Launchpad has imported 6 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=453764.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
** Changed in: pidgin (Debian)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/245770
Title:
[CVE-2008-2927] MSN integer overflow in Pidgin
To manage
** Bug watch added: Red Hat Bugzilla #453764
https://bugzilla.redhat.com/show_bug.cgi?id=453764
** Changed in: pidgin (Fedora)
Remote watch: Red Hat Bugzilla #CVE-2008-2927 = Red Hat Bugzilla #453764
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
** Changed in: pidgin (Debian)
Status: New = Confirmed
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
** Tags added: patch
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
** Branch linked: lp:ubuntu/dapper-security/gaim
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
** Branch linked: lp:~ubuntu-branches/ubuntu/hardy/pidgin/hardy-security
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
This bug was fixed in the package pidgin - 1:2.2.1-1ubuntu4.3
---
pidgin (1:2.2.1-1ubuntu4.3) gutsy-security; urgency=low
* SECURITY UPDATE: code execution via integer overflow in the MSN protocol
handler (LP: #245770)
- debian/patches/99_SECURITY_CVE-2008-2927.patch: fix
Here is the debdiff.
** Attachment added: pidgin_2.4.1-1ubuntu2.2.debdiff
http://launchpadlibrarian.net/15936949/pidgin_2.4.1-1ubuntu2.2.debdiff
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a
Adding a CVE reference: CVE-2008-2927
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
Here is a description from the Red Hat bug:
An integer overflow in Pidgin's MSN protocol handler could allow malformed SLP
message to cause an integer overflow, which could result in arbitrary code
execution.
This flaw is only exploitable by individuals who can message a user, which is
** Changed in: pidgin (Debian)
Status: Unknown = New
--
[CVE-2008-2927] MSN integer overflow in Pidgin
https://bugs.launchpad.net/bugs/245770
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
12 matches
Mail list logo