Publishing details
-
Removed from disk
.
-
Removal requested
.
-
Published
-
Copied from
ubuntu utopic in
Private PPA for Ubuntu Security Team
by Ubuntu Archive Robot
Changelog
pidgin (1:2.10.9-0ubuntu7.1) utopic-security; urgency=medium
* SECURITY UPDATE: insufficient ssl certificate validation
- debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
libpurple/certificate.c, libpurple/certificate.h,
libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
- CVE-2014-3694
* SECURITY UPDATE: denial of service via malformed MXit emoticon response
- debian/patches/CVE-2014-3695.patch: properly check lengths in
libpurple/protocols/mxit/markup.c.
- CVE-2014-3695
* SECURITY UPDATE: denial of service via malformed Groupwise message
- debian/patches/CVE-2014-3696.patch: check sizes in
libpurple/protocols/novell/nmevent.c.
- CVE-2014-3696
* SECURITY UPDATE: XMPP information leak
- debian/patches/CVE-2014-3698.patch: fix leaks in
libpurple/protocols/jabber/jutil.c.
- CVE-2014-3698
-- Marc Deslauriers <email address hidden> Mon, 27 Oct 2014 11:29:40 -0400
Builds
Package files