* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/93_CVE-2010-1624.patch: make sure body is valid in
libpurple/protocols/msn/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/94_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/plugins/perl/common/Util.xs,
libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 08:51:08 -0400
This bug was fixed in the package pidgin - 1:2.6.6-1ubuntu4.1
--------------- 6-1ubuntu4. 1) lucid-security; urgency=low
pidgin (1:2.6.
* SECURITY UPDATE: denial of service via custom emoticon patches/ 93_CVE- 2010-1624. patch: make sure body is valid in /protocols/ msn/slp. c. patches/ 94_CVE- 2010-3711. patch: correctly handle base64_ decode return codes in libpurple/ntlm.c, /plugins/ perl/common/ Util.xs, /protocols/ {jabber/ auth_digest_ md5.c,msn/ slp.c, message. c,oscar/ clientlogin. c,qq/im. c,yahoo/ libymsg. c}.
- debian/
libpurple
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/
purple_
libpurple
libpurple
myspace/
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 08:51:08 -0400