Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="6537">
  <issue id="1028835" tracker="bnc">VUL-0: CVE-2017-2640: pidgin: Out-of-bounds write in purple_markup_unescape_entity triggered by invalid XML</issue>
  <issue id="1009974" tracker="bnc">Pidgin cannot connect to Freenode using SASL</issue>
  <issue id="2017-2640" tracker="cve" />
  <issue id="318572" tracker="fate" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>XRevan86</packager>
  <description>
This update for pidgin fixes the following issues:

Feature update:
- Update to GNOME 3.20.2 (fate#318572).

Security issues fixed:
- CVE-2017-2640: Fix an out of bounds memory read in purple_markup_unescape_entity. (boo#1028835)

Bugfixes
- Correctly remove *.so files for plugins (fixes devel-file-in-non-devel-package).
- Remove generation of a plugin list to package, simply add it all in %files with exclusions.
- Fix SASL EXTERNAL fingerprint authentication (boo#1009974).
</description>
  <summary>Security update for pidgin</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places