[BSA-092] Security Update for pidgin

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

intrigeri uploaded new packages for pidgin which fixed the
following security problems:

CVE-2013-6477
  Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by
  sending a message with a timestamp in the distant future.

CVE-2013-6478
  Pidgin could be crashed through overly wide tooltip windows.

CVE-2013-6479
  Jacob Appelbaum discovered that a malicious server or a "man in the middle"
  could send a malformed HTTP header resulting in denial of service.

CVE-2013-6481
  Daniel Atallah discovered that Pidgin could be crashed through malformed
  Yahoo! P2P messages.

CVE-2013-6482
  Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin could be
  crashed through malformed MSN messages.

CVE-2013-6483
  Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin could be
  crashed through malformed XMPP messages.

CVE-2013-6484
  It was discovered that incorrect error handling when reading the response from
  a STUN server

007 Software

[BSA-092] Security Update for pidgin

Leave a Reply Cancel reply

Software and Security Information