| Description: | Updated pidgin packages that fix several security issues are now availablefor Red Hat Enterprise Linux 4 and 5.This update has been rated as having important security impact by the RedHat Security Response Team.Pidgin is an instant messaging program which can log in to multipleaccounts on multiple instant messaging networks simultaneously.A buffer overflow flaw was found in the way Pidgin initiates file transferswhen using the Extensible Messaging and Presence Protocol (XMPP). If aPidgin client initiates a file transfer, and the remote target sends amalformed response, it could cause Pidgin to crash or, potentially, executearbitrary code with the permissions of the user running Pidgin. This flawonly affects accounts using XMPP, such as Jabber and Google Talk.(CVE-2009-1373) |