[ubuntu/jaunty-security] pidgin_2.5.5-1ubuntu8.6_amd64_translations.tar.gz, pidgin_2.5.5-1ubuntu8.6_powerpc_translations.tar.gz, pidgin_2.5.5-1ubuntu8.6_lpia_translations.tar.gz, pidgin_2.5.5-1ubuntu8.6_ia64_translations.tar.gz, pidgin, pidgin_2.5.5-1ubuntu8.6_sparc_translations.tar.gz (delayed), pidgin_2.5.5-1ubuntu8.6_armel_translations.tar.gz, pidgin_2.5.5-1ubuntu8.6_hppa_translations.tar.gz, pidgin_2.5.5-1ubuntu8.6_i386_translations.tar.gz 1:2.5.5-1ubuntu8.6 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Feb 22 16:04:43 GMT 2010
pidgin (1:2.5.5-1ubuntu8.6) jaunty-security; urgency=low
* SECURITY UPDATE: denial of service via malformed SLP message
- debian/patches/85_security_CVE-2010-0277.patch: validate input in
libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
- CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
- debian/patches/86_security_CVE-2010-0420.patch: properly unescape
text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
- CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
- debian/patches/87_security_CVE-2010-0423.patch: limit the number of
smileys in pidgin/gtkimhtml.c.
- CVE-2010-0423
Date: Thu, 18 Feb 2010 14:37:45 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/pidgin/1:2.5.5-1ubuntu8.6
-------------- next part --------------
Format: 1.8
Date: Thu, 18 Feb 2010 14:37:45 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.5.5-1ubuntu8.6
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
finch - text-based multi-protocol instant messaging client
finch-dev - text-based multi-protocol instant messaging client - development
libpurple-bin - multi-protocol instant messaging library - extra utilities
libpurple-dev - multi-protocol instant messaging library - development files
libpurple0 - multi-protocol instant messaging library
pidgin - graphical multi-protocol instant messaging client for X
pidgin-data - multi-protocol instant messaging client - data files
pidgin-dbg - Debugging symbols for Pidgin
pidgin-dev - multi-protocol instant messaging client - development files
Changes:
pidgin (1:2.5.5-1ubuntu8.6) jaunty-security; urgency=low
.
* SECURITY UPDATE: denial of service via malformed SLP message
- debian/patches/85_security_CVE-2010-0277.patch: validate input in
libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
- CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
- debian/patches/86_security_CVE-2010-0420.patch: properly unescape
text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
- CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
- debian/patches/87_security_CVE-2010-0423.patch: limit the number of
smileys in pidgin/gtkimhtml.c.
- CVE-2010-0423
Checksums-Sha1:
13b352697e3fa4aa0c5f22413c8af409ce8ed610 1936 pidgin_2.5.5-1ubuntu8.6.dsc
f623f63f1a1342e30463905a1700daf7517a2797 140144 pidgin_2.5.5-1ubuntu8.6.diff.gz
Checksums-Sha256:
5db136cda3e60b02cd2e74f3e56f7c0dcb0945594b16ff644014f79358c018f4 1936 pidgin_2.5.5-1ubuntu8.6.dsc
d17e876232996a235a1f36cfaee6d97de87953fcc1f8dbb78012f5070fc48644 140144 pidgin_2.5.5-1ubuntu8.6.diff.gz
Files:
0b81369fb50ebf6405a506b64ee73be2 1936 net optional pidgin_2.5.5-1ubuntu8.6.dsc
8ec4f9a1db1b267c725dd840a26a277f 140144 net optional pidgin_2.5.5-1ubuntu8.6.diff.gz
Original-Maintainer: Ari Pollak <ari at debian.org>
More information about the Jaunty-changes
mailing list