sdkp2-finchSecurity update for pidgin, gaim and finchSecurity update for pidgin, gaim and finch- specially crafted MSN SLP messages could cause an integer
overflow in pidgin. Attackers could potentially exploit
that to execute arbitrary code (CVE-2008-2927).
- overly long file names in MSN file transfers could crash
pidgin (CVE-2008-2955).
- SSL certifcates were not verfied. Therefore piding didn't
notice faked certificates (CVE-2008-3532)
Additionally a problem was fixed that prevented gaim
clients from connecting to the ICQ network after a server
change on July 1st 2008.
- specially crafted MSN SLP messages could cause an integer
overflow in pidgin. Attackers could potentially exploit
that to execute arbitrary code (CVE-2008-2927).
- overly long file names in MSN file transfers could crash
pidgin (CVE-2008-2955).
- SSL certifcates were not verfied. Therefore piding didn't
notice faked certificates (CVE-2008-3532)
Additionally a problem was fixed that prevented gaim
clients from connecting to the ICQ network after a server
change on July 1st 2008.
securityfinchi586eae7b5243adf3568ca22261a80aa2bd60c962155finch-develi5862e1f28cd88580ed18266d4638f785b359da34ea3libpurplei5863661ab37d6839ae721465665f672ceb7b22eb84clibpurple-develi5860a2cb36ce088bf417e1ef52fe2ad32f049f44633pidgini5868b9615b1a8640176e7ca8d3115e6c85ac94cba75pidgin-develi586fb52ba28ca3b3b68ca4225c1935bfad182934a28