Oval Definition:oval:org.opensuse.security:def:57325
Revision Date:2020-12-01Version:1
Title:Security update for finch
Description:



The pidgin Instant Messenger has been updated to fix various security issues:

* CVE-2014-0020: Remotely triggerable crash in IRC argument parsing * CVE-2013-6490: Buffer overflow in SIMPLE header parsing * CVE-2013-6489: Buffer overflow in MXit emoticon parsing * CVE-2013-6487: Buffer overflow in Gadu-Gadu HTTP parsing * CVE-2013-6486: Pidgin uses clickable links to untrusted executables * CVE-2013-6485: Buffer overflow parsing chunked HTTP responses * CVE-2013-6484: Crash reading response from STUN server * CVE-2013-6483: XMPP doesn't verify 'from' on some iq replies * CVE-2013-6482: NULL pointer dereference parsing SOAP data in MSN * CVE-2013-6482: NULL pointer dereference parsing OIM data in MSN * CVE-2013-6482: NULL pointer dereference parsing headers in MSN * CVE-2013-6481: Remote crash reading Yahoo! P2P message * CVE-2013-6479: Remote crash parsing HTTP responses * CVE-2013-6478: Crash when hovering pointer over a long URL * CVE-2013-6477: Crash handling bad XMPP timestamp * CVE-2012-6152: Yahoo! remote crash from incorrect character encoding

Security Issue references:

* CVE-2014-0020 * CVE-2013-6490 * CVE-2013-6489 * CVE-2013-6487 * CVE-2013-6486 * CVE-2013-6485 * CVE-2013-6484 * CVE-2013-6483 * CVE-2013-6482 * CVE-2013-6481 * CVE-2013-6479 * CVE-2013-6478 * CVE-2013-6477 * CVE-2012-6152

Family:unixClass:patch
Status:Reference(s):1000662
1046853
1046858
1054979
1056058
1066242
1072322
1083125
1085447
1090368
1090646
1090869
1097356
1099498
1103098
1112039
1115245
1117751
1117776
1117951
1118460
1118462
1118463
1125623
1125666
1138301
1138303
1153161
1155089
1156334
1160163
1167231
1173576
1173613
843716
861019
CVE-2004-0801
CVE-2010-4267
CVE-2011-2697
CVE-2011-2722
CVE-2012-6152
CVE-2013-4276
CVE-2013-4325
CVE-2013-6402
CVE-2013-6427
CVE-2013-6477
CVE-2013-6478
CVE-2013-6479
CVE-2013-6481
CVE-2013-6482
CVE-2013-6483
CVE-2013-6484
CVE-2013-6485
CVE-2013-6486
CVE-2013-6487
CVE-2013-6489
CVE-2013-6490
CVE-2014-0020
CVE-2017-1002201
CVE-2017-10684
CVE-2017-10685
CVE-2017-13166
CVE-2017-14919
CVE-2017-15896
CVE-2017-3735
CVE-2017-3736
CVE-2017-3738
CVE-2018-1087
CVE-2018-18386
CVE-2018-18386
CVE-2018-19636
CVE-2018-19637
CVE-2018-19638
CVE-2018-19639
CVE-2018-19640
CVE-2018-5391
CVE-2018-5848
CVE-2018-8781
CVE-2018-8897
CVE-2019-10161
CVE-2019-10167
CVE-2019-15917
CVE-2019-17133
CVE-2020-12402
CVE-2020-12415
CVE-2020-12416
CVE-2020-12417
CVE-2020-12418
CVE-2020-12419
CVE-2020-12420
CVE-2020-12421
CVE-2020-12422
CVE-2020-12423
CVE-2020-12424
CVE-2020-12425
CVE-2020-12426
SUSE-SU-2017:1815-1
SUSE-SU-2018:0293-1
SUSE-SU-2018:1536-1
SUSE-SU-2019:1122-1
SUSE-SU-2019:1686-1
SUSE-SU-2019:2932-1
SUSE-SU-2019:3237-1
SUSE-SU-2020:0516-1
SUSE-SU-2020:1899-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • cups-2.2.7-lp150.1 is installed
  • OR cups-client-2.2.7-lp150.1 is installed
  • OR cups-config-2.2.7-lp150.1 is installed
  • OR libcups2-2.2.7-lp150.1 is installed
  • OR libcupscgi1-2.2.7-lp150.1 is installed
  • OR libcupsimage2-2.2.7-lp150.1 is installed
  • OR libcupsmime1-2.2.7-lp150.1 is installed
  • OR libcupsppdc1-2.2.7-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • nodejs10-10.16.0-lp151.2.3 is installed
  • OR nodejs10-devel-10.16.0-lp151.2.3 is installed
  • OR nodejs10-docs-10.16.0-lp151.2.3 is installed
  • OR npm10-10.16.0-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • finch-2.6.6-0.23 is installed
  • OR libpurple-2.6.6-0.23 is installed
  • OR libpurple-lang-2.6.6-0.23 is installed
  • OR libpurple-meanwhile-2.6.6-0.23 is installed
  • OR libpurple-tcl-2.6.6-0.23 is installed
  • OR pidgin-2.6.6-0.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_66-default-10-2 is installed
  • OR kgraft-patch-3_12_74-60_64_66-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_23-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • hplip-3.14.6-3 is installed
  • OR hplip-hpijs-3.14.6-3 is installed
  • OR hplip-sane-3.14.6-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • res-signingkeys-3.0.37-52.23 is installed
  • OR smt-3.0.37-52.23 is installed
  • OR smt-support-3.0.37-52.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_103-92_56-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_17-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_59-92_24-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_9-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libseccomp-2.4.1-11.3 is installed
  • OR libseccomp2-2.4.1-11.3 is installed
  • OR libseccomp2-32bit-2.4.1-11.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND axis-1.4-290.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libSoundTouch0-1.7.1-5.11 is installed
  • OR soundtouch-1.7.1-5.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND nodejs6-6.12.2-11.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND gdb-8.3.1-2.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND mailman-2.1.17-3.11 is installed
    • BACK