Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Slackware 14.1: 2014-296-02 Moderate: Pidgin Remote Crash Fix

slackware
Calendar Grey October 24, 2014
Dist Slackware Esm H88
New updates for Pidgin on Slackware address major security vulnerabilities, including prevention of remote system crashes and improvements to SSL certificate validation.
New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues

Summary

Here are the details from the Slackware 14.1 ChangeLog: pidgin-2.10.10-i486-1_slack14.1.txz: Upgraded. This update fixes several security issues: Insufficient SSL certificate validation (CVE-2014-3694) Remote crash parsing malformed MXit emoticon (CVE-2014-3695) Remote crash parsing malformed Groupwise message (CVE-2014-3696) Malicious smiley themes could alter arbitrary files (CVE-2014-3697) Potential information leak from XMPP (CVE-2014-3698) For more information, see: https://www.cve.org/CVERecord?id=CVE-2014-3694 https://www.cve.org/CVERecord?id=CVE-2014-3695 https://www.cve.org/CVERecord?id=CVE-2014-3696 https://www.cve.org/CVERecord?id=CVE-2014-3697 https://www.cve.org/CVERecord?id=CVE-2014-3698 (* Security fix *)

Topics%20covered

Topics Covered

security advisory package update moderate threat Slackware remote crash Pidgin SSL validation

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 package: c2d238379b0a6c9cacfb9b73ac9f8dd7 pidgin-2.10.10-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 953980a2900c9416a44f9b8edc63d378 pidgin-2.10.10-x86_64-1_slack13.0.txz
Slackware 13.1 package: 94c136c7332f669ad5b6fc7239db3a75 pidgin-2.10.10-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: 91f03ff9d4842b1e0f1e0e732b2ae3a9 pidgin-2.10.10-x86_64-1_slack13.1.txz
Slackware 13.37 package: 383bf35399fe5d5055b65b5438ba5e53 pidgin-2.10.10-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 9cd9f93b784329997e74dc0e9c44eb6e pidgin-2.10.10-x86_64-1_slack13.37.txz
Slackware 14.0 package: 574b08f0d4ffeb51ef6c86d0f13ef496 pidgin-2.10.10-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 50196521b09da87a1575107b7aab7b49 pidgin-2.10.10-x86_64-1_slack14.0.txz
Slackware 14.1 package: d1c5d2d72a9ecdb0af1f15be09ad8753 pidgin-2.10.10-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 4159345b81c79a226c3bda0c5110ad33 pidgin-2.10.10-x86_64-1_slack14.1.txz
Slackware -current package: dfef30c57a5c72093a9ff0262764e791 xap/pidgin-2.10.10-i486-1.txz
Slackware x86_64 -current package: 7df8a0dc6d2fc35428f0f95362533aca xap/pidgin-2.10.10-x86_64-1.txz

Topics%20covered

Topics Covered

security advisory package update moderate threat Slackware remote crash Pidgin SSL validation

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg pidgin-2.10.10-i486-1_slack14.1.txz

Related News

Your message here