sdkp3-finchSecurity update for pidginSecurity update for pidgin
This update of pidgin fixes various security vulnerabilities
CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal (CWE-22)
Remote file disclosure vulnerability by using the MSN protocol.
CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors (CWE-399)
MSN protocol plugin in libpurple allowed remote attackers to cause a denial of service (memory corruption) at least.
CVE-2010-0420
Same nick names in XMPP MUC lead to a crash in finch.
CVE-2010-0423
A remote denial of service attack (resource consumption) is possible by sending an IM with a lot of smilies in it.
This update of pidgin fixes various security vulnerabilities
- CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal
(CWE-22) Remote file disclosure vulnerability by using
the MSN protocol.
- CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource
Management Errors (CWE-399) MSN protocol plugin in
libpurple allowed remote attackers to cause a denial of
service (memory corruption) at least.
- CVE-2010-0420 Same nick names in XMPP MUC lead to a crash
in finch.
- CVE-2010-0423 A remote denial of service attack (resource
consumption) is possible by sending an IM with a lot of
smilies in it.
securityfinchi586cf2c2ab9862d789594fa44a77cea836321b8c944finch-develi586b6bdfe7a9dfde7b0b19c1dd19f6d7d1f52e1de62libpurplei58636ba751f3441ac2daf85c218808ef05fbbd8ccbflibpurple-develi58658052af8f3d7c59967d3038912ccaa5f9d8b8c7epidgini586c1220204fa5c38a044b063b19ed58f59cd7e8104pidgin-develi586b8319dc3f970cb5dba31316217ee2283f3b2dad0