* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/94_security_CVE-2010-1624.patch: make sure body is
valid in libpurple/protocols/{msn,msnp9}/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/patches/94_security_CVE-2010-3711.patch: correctly handle
purple_base64_decode return codes in libpurple/ntlm.c,
libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
myspace/message.c,yahoo/yahoo.c}.
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:36:41 -0400
This bug was fixed in the package pidgin - 1:2.4.1-1ubuntu2.10
--------------- 1-1ubuntu2. 10) hardy-security; urgency=low
pidgin (1:2.4.
* SECURITY UPDATE: denial of service via custom emoticon patches/ 94_security_ CVE-2010- 1624.patch: make sure body is protocols/ {msn,msnp9} /slp.c. patches/ 94_security_ CVE-2010- 3711.patch: correctly handle base64_ decode return codes in libpurple/ntlm.c, /protocols/ {jabber/ auth.c, msn/slp. c,msnp9/ slp.c, message. c,yahoo/ yahoo.c} .
- debian/
valid in libpurple/
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
- debian/
purple_
libpurple
myspace/
- CVE-2010-3711
-- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:36:41 -0400