[ubuntu/maverick-security] pidgin_2.7.3-1ubuntu3.3_powerpc_translations.tar.gz, pidgin_2.7.3-1ubuntu3.3_armel_translations.tar.gz, pidgin, pidgin_2.7.3-1ubuntu3.3_amd64_translations.tar.gz, pidgin_2.7.3-1ubuntu3.3_i386_translations.tar.gz 1:2.7.3-1ubuntu3.3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Nov 21 20:05:06 UTC 2011
pidgin (1:2.7.3-1ubuntu3.3) maverick-security; urgency=low
* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
YMSG message
- debian/patches/64_CVE-2011-1091.patch: validate messages in
libpurple/protocols/yahoo/libymsg.c.
- CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
response size
- debian/patches/65_CVE-2011-3184.patch: properly calculate size in
libpurple/protocols/msn/httpconn.c.
- CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
sequence
- debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
libpurple/protocols/silc/ops.c.
- CVE-2011-3594
Date: Fri, 18 Nov 2011 14:40:50 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/pidgin/1:2.7.3-1ubuntu3.3
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Nov 2011 14:40:50 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.7.3-1ubuntu3.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
finch - text-based multi-protocol instant messaging client
finch-dev - text-based multi-protocol instant messaging client - development
libpurple-bin - multi-protocol instant messaging library - extra utilities
libpurple-dev - multi-protocol instant messaging library - development files
libpurple0 - multi-protocol instant messaging library
pidgin - multi-protocol instant messaging client
pidgin-data - multi-protocol instant messaging client - data files
pidgin-dbg - Debugging symbols for Pidgin
pidgin-dev - multi-protocol instant messaging client - development files
Changes:
pidgin (1:2.7.3-1ubuntu3.3) maverick-security; urgency=low
.
* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
YMSG message
- debian/patches/64_CVE-2011-1091.patch: validate messages in
libpurple/protocols/yahoo/libymsg.c.
- CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
response size
- debian/patches/65_CVE-2011-3184.patch: properly calculate size in
libpurple/protocols/msn/httpconn.c.
- CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
sequence
- debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
libpurple/protocols/silc/ops.c.
- CVE-2011-3594
Checksums-Sha1:
30cc1fd16ed99ca605f5df441c26a2011baec2c3 2687 pidgin_2.7.3-1ubuntu3.3.dsc
eeca1cde094d78b219f0e3fbd7f23f478104d3ef 74983 pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Checksums-Sha256:
1845bd466cdf93e15c72d642ca3e5961c175922dd3c07e221adf0996253889ab 2687 pidgin_2.7.3-1ubuntu3.3.dsc
62cb2877aacf8a3d8d2c3a590517c22438124362a96b1fed8e088bb0854072e3 74983 pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Files:
341304624fb9522da5af29be3f11b7c8 2687 net optional pidgin_2.7.3-1ubuntu3.3.dsc
8c755c3dbd53060a86a20452fa24acfc 74983 net optional pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Original-Maintainer: Ari Pollak <ari at debian.org>
More information about the Maverick-changes
mailing list