UbuntuUpdates.org

Package "pidgin-data"

Name: pidgin-data

Description:

multi-protocol instant messaging client - data files

Latest version: 1:2.10.12-0ubuntu5.2
Release: xenial (16.04)
Level: security
Repository: universe
Head package: pidgin
Homepage: http://www.pidgin.im

Links


Download "pidgin-data"


Other versions of "pidgin-data" in Xenial

Repository Area Version
base universe 1:2.10.12-0ubuntu5
updates universe 1:2.10.12-0ubuntu5.2

Changelog

Version: 1:2.10.12-0ubuntu5.2 2017-03-14 13:06:53 UTC

  pidgin (1:2.10.12-0ubuntu5.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds write when stripping xml
    - debian/patches/CVE-2017-2640.patch: improve entity processing in
      libpurple/util.c.
    - CVE-2017-2640

 -- Marc Deslauriers <email address hidden> Mon, 13 Mar 2017 14:30:08 -0400

Source diff to previous version
CVE-2017-2640 Out-of-bounds write when stripping xml

Version: 1:2.10.12-0ubuntu5.1 2016-07-12 18:06:52 UTC

  pidgin (1:2.10.12-0ubuntu5.1) xenial-security; urgency=medium

  * SECURITY UPDATE: denial of service and code execution in MXIT protocol
    - debian/patches/CVE-2016-*.patch: fix multiple issues.
    - CVE-2016-2365
    - CVE-2016-2366
    - CVE-2016-2367
    - CVE-2016-2368
    - CVE-2016-2369
    - CVE-2016-2370
    - CVE-2016-2371
    - CVE-2016-2372
    - CVE-2016-2373
    - CVE-2016-2374
    - CVE-2016-2375
    - CVE-2016-2376
    - CVE-2016-2377
    - CVE-2016-2378
    - CVE-2016-2380
    - CVE-2016-4323

 -- Marc Deslauriers <email address hidden> Tue, 12 Jul 2016 08:17:31 -0400

CVE-2016-2365 MXIT Markup Command Denial of Service Vulnerability
CVE-2016-2366 MXIT Table Command Denial of Service Vulnerability
CVE-2016-2367 MXIT Avatar Length Memory Disclosure Vulnerability
CVE-2016-2368 MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities
CVE-2016-2369 MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability
CVE-2016-2370 MXIT Custom Resource Denial of Service Vulnerability
CVE-2016-2371 MXIT Extended Profiles Code Execution Vulnerability
CVE-2016-2372 MXIT File Transfer Length Memory Disclosure Vulnerability
CVE-2016-2373 MXIT Contact Mood Denial of Service Vulnerability
CVE-2016-2374 MXIT MultiMX Message Code Execution Vulnerability
CVE-2016-2375 MXIT Suggested Contacts Memory Disclosure Vulnerability
CVE-2016-2376 MXIT read stage 0x3 Code Execution Vulnerability
CVE-2016-2377 MXIT HTTP Content-Length Buffer Overflow Vulnerability
CVE-2016-2378 MXIT get_utf8_string Code Execution Vulnerability
CVE-2016-2380 MXIT mxit_convert_markup_tx Information Leak Vulnerability
CVE-2016-4323 MXIT Splash Image Arbitrary File Overwrite Vulnerability



About   -   Send Feedback to @ubuntu_updates