oss-sec mailing list archives
Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Fri, 31 Dec 2010 12:54:48 +0530
On 12/27/2010 07:09 PM, Jan Lieskovsky wrote:
Hello Josh, Steve, vendors, Pidgin upstream has released the latest v2.7.9 version: [1] http://pidgin.im/pipermail/support/2010-December/009251.html addressing one security flaw in the MSN protocol: [2] http://pidgin.im/news/security/?id=49 Upstream changeset: [3] http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031
This has been assigned CVE-2010-4528 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Jan Lieskovsky (Dec 27)
- Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message Huzaifa Sidhpurwala (Dec 31)