Fedora 11: FEDORA-2009-5583 Critical: Pidgin Buffer Overflow and DoS

fedora

June 2, 2009

This is a bugfix & security fix release of Pidgin

Summary

Pidgin allows you to talk to anyone using a variety of messaging

protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu,

ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and

Zephyr. These protocols are implemented using a modular, easy to

use design. To use a protocol, just add an account using the

account editor.

Pidgin supports many common features of other clients, as well as many

unique features, such as perl scripting, TCL scripting and C plugins.

Pidgin is not affiliated with or endorsed by America Online, Inc.,

Microsoft Corporation, Yahoo! Inc., or ICQ Inc.

Update Information:

This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at

Topics Covered

security advisory security issue fedora buffer overflow bug fix DoS pidgin

Change Log

* Wed May 20 2009 Stu Tomlinson 2.5.6-1 - 2.5.6 * Mon Apr 20 2009 Warren Togami 2.5.5-3 - F12+ removed krb4

References

[ 1 ] Bug #500488 - CVE-2009-1373 pidgin file transfer buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=500488 [ 2 ] Bug #500490 - CVE-2009-1374 pidgin DoS when decrypting qq packets https://bugzilla.redhat.com/show_bug.cgi?id=500490 [ 3 ] Bug #500491 - CVE-2009-1375 pidgin PurpleCircBuffer corruption https://bugzilla.redhat.com/show_bug.cgi?id=500491 [ 4 ] Bug #500493 - CVE-2009-1376 pidgin incomplete fix for CVE-2008-2927 https://bugzilla.redhat.com/show_bug.cgi?id=500493

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update pidgin' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity

critical

Lowest

Low

Medium

High

Critical

Name: pidgin

Product: Fedora 11

Version: 2.5.6

Release: 1.fc11

URL: http://pidgin.im/

Summary: A Gtk+ based multiprotocol instant messaging client

Topics Covered

security advisory security issue fedora buffer overflow bug fix DoS pidgin

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 11: FEDORA-2009-5583 Critical: Pidgin Buffer Overflow and DoS

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 11: FEDORA-2009-5583 Critical: Pidgin Buffer Overflow and DoS

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!