[ubuntu/maverick-security] pidgin_2.7.3-1ubuntu3.1_armel_translations.tar.gz, pidgin_2.7.3-1ubuntu3.1_i386_translations.tar.gz, pidgin_2.7.3-1ubuntu3.1_amd64_translations.tar.gz, pidgin, pidgin_2.7.3-1ubuntu3.1_powerpc_translations.tar.gz (delayed) 1:2.7.3-1ubuntu3.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Nov 4 13:04:04 GMT 2010


pidgin (1:2.7.3-1ubuntu3.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/61_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
      myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

Date: Tue, 02 Nov 2010 17:17:40 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/pidgin/1:2.7.3-1ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Tue, 02 Nov 2010 17:17:40 -0400
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.7.3-1ubuntu3.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 finch      - text-based multi-protocol instant messaging client
 finch-dev  - text-based multi-protocol instant messaging client - development
 libpurple-bin - multi-protocol instant messaging library - extra utilities
 libpurple-dev - multi-protocol instant messaging library - development files
 libpurple0 - multi-protocol instant messaging library
 pidgin     - multi-protocol instant messaging client
 pidgin-data - multi-protocol instant messaging client - data files
 pidgin-dbg - Debugging symbols for Pidgin
 pidgin-dev - multi-protocol instant messaging client - development files
Launchpad-Bugs-Fixed: 666998
Changes: 
 pidgin (1:2.7.3-1ubuntu3.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
     - debian/patches/61_CVE-2010-3711.patch: correctly handle
       purple_base64_decode return codes in libpurple/ntlm.c,
       libpurple/plugins/perl/common/Util.xs,
       libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
       myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
     - CVE-2010-3711
Checksums-Sha1: 
 65725137ec0b0066812a343466c5c910c4c522b5 2687 pidgin_2.7.3-1ubuntu3.1.dsc
 801134a93fc122a940cc6bedac7dc34754ae9769 65684 pidgin_2.7.3-1ubuntu3.1.debian.tar.gz
Checksums-Sha256: 
 10992edb63a57220ba48b4c66faeb422a65765d49dd3fde437bb217327698431 2687 pidgin_2.7.3-1ubuntu3.1.dsc
 a77ba8e66560413d60e7d3121a96c400cb3238c3ce30872219e0d3e5a5786ad3 65684 pidgin_2.7.3-1ubuntu3.1.debian.tar.gz
Files: 
 64c3764d93a2232ed05a5ce4d9dc1ebc 2687 net optional pidgin_2.7.3-1ubuntu3.1.dsc
 b34b8a96ae8645d4e9ffa781639f3415 65684 net optional pidgin_2.7.3-1ubuntu3.1.debian.tar.gz
Original-Maintainer: Ari Pollak <ari at debian.org>


More information about the Maverick-changes mailing list