pidgin 1:2.6.6-1ubuntu4.5 source package in Ubuntu
Changelog
pidgin (1:2.6.6-1ubuntu4.5) lucid-security; urgency=low
* SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
messages (LP: #958208)
- debian/patches/98_CVE-2011-4601.patch: Validate incoming messages to
enforce proper UTF-8 encoding. Based on upstream patch.
- CVE-2011-4601
* SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
and video chat requests (LP: #958208)
- debian/patches/98_CVE-2011-4602.patch: Validate fields in incoming voice
and video chat requests. Based on upstream patch.
- CVE-2011-4602
* SECURITY UPDATE: Remote denial of service via specially crafted SILC
messages (LP: #958208)
- debian/patches/98_CVE-2011-4603.patch: Validate incoming messages to
enforce proper UTF-8 encoding. Based on upstream patch.
- CVE-2011-4603
* SECURITY UPDATE: Information disclosure
- debian/patches/98_CVE-2011-4922.patch: Properly clear memory regions
when freeing memory containing security-sensitive data. Based on
upstream patch.
- CVE-2011-4922
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
offline messages (LP: #958208)
- debian/patches/98_CVE-2012-1178.patch: Convert incoming offline messages
to UTF-8 if they are not already UTF-8. Based on upstream patch.
- CVE-2012-1178
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
messages (LP: #996691)
- debian/patches/98_CVE-2012-2318.patch: Convert incoming messages to UTF-8,
then validate the messages. Based on upstream patch.
- CVE-2012-2318
* SECURITY UPDATE: Remote denial of service via specially crafted MXit
messages (LP: #1022012)
- debian/patches/98_CVE-2012-3374.patch: Use dynamically allocated memory
instead of a fixed size buffer. Based on upstream patch.
- CVE-2012-3374
-- Tyler Hicks <email address hidden> Sun, 08 Jul 2012 18:14:21 -0500
Upload details
- Uploaded by:
- Tyler Hicks
- Uploaded to:
- Lucid
- Original maintainer:
- Ubuntu Desktop
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| pidgin_2.6.6.orig.tar.bz2 | 9.0 MiB | 6ebbe9d339246dfebb244e4c855c4feb678f120d1024ef2ee269e2fde77b2ad9 |
| pidgin_2.6.6-1ubuntu4.5.debian.tar.gz | 82.5 KiB | 3a4971555df31fee2c51fe31704f7a1e979c8580605a71d206ae1bd15dab3c38 |
| pidgin_2.6.6-1ubuntu4.5.dsc | 2.7 KiB | 152daefdb965a9e29f21e683edfcdd4a988a9f5aa7ebef4b865b8ef999a1725a |
Available diffs
Binary packages built by this source
- finch: No summary available for finch in ubuntu lucid.
No description available for finch in ubuntu lucid.
- finch-dev: No summary available for finch-dev in ubuntu lucid.
No description available for finch-dev in ubuntu lucid.
- libpurple-bin: No summary available for libpurple-bin in ubuntu lucid.
No description available for libpurple-bin in ubuntu lucid.
- libpurple-dev: No summary available for libpurple-dev in ubuntu lucid.
No description available for libpurple-dev in ubuntu lucid.
- libpurple0: No summary available for libpurple0 in ubuntu lucid.
No description available for libpurple0 in ubuntu lucid.
- pidgin: No summary available for pidgin in ubuntu lucid.
No description available for pidgin in ubuntu lucid.
- pidgin-data: No summary available for pidgin-data in ubuntu lucid.
No description available for pidgin-data in ubuntu lucid.
- pidgin-dbg: No summary available for pidgin-dbg in ubuntu lucid.
No description available for pidgin-dbg in ubuntu lucid.
- pidgin-dev: No summary available for pidgin-dev in ubuntu lucid.
No description available for pidgin-dev in ubuntu lucid.
