** Changed in: pidgin (Debian) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to pidgin in Ubuntu. https://bugs.launchpad.net/bugs/245770
Title: [CVE-2008-2927] MSN integer overflow in Pidgin Status in “pidgin” package in Ubuntu: Fix Released Status in “pidgin” package in Debian: Fix Released Status in “pidgin” package in Fedora: Unknown Bug description: Binary package hint: pidgin CVE-2008-2927 is a remote buffer overflow vulnerability in the MSN protocol handler. Apparently it can lead to arbitrary code execution. It's not yet in the public vulnerability databases, so please see the Debian bug for reference: <http://bugs.debian.org/cgi- bin/bugreport.cgi?bug=488632>. I think it is the same issue as described in this Bugtraq post <http://www.securityfocus.com/archive/1/493682/30/60/threaded>. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/245770/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp