Format: 1.8
Date: Sun, 08 Jul 2012 18:14:21 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: sparc sparc_translations
Version: 1:2.6.6-1ubuntu4.5
Distribution: lucid
Urgency: low
Maintainer: Ubuntu/sparc Build Daemon <buildd@artigas.buildd>
Changed-By: Tyler Hicks <tyhicks@canonical.com>
Description: 
 finch      - text-based multi-protocol instant messaging client
 finch-dev  - text-based multi-protocol instant messaging client - development
 libpurple-bin - multi-protocol instant messaging library - extra utilities
 libpurple-dev - multi-protocol instant messaging library - development files
 libpurple0 - multi-protocol instant messaging library
 pidgin     - graphical multi-protocol instant messaging client for X
 pidgin-data - multi-protocol instant messaging client - data files
 pidgin-dbg - Debugging symbols for Pidgin
 pidgin-dev - multi-protocol instant messaging client - development files
Launchpad-Bugs-Fixed: 958208 958208 958208 958208 996691 1022012
Changes: 
 pidgin (1:2.6.6-1ubuntu4.5) lucid-security; urgency=low
 .
   * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
     messages (LP: #958208)
     - debian/patches/98_CVE-2011-4601.patch: Validate incoming messages to
       enforce proper UTF-8 encoding. Based on upstream patch.
     - CVE-2011-4601
   * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
     and video chat requests (LP: #958208)
     - debian/patches/98_CVE-2011-4602.patch: Validate fields in incoming voice
       and video chat requests. Based on upstream patch.
     - CVE-2011-4602
   * SECURITY UPDATE: Remote denial of service via specially crafted SILC
     messages (LP: #958208)
     - debian/patches/98_CVE-2011-4603.patch: Validate incoming messages to
       enforce proper UTF-8 encoding. Based on upstream patch.
     - CVE-2011-4603
   * SECURITY UPDATE: Information disclosure
     - debian/patches/98_CVE-2011-4922.patch: Properly clear memory regions
       when freeing memory containing security-sensitive data. Based on
       upstream patch.
     - CVE-2011-4922
   * SECURITY UPDATE: Remote denial of service via specially crafted MSN
     offline messages (LP: #958208)
     - debian/patches/98_CVE-2012-1178.patch: Convert incoming offline messages
       to UTF-8 if they are not already UTF-8. Based on upstream patch.
     - CVE-2012-1178
   * SECURITY UPDATE: Remote denial of service via specially crafted MSN
     messages (LP: #996691)
     - debian/patches/98_CVE-2012-2318.patch: Convert incoming messages to UTF-8,
       then validate the messages. Based on upstream patch.
     - CVE-2012-2318
   * SECURITY UPDATE: Remote denial of service via specially crafted MXit
     messages (LP: #1022012)
     - debian/patches/98_CVE-2012-3374.patch: Use dynamically allocated memory
       instead of a fixed size buffer. Based on upstream patch.
     - CVE-2012-3374
Checksums-Sha1: 
 355ca5f19a7b2fca2648277d200cb131767557ea 1872610 libpurple0_2.6.6-1ubuntu4.5_sparc.deb
 e56f1d6b3f806c408de85491ae6601c0ee950c3f 7745090 pidgin_2.6.6-1ubuntu4.5_sparc_translations.tar.gz
 9073f1d4f2acf1f5b15b64dd85c312f5b90ea9d9 586602 pidgin_2.6.6-1ubuntu4.5_sparc.deb
 f18e1baf872f24121bdcd012a5446d33c98c6ed5 5815370 pidgin-dbg_2.6.6-1ubuntu4.5_sparc.deb
 036d531940939be7055d79e837e5e42c32bb48c3 232614 finch_2.6.6-1ubuntu4.5_sparc.deb
Checksums-Sha256: 
 1acdbd5e25a2926c022eadd7356b63dd9a54f8ca0472e2d9527e4e1a41f36f36 1872610 libpurple0_2.6.6-1ubuntu4.5_sparc.deb
 5849c2ca11bf8bb78f2949d852152b6637fd7990fb516200b9a15839998f65c2 7745090 pidgin_2.6.6-1ubuntu4.5_sparc_translations.tar.gz
 159ebab89be7dd844adfec0b808c8cb94ea99160ee6621c8adee7f2b686b0ddb 586602 pidgin_2.6.6-1ubuntu4.5_sparc.deb
 9ea4ba37df1a913c28dd82ec34d17c4ed7eb0df646ce99192fb7c62732c06e04 5815370 pidgin-dbg_2.6.6-1ubuntu4.5_sparc.deb
 584d94ad7abc1335f65331bdd71f4d23eaf7550738084e2dd283d61bc359832d 232614 finch_2.6.6-1ubuntu4.5_sparc.deb
Files: 
 ebc93f93615e977896c7aa39eea50a1c 1872610 net optional libpurple0_2.6.6-1ubuntu4.5_sparc.deb
 1a1c14a784c65e48337ce2a4f1843e9c 7745090 raw-translations - pidgin_2.6.6-1ubuntu4.5_sparc_translations.tar.gz
 d0e383088722fb85fc0bbf122bfb2869 586602 net optional pidgin_2.6.6-1ubuntu4.5_sparc.deb
 134f51d6371448592afe65d1da5c4385 5815370 debug extra pidgin-dbg_2.6.6-1ubuntu4.5_sparc.deb
 96167e87c704b1cbabf89af7af5c708c 232614 net optional finch_2.6.6-1ubuntu4.5_sparc.deb
Original-Maintainer: Ari Pollak <ari@debian.org>