Oval Definition:oval:com.redhat.rhsa:def:20100044
Revision Date:2010-01-14Version:639
Title:RHSA-2010:0044: pidgin security update (Important)
Description:Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously.

  • A directory traversal flaw was discovered in Pidgin's MSN protocol implementation. A remote attacker could send a specially-crafted emoticon image download request that would cause Pidgin to disclose an arbitrary file readable to the user running Pidgin. (CVE-2010-0013)

    These packages upgrade Pidgin to version 2.6.5. Refer to the Pidgin release notes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog

    All Pidgin users should upgrade to these updated packages, which correct this issue. Pidgin must be restarted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-0013
    RHSA-2010:0044
    RHSA-2010:0044-01
    RHSA-2010:0044-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • finch is earlier than 0:2.6.5-1.el4.1
  • AND finch is signed with Red Hat redhatrelease2 key
  • finch-devel is earlier than 0:2.6.5-1.el4.1
  • AND finch-devel is signed with Red Hat redhatrelease2 key
  • libpurple is earlier than 0:2.6.5-1.el4.1
  • AND libpurple is signed with Red Hat redhatrelease2 key
  • libpurple-devel is earlier than 0:2.6.5-1.el4.1
  • AND libpurple-devel is signed with Red Hat redhatrelease2 key
  • libpurple-perl is earlier than 0:2.6.5-1.el4.1
  • AND libpurple-perl is signed with Red Hat redhatrelease2 key
  • libpurple-tcl is earlier than 0:2.6.5-1.el4.1
  • AND libpurple-tcl is signed with Red Hat redhatrelease2 key
  • pidgin is earlier than 0:2.6.5-1.el4.1
  • AND pidgin is signed with Red Hat redhatrelease2 key
  • pidgin-devel is earlier than 0:2.6.5-1.el4.1
  • AND pidgin-devel is signed with Red Hat redhatrelease2 key
  • pidgin-perl is earlier than 0:2.6.5-1.el4.1
  • AND pidgin-perl is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • finch is earlier than 0:2.6.5-1.el5
  • AND finch is signed with Red Hat redhatrelease2 key
  • finch-devel is earlier than 0:2.6.5-1.el5
  • AND finch-devel is signed with Red Hat redhatrelease2 key
  • libpurple is earlier than 0:2.6.5-1.el5
  • AND libpurple is signed with Red Hat redhatrelease2 key
  • libpurple-devel is earlier than 0:2.6.5-1.el5
  • AND libpurple-devel is signed with Red Hat redhatrelease2 key
  • libpurple-perl is earlier than 0:2.6.5-1.el5
  • AND libpurple-perl is signed with Red Hat redhatrelease2 key
  • libpurple-tcl is earlier than 0:2.6.5-1.el5
  • AND libpurple-tcl is signed with Red Hat redhatrelease2 key
  • pidgin is earlier than 0:2.6.5-1.el5
  • AND pidgin is signed with Red Hat redhatrelease2 key
  • pidgin-devel is earlier than 0:2.6.5-1.el5
  • AND pidgin-devel is signed with Red Hat redhatrelease2 key
  • pidgin-perl is earlier than 0:2.6.5-1.el5
  • AND pidgin-perl is signed with Red Hat redhatrelease2 key
    • BACK