-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2011-11-18 14:40:50 UTC
-
mfrom:
(63.1.1 maverick-proposed)
-
Revision ID:
package-import@ubuntu.com-20111118144050-ttz66tmjxqqwwocw
Tags: 1:2.7.3-1ubuntu3.3
* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
YMSG message
- debian/patches/64_CVE-2011-1091.patch: validate messages in
libpurple/protocols/yahoo/libymsg.c.
- CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
response size
- debian/patches/65_CVE-2011-3184.patch: properly calculate size in
libpurple/protocols/msn/httpconn.c.
- CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
sequence
- debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
libpurple/protocols/silc/ops.c.
- CVE-2011-3594