This bug was fixed in the package pidgin - 1:2.2.1-1ubuntu4.3
---
pidgin (1:2.2.1-1ubuntu4.3) gutsy-security; urgency=low
* SECURITY UPDATE: code execution via integer overflow in the MSN protocol
handler (LP: #245770)
- debian/patches/99_SECURITY_CVE-2008-2927.patch: fix
Has the fix been included into pidgin on ubuntu ?
This is a security risk and should be fixed at some point.
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ub
** Changed in: pidgin
Status: Unknown => Fix Released
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@
** Also affects: pidgin via
http://developer.pidgin.im/ticket/3381
Importance: Unknown
Status: Unknown
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribe
** Changed in: pidgin (Debian)
Status: Confirmed => Fix Released
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
u
On Fri, Aug 8, 2008 at 02:11, Steven M. Christey
wrote:
>
> On Tue, 5 Aug 2008, Josh Bressers wrote:
>
>> http://developer.pidgin.im/ticket/6500
>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434
>
> Use CVE-2008-3532, to be updated later.
>
> - Steve
** CVE added: http://www.cve.mitre.o
Ah-ha, it appears the request is pending. I found the thread on the
oss-security mailing list.
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ub
I don't think so. I would have done it, but not certain of the
procedure.
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing lis
Has a CVE been assigned for this design failure? I haven't been able to
find one yet.
** Changed in: pidgin (Ubuntu)
Status: New => Confirmed
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member
See also http://developer.pidgin.im/ticket/6500 which includes a patch.
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
u
** Bug watch added: Debian Bug tracker #492434
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434
** Also affects: pidgin (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434
Importance: Unknown
Status: Unknown
--
Pidgin XMPP TLS/SSL Man in the Middle attack
** Changed in: pidgin (Debian)
Status: Unknown => Confirmed
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu
See also: http://developer.pidgin.im/ticket/3381
--
Pidgin XMPP TLS/SSL Man in the Middle attack
https://bugs.launchpad.net/bugs/251304
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu
13 matches
Mail list logo
