc Deslauriers <email address hidden> Thu, 14 Jan 2010 11:22:13 -0500