Nom du paquet
pidgin
Date
2012-05-28
Advisory ID
MDVSA-2012:082
Affected versions
MES5 i586 , 2011 i586 , MES5 x86_64 , 2011 x86_64

Problem description

Multiple vulnerabilities has been discovered and corrected in pidgin:

A series of specially crafted file transfer requests can cause clients
to reference invalid memory. The user must have accepted one of the
file transfer requests (CVE-2012-2214).

Incoming messages with certain characters or character encodings can
cause clients to crash (CVE-2012-2318).

This update provides pidgin 2.10.4, which is not vulnerable to
these issues.

Updated packages

MES5 i586

 9a4c0fd6f19f32491cb81be5304b3b7f  mes5/i586/finch-2.10.4-0.1mdvmes5.2.i586.rpm
 871836ceb09eac2f02f1b3fa6b947506  mes5/i586/libfinch0-2.10.4-0.1mdvmes5.2.i586.rpm
 2dd36fd15de2ddb55ec014f14a976561  mes5/i586/libpurple0-2.10.4-0.1mdvmes5.2.i586.rpm
 f280ae9695571a39a85bc9978d4525fe  mes5/i586/libpurple-devel-2.10.4-0.1mdvmes5.2.i586.rpm
 d27b90b2e2f12ae89582f04b3f194751  mes5/i586/pidgin-2.10.4-0.1mdvmes5.2.i586.rpm
 167a3742e07438466c270820613a5fcc  mes5/i586/pidgin-bonjour-2.10.4-0.1mdvmes5.2.i586.rpm
 02fbe71ad44ec5e8b2d4f9c470010654  mes5/i586/pidgin-client-2.10.4-0.1mdvmes5.2.i586.rpm
 edf56ff5975f98b4ea5b6463b43646d8  mes5/i586/pidgin-gevolution-2.10.4-0.1mdvmes5.2.i586.rpm
 a50fc90896857995ec2fcf4a9c20bea8  mes5/i586/pidgin-i18n-2.10.4-0.1mdvmes5.2.i586.rpm
 7a8e884e0b61bff3a9afc432810261e0  mes5/i586/pidgin-meanwhile-2.10.4-0.1mdvmes5.2.i586.rpm
 5860dbaab368fccd0dc16e0d30f1be5c  mes5/i586/pidgin-perl-2.10.4-0.1mdvmes5.2.i586.rpm
 ee1ca5f6cca543cf8f2d1af8acc92fdc  mes5/i586/pidgin-plugins-2.10.4-0.1mdvmes5.2.i586.rpm
 30af0a61aaebd8937983e416f74bbb2a  mes5/i586/pidgin-silc-2.10.4-0.1mdvmes5.2.i586.rpm
 f7e8883d2fa5f20a0c59f3e1e1790adc  mes5/i586/pidgin-tcl-2.10.4-0.1mdvmes5.2.i586.rpm 
 c629adfa2d43585105be933466e6d366  mes5/SRPMS/pidgin-2.10.4-0.1mdvmes5.2.src.rpm

2011 i586

 bef050030adee6a6d8a6ce2116ef2997  2011/i586/finch-2.10.4-0.1-mdv2011.0.i586.rpm
 0331afa765ec36c87f469500bf178ee4  2011/i586/libfinch0-2.10.4-0.1-mdv2011.0.i586.rpm
 2bf80984270719e8e15414f49f2ab04b  2011/i586/libpurple0-2.10.4-0.1-mdv2011.0.i586.rpm
 557db76a0aad842f0c2cb80e8a16ac7e  2011/i586/libpurple-devel-2.10.4-0.1-mdv2011.0.i586.rpm
 7435f72c8cd2358d8aca7c29140c9c7d  2011/i586/pidgin-2.10.4-0.1-mdv2011.0.i586.rpm
 17ea6ccf5344fac74668ea979d7da86a  2011/i586/pidgin-bonjour-2.10.4-0.1-mdv2011.0.i586.rpm
 a7a4475e3caa52e1353612f522856284  2011/i586/pidgin-client-2.10.4-0.1-mdv2011.0.i586.rpm
 5771361b7c5713a34c9f116a0e6e9127  2011/i586/pidgin-gevolution-2.10.4-0.1-mdv2011.0.i586.rpm
 0d5daddc1b6d6c0ab1ce0057e8b4b0ac  2011/i586/pidgin-i18n-2.10.4-0.1-mdv2011.0.i586.rpm
 ceafa80a86569642d974fe095414e725  2011/i586/pidgin-meanwhile-2.10.4-0.1-mdv2011.0.i586.rpm
 521837eb4a4bbaf19996f9a88f7936bb  2011/i586/pidgin-perl-2.10.4-0.1-mdv2011.0.i586.rpm
 9c2a6a5e60aef9b19692cbec801b87b8  2011/i586/pidgin-plugins-2.10.4-0.1-mdv2011.0.i586.rpm
 012809faae1cb25d0a3637a19858d9c9  2011/i586/pidgin-silc-2.10.4-0.1-mdv2011.0.i586.rpm
 2127fe686c24f5a44c4ed680231e8cd6  2011/i586/pidgin-tcl-2.10.4-0.1-mdv2011.0.i586.rpm 
 b977e3cb9a308a2e772b7ccb5d39c370  2011/SRPMS/pidgin-2.10.4-0.1.src.rpm

