The packages are now up for SL 3.0.x Troy Connie Sieh wrote: > Synopsis: Important: pidgin security and bug fix update > CVE Names: CVE-2008-2927 > Description: > > An integer overflow flaw was found in Pidgin's MSN protocol handler. If a > user received a malicious MSN message, it was possible to execute arbitrary > code with the permissions of the user running Pidgin. (CVE-2008-2927) > > Note: the default Pidgin privacy setting only allows messages from users in > the buddy list. This prevents arbitrary MSN users from exploiting this > flaw. > > This update also addresses the following bug: > > * when attempting to connect to the ICQ network, Pidgin would fail to > connect, present an alert saying the "The client version you are using is > too old", and de-activate the ICQ account. This update restores Pidgin's > ability to connect to the ICQ network. > > SL 3: > > Source: > pidgin-1.5.1-2.el3.src.rpm > > x86_64: > pidgin-1.5.1-2.el3.x86_64.rpm > > SL 4: > > Source: > pidgin-1.5.1-2.el4.src.rpm > > i386: > pidgin-1.5.1-2.el4.i386.rpm > > x86_64: > pidgin-1.5.1-2.el4.x86_64.rpm > > SL 5: > > Source: > pidgin-2.3.1-2.el5_2.src.rpm > > i386: > finch-2.3.1-2.el5_2.i386.rpm > finch-devel-2.3.1-2.el5_2.i386.rpm > libpurple-2.3.1-2.el5_2.i386.rpm > libpurple-devel-2.3.1-2.el5_2.i386.rpm > libpurple-perl-2.3.1-2.el5_2.i386.rpm > libpurple-tcl-2.3.1-2.el5_2.i386.rpm > pidgin-2.3.1-2.el5_2.i386.rpm > pidgin-perl-2.3.1-2.el5_2.i386.rpm > pidgin-devel-2.3.1-2.el5_2.i386.rpm > > x86_64: > finch-2.3.1-2.el5_2.i386.rpm > finch-2.3.1-2.el5_2.x86_64.rpm > finch-devel-2.3.1-2.el5_2.i386.rpm > finch-devel-2.3.1-2.el5_2.x86_64.rpm > libpurple-2.3.1-2.el5_2.i386.rpm > libpurple-2.3.1-2.el5_2.x86_64.rpm > libpurple-devel-2.3.1-2.el5_2.i386.rpm > libpurple-devel-2.3.1-2.el5_2.x86_64.rpm > libpurple-perl-2.3.1-2.el5_2.x86_64.rpm > libpurple-tcl-2.3.1-2.el5_2.x86_64.rpm > pidgin-2.3.1-2.el5_2.i386.rpm > pidgin-2.3.1-2.el5_2.x86_64.rpm > pidgin-devel-2.3.1-2.el5_2.i386.rpm > pidgin-devel-2.3.1-2.el5_2.x86_64.rpm > pidgin-perl-2.3.1-2.el5_2.x86_64.rpm > > -Connie Sieh -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________