Subject: | |
From: | |
Reply To: | |
Date: | Tue, 15 Jul 2008 15:54:34 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
The packages are now up for SL 3.0.x
Troy
Connie Sieh wrote:
> Synopsis: Important: pidgin security and bug fix update
> CVE Names: CVE-2008-2927
> Description:
>
> An integer overflow flaw was found in Pidgin's MSN protocol handler. If a
> user received a malicious MSN message, it was possible to execute arbitrary
> code with the permissions of the user running Pidgin. (CVE-2008-2927)
>
> Note: the default Pidgin privacy setting only allows messages from users in
> the buddy list. This prevents arbitrary MSN users from exploiting this
> flaw.
>
> This update also addresses the following bug:
>
> * when attempting to connect to the ICQ network, Pidgin would fail to
> connect, present an alert saying the "The client version you are using is
> too old", and de-activate the ICQ account. This update restores Pidgin's
> ability to connect to the ICQ network.
>
> SL 3:
>
> Source:
> pidgin-1.5.1-2.el3.src.rpm
>
> x86_64:
> pidgin-1.5.1-2.el3.x86_64.rpm
>
> SL 4:
>
> Source:
> pidgin-1.5.1-2.el4.src.rpm
>
> i386:
> pidgin-1.5.1-2.el4.i386.rpm
>
> x86_64:
> pidgin-1.5.1-2.el4.x86_64.rpm
>
> SL 5:
>
> Source:
> pidgin-2.3.1-2.el5_2.src.rpm
>
> i386:
> finch-2.3.1-2.el5_2.i386.rpm
> finch-devel-2.3.1-2.el5_2.i386.rpm
> libpurple-2.3.1-2.el5_2.i386.rpm
> libpurple-devel-2.3.1-2.el5_2.i386.rpm
> libpurple-perl-2.3.1-2.el5_2.i386.rpm
> libpurple-tcl-2.3.1-2.el5_2.i386.rpm
> pidgin-2.3.1-2.el5_2.i386.rpm
> pidgin-perl-2.3.1-2.el5_2.i386.rpm
> pidgin-devel-2.3.1-2.el5_2.i386.rpm
>
> x86_64:
> finch-2.3.1-2.el5_2.i386.rpm
> finch-2.3.1-2.el5_2.x86_64.rpm
> finch-devel-2.3.1-2.el5_2.i386.rpm
> finch-devel-2.3.1-2.el5_2.x86_64.rpm
> libpurple-2.3.1-2.el5_2.i386.rpm
> libpurple-2.3.1-2.el5_2.x86_64.rpm
> libpurple-devel-2.3.1-2.el5_2.i386.rpm
> libpurple-devel-2.3.1-2.el5_2.x86_64.rpm
> libpurple-perl-2.3.1-2.el5_2.x86_64.rpm
> libpurple-tcl-2.3.1-2.el5_2.x86_64.rpm
> pidgin-2.3.1-2.el5_2.i386.rpm
> pidgin-2.3.1-2.el5_2.x86_64.rpm
> pidgin-devel-2.3.1-2.el5_2.i386.rpm
> pidgin-devel-2.3.1-2.el5_2.x86_64.rpm
> pidgin-perl-2.3.1-2.el5_2.x86_64.rpm
>
> -Connie Sieh
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI DSS Group
__________________________________________________
|
|
|