OVAL Reference oval:org.mitre.oval:def:22740

Oval Definition:

oval:org.mitre.oval:def:22740

Revision Date:	2014-05-26	Version:	25
Title:	ELSA-2008:1023: pidgin security and bug fix update (Moderate)
Description:	The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2008-2955 CVE-2008-2957 CVE-2008-3532 ELSA-2008:1023-01
Platform(s):	Oracle Linux 5	Product(s):	pidgin
Definition Synopsis
Oracle Linux 5.x AND rpm test finch is earlier than 0:2.5.2-6.el5 OR libpurple-perl is earlier than 0:2.5.2-6.el5 OR libpurple is earlier than 0:2.5.2-6.el5 OR pidgin is earlier than 0:2.5.2-6.el5 OR pidgin-docs is earlier than 0:2.5.2-6.el5 OR pidgin-perl is earlier than 0:2.5.2-6.el5 OR pidgin-devel is earlier than 0:2.5.2-6.el5 OR libpurple-devel is earlier than 0:2.5.2-6.el5 OR finch-devel is earlier than 0:2.5.2-6.el5 OR libpurple-tcl is earlier than 0:2.5.2-6.el5