Overview Details

File _patchinfo of Package patchinfo

<patchinfo>
  <issue id="804742" tracker="bnc">VUL-0: pidgin: various security issues</issue>
  <issue id="CVE-2013-0274" tracker="cve" />
  <issue id="CVE-2013-0272" tracker="cve" />
  <issue id="CVE-2013-0273" tracker="cve" />
  <issue id="CVE-2013-0271" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>lisaseraph</packager>
  <description>pidgin was updated to fix security issues:
- Fix a crash when receiving UPnP responses with abnormally long
  values. (CVE-2013-0274)
- Fix a crash in Sametime when a malicious server sends us an 
  abnormally long user ID. (CVE-2013-0273)
- Fix a bug where the MXit server or a man-in-the-middle could
  potentially send specially crafted data that could overflow a buffer
  and lead to a crash or remote code execution.(CVE-2013-0272)
- Fix a bug where a remote MXit user could possibly specify a 
  local file path to be written to. (CVE-2013-0271)
</description>
  <summary>pidgin: various security fixes</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places