Format: 1.7
Date: Mon, 26 Nov 2007 16:32:57 +0100
Source: pidgin
Binary: finch finch-dev gaim libpurple-bin libpurple-dev libpurple0 pidgin pidgin-data pidgin-dbg pidgin-dev
Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 all ia64_translations ia64 lpia_translations lpia powerpc_translations powerpc source sparc_translations sparc
Version: 1:2.2.1-1ubuntu4.1
Distribution: gutsy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel@lists.ubuntu.com>
Changed-By: Stephan Hermann <sh@sourcecode.de>
Description:
 finch      - text-based multi-protocol instant messaging client
 libpurple0 - multi-protocol instant messaging library
 pidgin     - graphical multi-protocol instant messaging client for X
 pidgin-dbg - Debugging symbols for Pidgin
 finch-dev  - text-based multi-protocol instant messaging client - development
 gaim       - transitional package to Pidgin
 libpurple-bin - multi-protocol instant messaging library - extra utilities
 libpurple-dev - multi-protocol instant messaging library - development files
 pidgin-data - multi-protocol instant messaging client - data files
 pidgin-dev - multi-protocol instant messaging client - development files
Changes:
 pidgin (1:2.2.1-1ubuntu4.1) gutsy-security; urgency=low
 .
   * SECURITY UPDATE: (LP: #158400)
     + CVE-2007-4999: libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML
       logging, allows remote attackers to cause a denial of service (NULL
       dereference and application crash) via a message that contains invalid HTML
       data, a different vector than CVE-2007-4996.
   * debian/patches/99_CVE-2007-4999.patch:
     - Applied patch by upstream
     - Link: http://developer.pidgin.im/viewmtn/revision/diff/0810c68ce97a8213a5edbf5ffe7c1418915d3dfe/with/aff089bc73ecc6fe8ebbeac670db8be13511fcf4
   * References:
     CVE-2007-4999
     http://developer.pidgin.im/ticket/3436
Files:
 93e5eb84e32f3fba7de5270faf909a2d 646292 net optional pidgin_2.2.1-1ubuntu4.1_amd64.deb
 2346db2097b3733ec556748d61a5d804 7738318 raw-translations - pidgin_2.2.1-1ubuntu4.1_amd64_translations.tar.gz
 31271504b5a4fc8192d713d09da99daf 4871182 net extra pidgin-dbg_2.2.1-1ubuntu4.1_amd64.deb
 6d00e43ef0be60fe2c5db3e1cde48127 310910 net optional finch_2.2.1-1ubuntu4.1_amd64.deb
 4c74db778897bed1782afea6a1c38742 1565274 net optional libpurple0_2.2.1-1ubuntu4.1_amd64.deb
 74cd5a0ffc98102664fd724063a09e72 681208 net optional pidgin_2.2.1-1ubuntu4.1_hppa.deb
 3272c709c96a3261affddb288ed58203 7738665 raw-translations - pidgin_2.2.1-1ubuntu4.1_hppa_translations.tar.gz
 183c81ac68fa55d6c3469c3a185b71da 4764422 net extra pidgin-dbg_2.2.1-1ubuntu4.1_hppa.deb
 cf8e9d5d0e14dc43cc71591c97a6808d 325832 net optional finch_2.2.1-1ubuntu4.1_hppa.deb
 3ba6363bd9cd9f7f4ee0e3005a5b311e 1713728 net optional libpurple0_2.2.1-1ubuntu4.1_hppa.deb
 6cab724db2fd3ece0efcd96ee0af4337 1390274 net optional pidgin-data_2.2.1-1ubuntu4.1_all.deb
 fb72d11884ceb2441863438777dcfc5c 12794346 raw-translations - pidgin_2.2.1-1ubuntu4.1_i386_translations.tar.gz
