Ubuntu

“pidgin” 1:2.7.11-1ubuntu2.2 source package in Ubuntu

Changelog

pidgin (1:2.7.11-1ubuntu2.2) natty-security; urgency=low

  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374
 -- Tyler Hicks <email address hidden>   Sun, 08 Jul 2012 18:14:21 -0500

Upload details

Uploaded by:
Tyler Hicks on 2012-07-09
Uploaded to:
Natty
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
net
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
pidgin_2.7.11.orig.tar.bz2 9.5 MiB 07c2a2535b4d7436b5ec7685fe063fec
pidgin_2.7.11-1ubuntu2.2.debian.tar.gz 158.8 KiB 2598b918a2c03c4600c11207d4e52f92
pidgin_2.7.11-1ubuntu2.2.dsc 2.6 KiB 452baac404a2ae9145cf8769bf91f4fe

Binary packages built by this source

finch: No summary available for finch in ubuntu natty.

No description available for finch in ubuntu natty.

finch-dev: No summary available for finch-dev in ubuntu natty.

No description available for finch-dev in ubuntu natty.

libpurple-bin: No summary available for libpurple-bin in ubuntu natty.

No description available for libpurple-bin in ubuntu natty.

libpurple-dev: No summary available for libpurple-dev in ubuntu natty.

No description available for libpurple-dev in ubuntu natty.

libpurple0: No summary available for libpurple0 in ubuntu natty.

No description available for libpurple0 in ubuntu natty.

pidgin: No summary available for pidgin in ubuntu natty.

No description available for pidgin in ubuntu natty.

pidgin-data: No summary available for pidgin-data in ubuntu natty.

No description available for pidgin-data in ubuntu natty.

pidgin-dbg: No summary available for pidgin-dbg in ubuntu natty.

No description available for pidgin-dbg in ubuntu natty.

pidgin-dev: No summary available for pidgin-dev in ubuntu natty.

No description available for pidgin-dev in ubuntu natty.