MES5 x86_64

 8c3da9c1ae1a49d3b048bb03be17810e  mes5/x86_64/finch-2.10.4-0.1mdvmes5.2.x86_64.rpm
 a7a841ac4a2f3115f14930b2dd462074  mes5/x86_64/lib64finch0-2.10.4-0.1mdvmes5.2.x86_64.rpm
 16120decc116f49a9bfc20e9642a3130  mes5/x86_64/lib64purple0-2.10.4-0.1mdvmes5.2.x86_64.rpm
 396f02442c0cfbcb530fa518cbf3b389  mes5/x86_64/lib64purple-devel-2.10.4-0.1mdvmes5.2.x86_64.rpm
 51f5c14a4e941e1ffc818408ec902af8  mes5/x86_64/pidgin-2.10.4-0.1mdvmes5.2.x86_64.rpm
 1a607ed7b1772421bdb70e922119dca4  mes5/x86_64/pidgin-bonjour-2.10.4-0.1mdvmes5.2.x86_64.rpm
 52a43e7519eccdde5570cc343697e271  mes5/x86_64/pidgin-client-2.10.4-0.1mdvmes5.2.x86_64.rpm
 5b96e447aac38288c4147078b6bc3f8a  mes5/x86_64/pidgin-gevolution-2.10.4-0.1mdvmes5.2.x86_64.rpm
 7b88dfac197f7213bb9de95dfd47bc3c  mes5/x86_64/pidgin-i18n-2.10.4-0.1mdvmes5.2.x86_64.rpm
 4c766c56d7e11b2aa6c4089d93c41a3e  mes5/x86_64/pidgin-meanwhile-2.10.4-0.1mdvmes5.2.x86_64.rpm
 a688528aafafdcdb1033dd3a28b2df70  mes5/x86_64/pidgin-perl-2.10.4-0.1mdvmes5.2.x86_64.rpm
 fab9bbd6ad53f66c93ce0d8ce76c9ea5  mes5/x86_64/pidgin-plugins-2.10.4-0.1mdvmes5.2.x86_64.rpm
 68f561d5573ec899fbc150a2e2b6db8b  mes5/x86_64/pidgin-silc-2.10.4-0.1mdvmes5.2.x86_64.rpm
 73feee59eeec17b84b028ba600874bfd  mes5/x86_64/pidgin-tcl-2.10.4-0.1mdvmes5.2.x86_64.rpm 
 c629adfa2d43585105be933466e6d366  mes5/SRPMS/pidgin-2.10.4-0.1mdvmes5.2.src.rpm

2011 x86_64

 69d6d461391fe01e8bb100fd252efde3  2011/x86_64/finch-2.10.4-0.1-mdv2011.0.x86_64.rpm
 e7485e20ba16037cf302cb7afc3fea89  2011/x86_64/lib64finch0-2.10.4-0.1-mdv2011.0.x86_64.rpm
 a7521660b6a2b6c9cd0acbdbcf6946c1  2011/x86_64/lib64purple0-2.10.4-0.1-mdv2011.0.x86_64.rpm
 24757f828f3f25488be291e7d5365e00  2011/x86_64/lib64purple-devel-2.10.4-0.1-mdv2011.0.x86_64.rpm
 c552d655223d60f64e4089b1841a690c  2011/x86_64/pidgin-2.10.4-0.1-mdv2011.0.x86_64.rpm
 f95bc494277ff7e083413528c2cc42d9  2011/x86_64/pidgin-bonjour-2.10.4-0.1-mdv2011.0.x86_64.rpm
 b8461999b7a10719476fe6bd43ed972c  2011/x86_64/pidgin-client-2.10.4-0.1-mdv2011.0.x86_64.rpm
 9ca33b7b07128f0f66bdb1b21cad4e84  2011/x86_64/pidgin-gevolution-2.10.4-0.1-mdv2011.0.x86_64.rpm
 b32f3c197ba607e9c2f92ded9ae0b283  2011/x86_64/pidgin-i18n-2.10.4-0.1-mdv2011.0.x86_64.rpm
 dd5b75e821d541f66e7d0766c9a6f6ae  2011/x86_64/pidgin-meanwhile-2.10.4-0.1-mdv2011.0.x86_64.rpm
 f9bf0cd48c12e8a36e85f1dac2c06672  2011/x86_64/pidgin-perl-2.10.4-0.1-mdv2011.0.x86_64.rpm
 71057b5d79e4dfba09321eee54d98dcb  2011/x86_64/pidgin-plugins-2.10.4-0.1-mdv2011.0.x86_64.rpm
 ffa4c2e94e4d2b0597ec94108340bada  2011/x86_64/pidgin-silc-2.10.4-0.1-mdv2011.0.x86_64.rpm
 d8e088f101b312bfde020e39a4134c2e  2011/x86_64/pidgin-tcl-2.10.4-0.1-mdv2011.0.x86_64.rpm 
 b977e3cb9a308a2e772b7ccb5d39c370  2011/SRPMS/pidgin-2.10.4-0.1.src.rpm

References