sledp3-finchSecurity update for pidginSecurity update for pidgin
This update of pidgin fixes various security vulnerabilities
CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal (CWE-22)
Remote file disclosure vulnerability by using the MSN protocol.
CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource Management Errors (CWE-399)
MSN protocol plugin in libpurple allowed remote attackers to cause a denial of service (memory corruption) at least.
CVE-2010-0420
Same nick names in XMPP MUC lead to a crash in finch.
CVE-2010-0423
A remote denial of service attack (resource consumption) is possible by sending an IM with a lot of smilies in it.
This update of pidgin fixes various security vulnerabilities
- CVE-2010-0013: CVSS v2 Base Score: 4.3: Path Traversal
(CWE-22) Remote file disclosure vulnerability by using
the MSN protocol.
- CVE-2010-0277: CVSS v2 Base Score: 4.9: Resource
Management Errors (CWE-399) MSN protocol plugin in
libpurple allowed remote attackers to cause a denial of
service (memory corruption) at least.
- CVE-2010-0420 Same nick names in XMPP MUC lead to a crash
in finch.
- CVE-2010-0423 A remote denial of service attack (resource
consumption) is possible by sending an IM with a lot of
smilies in it.
securityfinchx86_64b48412849a7fbfd9b2cc5a84fc624fe48d3705cblibpurplex86_649642cf161ed5171e8c21e952b469685d7b704b32pidginx86_64230d4675e47def27ae78434045ab7bfadbd4dd17