MDVSA-2013:025
- Nome do pacote
- pidgin
- Data
- 2013-03-14
- ID Alerta
- MDVSA-2013:025
- Versões afetadas
- MES5 i586 , MES5 x86_64
Descrição do problema
Multiple vulnerabilities has been discovered and corrected in pidgin:
The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might
allow remote attackers to create or overwrite files via a crafted
(1) mxit or (2) mxit/imagestrips pathname (CVE-2013-0271).
Buffer overflow in http.c in the MXit protocol plugin in libpurple
in Pidgin before 2.10.7 allows remote servers to execute arbitrary
code via a long HTTP header (CVE-2013-0272).
sametime.c in the Sametime protocol plugin in libpurple in Pidgin
before 2.10.7 does not properly terminate long user IDs, which allows
remote servers to cause a denial of service (application crash)
via a crafted packet (CVE-2013-0273).
upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate
long strings in UPnP responses, which allows remote attackers to
cause a denial of service (application crash) by leveraging access
to the local network (CVE-2013-0274).
This update provides pidgin 2.10.7, which is not vulnerable to
these issues.
Pacotes atualizados
MES5 i586
4eb267f970ddb2ad4d62321c269d4a9b mes5/i586/finch-2.10.7-0.1mdvmes5.2.i586.rpm e21539113c76768f5d2e0a0a4a9f6cbc mes5/i586/libfinch0-2.10.7-0.1mdvmes5.2.i586.rpm 19fcd2343bc5a28cfac82570047dabc8 mes5/i586/libpurple0-2.10.7-0.1mdvmes5.2.i586.rpm 1d1ec13029069d2e5670ecd9e5c2c084 mes5/i586/libpurple-devel-2.10.7-0.1mdvmes5.2.i586.rpm 24f8bc13c74be1366165f8c04d4b67ac mes5/i586/pidgin-2.10.7-0.1mdvmes5.2.i586.rpm fe6749ec8865e5cc96b16ddce0606e25 mes5/i586/pidgin-bonjour-2.10.7-0.1mdvmes5.2.i586.rpm 76f84decf6d5834037ccf6b9ed4c68d9 mes5/i586/pidgin-client-2.10.7-0.1mdvmes5.2.i586.rpm 41f63fd40174df1160a63ef44d881c3c mes5/i586/pidgin-gevolution-2.10.7-0.1mdvmes5.2.i586.rpm 936c150819cd7e8ac19e5f2d02bb684d mes5/i586/pidgin-i18n-2.10.7-0.1mdvmes5.2.i586.rpm 7c1d22d3777f7c49f7d49b09a1d43811 mes5/i586/pidgin-meanwhile-2.10.7-0.1mdvmes5.2.i586.rpm ca57564f29f191f3bae55c9ce6255234 mes5/i586/pidgin-perl-2.10.7-0.1mdvmes5.2.i586.rpm 1882da3624a8dc8e27a51f3c867dbc88 mes5/i586/pidgin-plugins-2.10.7-0.1mdvmes5.2.i586.rpm 37ee0fe3a08d109f069de07f8a218f27 mes5/i586/pidgin-silc-2.10.7-0.1mdvmes5.2.i586.rpm 4d8bbdce9ce0e3b1ec663f4df384c70b mes5/i586/pidgin-tcl-2.10.7-0.1mdvmes5.2.i586.rpm d8390c286670e49deee241267eb5070e mes5/SRPMS/pidgin-2.10.7-0.1mdvmes5.2.src.rpm
MES5 x86_64
00fb4dc53fd8cbf056d493ca75231d1c mes5/x86_64/finch-2.10.7-0.1mdvmes5.2.x86_64.rpm f0a81cae3067ba8fa47f603af718e1bd mes5/x86_64/lib64finch0-2.10.7-0.1mdvmes5.2.x86_64.rpm d50e2f1821a4912639b20fa678d4538b mes5/x86_64/lib64purple0-2.10.7-0.1mdvmes5.2.x86_64.rpm 5a73a3d942a97d581a5b89bfcc550be3 mes5/x86_64/lib64purple-devel-2.10.7-0.1mdvmes5.2.x86_64.rpm 337ca23774f09a1f6e60d02ba1bdef3f mes5/x86_64/pidgin-2.10.7-0.1mdvmes5.2.x86_64.rpm 49d7a34e3af48fbf49d59a8dad1ca3fb mes5/x86_64/pidgin-bonjour-2.10.7-0.1mdvmes5.2.x86_64.rpm 53099ab83b0f4351d3668e2f84e6d2fa mes5/x86_64/pidgin-client-2.10.7-0.1mdvmes5.2.x86_64.rpm 31dc403c7863624346efaaa46027b3d1 mes5/x86_64/pidgin-gevolution-2.10.7-0.1mdvmes5.2.x86_64.rpm 1ae8ab836a6caffa77b99fe6e5de31ae mes5/x86_64/pidgin-i18n-2.10.7-0.1mdvmes5.2.x86_64.rpm beea935bc761483e50e5ec60bfeaa2a5 mes5/x86_64/pidgin-meanwhile-2.10.7-0.1mdvmes5.2.x86_64.rpm 8d6abe0c106b5f9d24917cdad13ef668 mes5/x86_64/pidgin-perl-2.10.7-0.1mdvmes5.2.x86_64.rpm 616204b1f131bf39fd77758765052286 mes5/x86_64/pidgin-plugins-2.10.7-0.1mdvmes5.2.x86_64.rpm 60ef462c8b8f28b4280169a6bac8d22f mes5/x86_64/pidgin-silc-2.10.7-0.1mdvmes5.2.x86_64.rpm 78026cbae2cfdb327d64ed6b6b3fcc51 mes5/x86_64/pidgin-tcl-2.10.7-0.1mdvmes5.2.x86_64.rpm d8390c286670e49deee241267eb5070e mes5/SRPMS/pidgin-2.10.7-0.1mdvmes5.2.src.rpm