pidgin/nest
Clone
Summary
Browse
Changes
Graph
Fix the date on the 2023 Q3 state of the bird
default
tip
3 weeks ago, Gary Kramlich
4a261d8e9db1
Fix the date on the 2023 Q3 state of the bird
Testing Done:
Eyeball tests.
Reviewed at https://reviews.imfreedom.org/r/2791/
---
title: cve-2010-0420-00
date: 2010-02-18T00:00:00.000Z
cveNumber: cve-2010-0420
summary: Finch XMPP MUC crash
discoveredBy: Sadrul Habib Chowdhury
fixedInRelease: 2.6.6
type: security
layout: cve
hidden: true
---
### Description
If a user in a multi-user chat room has a nickname containing '<br>' then
libpurple ends up having two users with username ' ' in the room, and Finch
crashes in this situation. We do not believe there is a possibility of remote
code execution.
### Mitigation
Correctly parse '<br>' so that it appears literally rather than as ' '.
