| Description: | Updated pidgin packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5.This update has been rated as having moderate security impact by the RedHat Security Response Team.Pidgin is an instant messaging program which can log in to multipleaccounts on multiple instant messaging networks simultaneously. Info/Query(IQ) is an Extensible Messaging and Presence Protocol (XMPP) specificrequest-response mechanism.A NULL pointer dereference flaw was found in the way the Pidgin XMPPprotocol plug-in processes IQ error responses when trying to fetch a customsmiley. A remote client could send a specially-crafted IQ error responsethat would crash Pidgin. (CVE-2009-3085) |