Oval Definition:oval:org.mitre.oval:def:29110
Revision Date:2015-08-17Version:9
Title:RHSA-2009:1060 -- pidgin security update (Important)
Description:Updated pidgin packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5.This update has been rated as having important security impact by the RedHat Security Response Team.Pidgin is an instant messaging program which can log in to multipleaccounts on multiple instant messaging networks simultaneously.A buffer overflow flaw was found in the way Pidgin initiates file transferswhen using the Extensible Messaging and Presence Protocol (XMPP). If aPidgin client initiates a file transfer, and the remote target sends amalformed response, it could cause Pidgin to crash or, potentially, executearbitrary code with the permissions of the user running Pidgin. This flawonly affects accounts using XMPP, such as Jabber and Google Talk.(CVE-2009-1373)
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2009:1060-CentOS 5
CVE-2009-1373
CVE-2009-1374
CVE-2009-1375
CVE-2009-1376
RHSA-2009:1060
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):pidgin
Definition Synopsis
  • Red Hat Enterprise Linux 5 and CentOS Linux 5 release section
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages match section
  • finch-devel is earlier than 0:2.5.5-3.el5
  • OR libpurple-devel is earlier than 0:2.5.5-3.el5
  • OR pidgin-devel is earlier than 0:2.5.5-3.el5
  • OR finch is earlier than 0:2.5.5-3.el5
  • OR libpurple is earlier than 0:2.5.5-3.el5
  • OR libpurple-perl is earlier than 0:2.5.5-3.el5
  • OR libpurple-tcl is earlier than 0:2.5.5-3.el5
  • OR pidgin is earlier than 0:2.5.5-3.el5
  • OR pidgin-perl is earlier than 0:2.5.5-3.el5
  • Red Hat Enterprise Linux 4 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • AND Packages match section
  • finch is earlier than 0:2.5.5-2.el4
  • OR finch-devel is earlier than 0:2.5.5-2.el4
  • OR libpurple is earlier than 0:2.5.5-2.el4
  • OR libpurple-devel is earlier than 0:2.5.5-2.el4
  • OR libpurple-perl is earlier than 0:2.5.5-2.el4
  • OR libpurple-tcl is earlier than 0:2.5.5-2.el4
  • OR pidgin is earlier than 0:2.5.5-2.el4
  • OR pidgin-devel is earlier than 0:2.5.5-2.el4
  • OR pidgin-perl is earlier than 0:2.5.5-2.el4
  • BACK