-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2009-05-25 17:57:35 UTC
-
Revision ID:
james.westby@ubuntu.com-20090525175735-cgza3mbd79jjlco4
Tags: 1:1.5.0+1.5.1cvs20051015-1ubuntu10.2
* SECURITY UPDATE: denial of service or possible code execution in XMPP
file transfer
- debian/patches/21_security_CVE-2009-1373.patch: calculate lengths
correctly in libpurple/protocols/jabber/si.c.
- CVE-2009-1373
* SECURITY UPDATE: arbitrary code execution via crafted MSN message
- debian/patches/22_security_CVE-2009-1376.patch: switch offset
variable to guint64 in libpurple/protocols/msn/slplink.c.
- CVE-2009-1376