 e554277403d304d530540038162211d8 200036 devel optional pidgin-dev_2.2.1-1ubuntu4.1_all.deb
 2bd8553c5f54c1d801c2cba0033ecad3 143250 devel optional finch-dev_2.2.1-1ubuntu4.1_all.deb
 30c57242ae1fe458d4ec383289321045 257104 libdevel optional libpurple-dev_2.2.1-1ubuntu4.1_all.deb
 a6de723a4cac478c862eb0a3104934aa 123518 net optional libpurple-bin_2.2.1-1ubuntu4.1_all.deb
 4f93e518b726f52c8b80de02ad1625d0 118784 net optional gaim_2.2.1-1ubuntu4.1_all.deb
 9bb6a73b205318fb3129f8b259711ce5 603440 net optional pidgin_2.2.1-1ubuntu4.1_i386.deb
 21ea33720d2fe377426090fc55b62834 4580778 net extra pidgin-dbg_2.2.1-1ubuntu4.1_i386.deb
 46a2a01d100dda87d8ac0fffbb3c12cf 292670 net optional finch_2.2.1-1ubuntu4.1_i386.deb
 ee5e546d0516add420246a17ad93b279 1453538 net optional libpurple0_2.2.1-1ubuntu4.1_i386.deb
 d4648e3527c12f6fea3f4ef6ebab81b6 867384 net optional pidgin_2.2.1-1ubuntu4.1_ia64.deb
 36f3588f98e14445c57fae0236b24d9b 7738684 raw-translations - pidgin_2.2.1-1ubuntu4.1_ia64_translations.tar.gz
 aaede1ee8e067a11738c07f7be6d6e8d 4569360 net extra pidgin-dbg_2.2.1-1ubuntu4.1_ia64.deb
 e47f176108bbf0ee72a7492797679de9 392452 net optional finch_2.2.1-1ubuntu4.1_ia64.deb
 1a1503fac54b8586cdac77ad5f02098e 2039478 net optional libpurple0_2.2.1-1ubuntu4.1_ia64.deb
 529e0d29753d8030a246834330b51727 601896 net optional pidgin_2.2.1-1ubuntu4.1_lpia.deb
 63aca0fe8fbb1ec6b36f42109f7d3b1d 7738664 raw-translations - pidgin_2.2.1-1ubuntu4.1_lpia_translations.tar.gz
 6558adda74f948681fca8268cf410c6b 4890678 net extra pidgin-dbg_2.2.1-1ubuntu4.1_lpia.deb
 86043998a04e3ef4df47801222776c06 291780 net optional finch_2.2.1-1ubuntu4.1_lpia.deb
 6d16858e2952aacd9ada2b5a92262686 1431146 net optional libpurple0_2.2.1-1ubuntu4.1_lpia.deb
 2f8ee075a90426ed3bdc6a937647b25f 678294 net optional pidgin_2.2.1-1ubuntu4.1_powerpc.deb
 48861ab60f670dec9bc9f5ee5d4e9fd6 7738352 raw-translations - pidgin_2.2.1-1ubuntu4.1_powerpc_translations.tar.gz
 5c341ab354bff24a7a123b56ca33282c 4842230 net extra pidgin-dbg_2.2.1-1ubuntu4.1_powerpc.deb
 98586b4303b729c727bd72ba925a06f5 326628 net optional finch_2.2.1-1ubuntu4.1_powerpc.deb
 0625ae9b6eb0695e11aae31dbc596cad 1631546 net optional libpurple0_2.2.1-1ubuntu4.1_powerpc.deb
 c8f381c53df16c7c48f37d1791456181 1467 net optional pidgin_2.2.1-1ubuntu4.1.dsc
 96089eb50a7b671e85ae34579d261a13 50647 net optional pidgin_2.2.1-1ubuntu4.1.diff.gz
 113d0464160560a69c773c79d686e1c7 609512 net optional pidgin_2.2.1-1ubuntu4.1_sparc.deb
 9588a219a4eb0a3c59868d59dd777aa1 7739406 raw-translations - pidgin_2.2.1-1ubuntu4.1_sparc_translations.tar.gz
 865d1edbe88878f3bc06bd13d4857edc 4445306 net extra pidgin-dbg_2.2.1-1ubuntu4.1_sparc.deb
 29c52f55d7f31251ee2abe3812741083 294508 net optional finch_2.2.1-1ubuntu4.1_sparc.deb
 46e3727c77c4ce6e45787820fff46728 1482860 net optional libpurple0_2.2.1-1ubuntu4.1_sparc.deb
Launchpad-Bugs-Fixed: 158400
Original-Maintainer: Robert McQueen <robot101@debian.org>