-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-02-18 14:57:08 UTC
-
Revision ID:
james.westby@ubuntu.com-20100218145708-t43mhosxpllp0fwn
Tags: 1:2.4.1-1ubuntu2.9
* SECURITY UPDATE: denial of service via malformed SLP message
- debian/patches/94_security_CVE-2010-0277.patch: validate input in
libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
- CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
- debian/patches/94_security_CVE-2010-0420.patch: properly unescape
text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
- CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
- debian/patches/94_security_CVE-2010-0423.patch: limit the number of
smileys in pidgin/gtkimhtml.c.
- CVE-2010-0423