Oval Definition:oval:org.mitre.oval:def:25961
Revision Date:2014-09-08Version:5
Title:SUSE-SU-2013:0388-1 -- Security update for pidgin
Description:idgin was updated to fix 4 security issues: * Fixed a crash when receiving UPnP responses withabnormally long values. (CVE-2013-0274, bnc#804742) * Fixed a crash in Sametime protocol when a maliciousserver sends us an abnormally long user ID. (CVE-2013-0273,bnc#804742) * Fixed a bug where the MXit server or aman-in-the-middle could potentially send specially crafteddata that could overflow a buffer and lead to a crash orremote code execution.(CVE-2013-0272, bnc#804742) * Fixed a bug where a remote MXit user could possiblyspecify a local file path to be written to. (CVE-2013-0271,bnc#804742)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2013-0271
CVE-2013-0272
CVE-2013-0273
CVE-2013-0274
SUSE-SU-2013:0388-1
Platform(s):SUSE Linux Enterprise Desktop 10
SUSE Linux Enterprise Desktop 11
Product(s):pidgin
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 release section
  • SUSE Linux Enterprise Desktop 11.x is installed
  • AND Packages match section
  • finch RPM is earlier than 0:2.6.6-0.19.1
  • OR libpurple RPM is earlier than 0:2.6.6-0.19.1
  • OR libpurple-lang RPM is earlier than 0:2.6.6-0.19.1
  • OR libpurple-meanwhile RPM is earlier than 0:2.6.6-0.19.1
  • OR libpurple-tcl RPM is earlier than 0:2.6.6-0.19.1
  • OR pidgin RPM is earlier than 0:2.6.6-0.19.1
  • SUSE Linux Enterprise Desktop 10 release section
  • SUSE Linux Enterprise Desktop 10 is installed
  • AND Packages match section
  • finch RPM is earlier than 0:2.6.6-0.20.1
  • OR libpurple RPM is earlier than 0:2.6.6-0.20.1
  • OR pidgin RPM is earlier than 0:2.6.6-0.20.1
    • BACK