| |||||||||||||||||||
Fedora alert FEDORA-2011-17558 (pidgin)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-17558 2011-12-30 00:12:42 -------------------------------------------------------------------------------- Name : pidgin Product : Fedora 16 Version : 2.10.1 Release : 1.fc16 URL : http://pidgin.im/ Summary : A Gtk+ based multiprotocol instant messaging client Description : Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. -------------------------------------------------------------------------------- Update Information: New release 2.10.1 Full Upstream ChangeLog: http://developer.pidgin.im/wiki/ChangeLog -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 29 2011 Stu Tomlinson <stu@nosnilmot.com> 2.10.1-1 - 2.10.1, includes security fixes for CVE-2011-3594, CVE-2011-4601, CVE-2011-4602, CVE-2011-4603 * Mon Nov 28 2011 Milan Crha <mcrha@redhat.com> 2.10.0-5 - Rebuild against newer evolution-data-server * Sun Oct 30 2011 Bruno Wolff III <bruno@wolff.to> 2.10.0-4 - Rebuild against newer evolution-data-server -------------------------------------------------------------------------------- References: [ 1 ] Bug #761517 - CVE-2011-4601 pidgin (libpurple): Invalid UTF-8 string handling in OSCAR messages https://bugzilla.redhat.com/show_bug.cgi?id=761517 [ 2 ] Bug #761510 - CVE-2011-4602 pidgin: Multiple NULL pointer deference flaws by processing certain Jingle stanzas in the XMPP protocol plug-in https://bugzilla.redhat.com/show_bug.cgi?id=761510 [ 3 ] Bug #766446 - CVE-2011-4603 pidgin: SILC remote crash on channel messages https://bugzilla.redhat.com/show_bug.cgi?id=766446 [ 4 ] Bug #743481 - CVE-2011-3594 libpurple: invalid UTF-8 string handling in SILC messages https://bugzilla.redhat.com/show_bug.cgi?id=743481 [ 5 ] Bug #742450 - pidgin: Heap-based buffer overflow by processing certain SILC private messages https://bugzilla.redhat.com/show_bug.cgi?id=742450 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pidgin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-... (Log in to post comments)
|
|||||||||||||||||||