[ubuntu/karmic-security] pidgin_2.6.2-1ubuntu7.1_ia64_translations.tar.gz, pidgin_2.6.2-1ubuntu7.1_sparc_translations.tar.gz (delayed), pidgin_2.6.2-1ubuntu7.1_powerpc_translations.tar.gz, pidgin_2.6.2-1ubuntu7.1_amd64_translations.tar.gz, pidgin, pidgin_2.6.2-1ubuntu7.1_lpia_translations.tar.gz, pidgin_2.6.2-1ubuntu7.1_armel_translations.tar.gz, pidgin_2.6.2-1ubuntu7.1_i386_translations.tar.gz 1:2.6.2-1ubuntu7.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Jan 18 15:03:56 GMT 2010


pidgin (1:2.6.2-1ubuntu7.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via crafted contact list data
    - debian/patches/63_security_CVE-2009-3615.patch: validate contact
      list structure in libpurple/protocols/oscar/oscar.c.
    - CVE-2009-3615
  * SECURITY UPDATE: directory traversal via custom smiley request
    (LP: #501089)
    - debian/patches/64_security_CVE-2010-0013.patch: ignore request for
      smileys that don't exist in the image store in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-0013

Date: Thu, 14 Jan 2010 11:22:13 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/pidgin/1:2.6.2-1ubuntu7.1
-------------- next part --------------
Format: 1.8
Date: Thu, 14 Jan 2010 11:22:13 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.6.2-1ubuntu7.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 finch      - text-based multi-protocol instant messaging client
 finch-dev  - text-based multi-protocol instant messaging client - development
 libpurple-bin - multi-protocol instant messaging library - extra utilities
 libpurple-dev - multi-protocol instant messaging library - development files
 libpurple0 - multi-protocol instant messaging library
 pidgin     - graphical multi-protocol instant messaging client for X
 pidgin-data - multi-protocol instant messaging client - data files
 pidgin-dbg - Debugging symbols for Pidgin
 pidgin-dev - multi-protocol instant messaging client - development files
Changes: 
 pidgin (1:2.6.2-1ubuntu7.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via crafted contact list data
     - debian/patches/63_security_CVE-2009-3615.patch: validate contact
       list structure in libpurple/protocols/oscar/oscar.c.
     - CVE-2009-3615
   * SECURITY UPDATE: directory traversal via custom smiley request
     (LP: #501089)
     - debian/patches/64_security_CVE-2010-0013.patch: ignore request for
       smileys that don't exist in the image store in
       libpurple/protocols/msn/slp.c.
     - CVE-2010-0013
Checksums-Sha1: 
 9376fc06278801caaf63c870cae239d0e5df4d6a 2022 pidgin_2.6.2-1ubuntu7.1.dsc
 3082aa71f9e929c29ec1209f7d5675591866d464 63955 pidgin_2.6.2-1ubuntu7.1.diff.gz
Checksums-Sha256: 
 7c91e6eb3557719caa435b8ae71f51fffa89c3cc95f603b93ecdef2977703d94 2022 pidgin_2.6.2-1ubuntu7.1.dsc
 13ef40e2556c4fc46129c6fbb8cc31622c6ac2a8adf620d72a171fb14faca580 63955 pidgin_2.6.2-1ubuntu7.1.diff.gz
Files: 
 e3f19b5502835db64d822ff015a6d6fe 2022 net optional pidgin_2.6.2-1ubuntu7.1.dsc
 a18508ec876180a8e846f7b03c78d402 63955 net optional pidgin_2.6.2-1ubuntu7.1.diff.gz
Launchpad-Bugs-Fixed: 501089
Original-Maintainer: Ari Pollak <ari at debian.org>


More information about the Karmic-changes mailing list