pidgin/nest

Add all cve advisories from 2012

2021-02-13, Sorvival
be3fd81e6f2b
Parents 56acee7044a0
Children 0ec2c139628a
Add all cve advisories from 2012

Testing Done:
Built locally with `dev-server.sh` and verified contents of advisories added

Bugs closed: NEST-43

Reviewed at https://reviews.imfreedom.org/r/510/
1 files changed, 23 insertions(+), 0 deletions(-)
  • +23 -0
    hugo/content/about/security/advisories/cve-2012-6152-00.md
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/hugo/content/about/security/advisories/cve-2012-6152-00.md Sat Feb 13 20:12:39 2021 -0600
    @@ -0,0 +1,23 @@
    +---
    +title: cve-2012-6152-00
    +date: 2012-01-28T00:00:00.000Z
    +cveNumber: cve-2012-6152
    +summary: Yahoo! remote crash from incorrect character encoding
    +discoveredBy: Thijs Alkemade and Robert Vehse
    +fixedInRelease: 2.10.8
    +type: security
    +layout: cve
    +hidden: true
    +---
    +
    +### Description
    +
    +Many places in the Yahoo! protocol plugin assumed incoming strings were UTF-8
    +and failed to transcode from non-UTF-8 encodings. This can lead to a crash when
    +receiving strings that aren't UTF-8.
    +
    +### Mitigation
    +
    +Depending on the context, either validate that a string is UTF-8 or transcode
    +the string from the appropriate encoding to UTF-8.
    +