* SECURITY UPDATE: Remote denial of service via specially crafted XMPP file
transfer requests (LP: #996691)
- debian/patches/CVE-2012-2214.patch: Properly tear down SOCKS5
connection attempts. Based on upstream patch.
- CVE-2012-2214
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
messages (LP: #996691)
- debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
then validate the messages. Based on upstream patch.
- CVE-2012-2318
* SECURITY UPDATE: Remote denial of service via specially crafted MXit
messages (LP: #1022012)
- debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
instead of a fixed size buffer. Based on upstream patch.
- CVE-2012-3374
-- Tyler Hicks <email address hidden> Sun, 08 Jul 2012 18:14:21 -0500
This bug was fixed in the package pidgin - 1:2.10.3-0ubuntu1.1
--------------- 3-0ubuntu1. 1) precise-security; urgency=low
pidgin (1:2.10.
* SECURITY UPDATE: Remote denial of service via specially crafted XMPP file patches/ CVE-2012- 2214.patch: Properly tear down SOCKS5 patches/ CVE-2012- 2318.patch: Convert incoming messages to UTF-8, patches/ CVE-2012- 3374.patch: Use dynamically allocated memory
transfer requests (LP: #996691)
- debian/
connection attempts. Based on upstream patch.
- CVE-2012-2214
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
messages (LP: #996691)
- debian/
then validate the messages. Based on upstream patch.
- CVE-2012-2318
* SECURITY UPDATE: Remote denial of service via specially crafted MXit
messages (LP: #1022012)
- debian/
instead of a fixed size buffer. Based on upstream patch.
- CVE-2012-3374
-- Tyler Hicks <email address hidden> Sun, 08 Jul 2012 18:14:21 -0500