This bug was fixed in the package pidgin - 1:2.10.3-0ubuntu1.1
---------------
pidgin (1:2.10.3-0ubuntu1.1) precise-security; urgency=low
* SECURITY UPDATE: Remote denial of service via specially crafted XMPP file
transfer requests (LP: #996691)
- debian/patches/CVE-2012-2214.patch: Properly tear down SOCKS5
connection attempts. Based on upstream patch.
- CVE-2012-2214
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
messages (LP: #996691)
- debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
then validate the messages. Based on upstream patch.
- CVE-2012-2318
* SECURITY UPDATE: Remote denial of service via specially crafted MXit
messages (LP: #1022012)
- debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
instead of a fixed size buffer. Based on upstream patch.
- CVE-2012-3374
-- Tyler Hicks <tyhi...@canonical.com> Sun, 08 Jul 2012 18:14:21 -0500
** Changed in: pidgin (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2214
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2318
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1022012
Title:
(CVE-2012-3374) <pidgin-2.10.5: MXit buffer overflow
To manage notifications about this bug go to:
https://bugs.launchpad.net/pidgin/+bug/1022012/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
