pidgin/nest

Re-format security advisories.

7 months ago, Elliott Sales de Andrade
c83367e9b2db
Parents 4c756e9ef73b
Children acee48e20a1e
Re-format security advisories.

Mostly adding code styling in a few places, and wrapping paragraphs.

Testing Done:
Checked a few pages on hugo.

Reviewed at https://reviews.imfreedom.org/r/494/
  • +1 -2
    hugo/content/about/security/advisories/cve-2004-0500-00.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2004-0754-00.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2004-0784-00.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2004-0785-00.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2004-0785-01.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2004-0785-02.md
  • +5 -3
    hugo/content/about/security/advisories/cve-2004-0891-00.md
  • +2 -2
    hugo/content/about/security/advisories/cve-2005-0208-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2005-0472-00.md
  • +2 -2
    hugo/content/about/security/advisories/cve-2005-0473-00.md
  • +4 -2
    hugo/content/about/security/advisories/cve-2005-0965-00.md
  • +11 -3
    hugo/content/about/security/advisories/cve-2005-0966-00.md
  • +2 -2
    hugo/content/about/security/advisories/cve-2005-0967-00.md
  • +4 -2
    hugo/content/about/security/advisories/cve-2005-1261-00.md
  • +4 -3
    hugo/content/about/security/advisories/cve-2005-1262-00.md
  • +4 -3
    hugo/content/about/security/advisories/cve-2005-1269-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2005-1934-00.md
  • +4 -2
    hugo/content/about/security/advisories/cve-2005-2102-00.md
  • +4 -3
    hugo/content/about/security/advisories/cve-2005-2103-00.md
  • +6 -3
    hugo/content/about/security/advisories/cve-2005-2370-00.md
  • +7 -3
    hugo/content/about/security/advisories/cve-2007-4996-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2007-4999-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2008-2927-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2008-2955-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2008-2957-00.md
  • +3 -2
    hugo/content/about/security/advisories/cve-2008-3532-00.md
  • +2 -2
    hugo/content/about/security/advisories/cve-2016-2375-00.md
  • +0 -1
    hugo/content/about/security/advisories/cve-2017-2640-00.md
  • --- a/hugo/content/about/security/advisories/cve-2004-0500-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0500-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -13,11 +13,10 @@
    ### Description
    In two places in the MSN protocol plugins (`object.c` and `slp.c`), `strncpy`
    -was used incorrectly; The size of the array was not checked before copying to
    +was used incorrectly. The size of the array was not checked before copying to
    it. Both bugs affect MSN's MSNSLP protocol, which is peer-to-peer, so this
    could potentially be easy to exploit.
    ### Mitigation
    Bounds checking was added in both places.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0754-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0754-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -29,4 +29,3 @@
    ### Mitigation
    Bounds checking was added.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0784-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0784-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -22,4 +22,3 @@
    ### Mitigation
    Filenames are now escaped using `g_shell_quote()`.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0785-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0785-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -19,4 +19,3 @@
    ### Mitigation
    A check to make sure the source string is shorter than 2048 bytes is performed.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0785-01.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0785-01.md Fri Feb 12 01:55:54 2021 -0600
    @@ -23,4 +23,3 @@
    The calls to copy the hostname were replaced with calls that check the length
    of the destination buffer.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0785-02.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0785-02.md Fri Feb 12 01:55:54 2021 -0600
    @@ -18,4 +18,3 @@
    ### Mitigation
    Added bounds checking to the two loops.
    -
    --- a/hugo/content/about/security/advisories/cve-2004-0891-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2004-0891-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,11 @@
    ### Description
    -Buffer overflow. memcpy was used without checking the size of the buffer before copying to it. Additionally, a logic flaw was causing the wrong buffer to be used as the destination for the copy under certain circumstances.
    +Buffer overflow. `memcpy` was used without checking the size of the buffer
    +before copying to it. Additionally, a logic flaw was causing the wrong buffer
    +to be used as the destination for the copy under certain circumstances.
    ### Mitigation
    -Correct the logic to select the correct buffer, and add bounds checking to prevent malformed messages causing a buffer overflow.
    -
    +Correct the logic to select the correct buffer, and add bounds checking to
    +prevent malformed messages causing a buffer overflow.
    --- a/hugo/content/about/security/advisories/cve-2005-0208-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0208-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,9 @@
    ### Description
    -Remote crash. Receiving malformed HTML can result in an invalid memory access causing Gaim to crash.
    +Remote crash. Receiving malformed HTML can result in an invalid memory access
    +causing Gaim to crash.
    ### Mitigation
    The HTML parsing functions were modified to correctly parse the malformed HTML.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-0472-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0472-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an infinite loop in Gaim when parsing the SNAC. The remote user would need a custom client, able to generate malformed SNACs.
    +Certain malformed SNAC packets sent by other AIM or ICQ users can trigger an
    +infinite loop in Gaim when parsing the SNAC. The remote user would need a
    +custom client, able to generate malformed SNACs.
    ### Mitigation
    The OSCAR protocol plugin was modified to drop these malformed packets.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-0473-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0473-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,9 @@
    ### Description
    -Remote crash. Receiving malformed HTML can result in an invalid memory access causing Gaim to crash.
    +Remote crash. Receiving malformed HTML can result in an invalid memory access
    +causing Gaim to crash.
    ### Mitigation
    The HTML parsing functions were modified to correctly parse the malformed HTML.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-0965-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0965-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,10 +12,12 @@
    ### Description
    -The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read.
    +The `gaim_markup_strip_html` function in Gaim 1.2.0, and possibly earlier
    +versions, allows remote attackers to cause a denial of service (application
    +crash) via a string that contains malformed HTML, which causes an out-of-bounds
    +read.
    ### Mitigation
    The function was changed to not allow the out-of-bounds read.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-0966-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0966-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,17 @@
    ### Description
    -The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions.
    +The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows:
    +
    +1. remote attackers to inject arbitrary Gaim markup via `irc_msg_kick`,
    +`irc_msg_mode`, `irc_msg_part`, `irc_msg_quit`,
    +2. remote attackers to inject arbitrary Pango markup and pop up empty dialog
    + boxes via `irc_msg_invite`, or
    +3. malicious IRC servers to cause a denial of service (application crash) by
    + injecting certain Pango markup into `irc_msg_badmode`, `irc_msg_banned`,
    + `irc_msg_unknown`, `irc_msg_nochan` functions.
    ### Mitigation
    -The IRC protocol plugin was modified to escape appropriate messages passed to the Gaim core.
    -
    +The IRC protocol plugin was modified to escape appropriate messages passed to
    +the Gaim core.
    --- a/hugo/content/about/security/advisories/cve-2005-0967-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-0967-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,9 @@
    ### Description
    -Sending a Gaim Jabber user a certain invalid file transfer request triggers an out-of-bounds read which causes Gaim to crash.
    +Sending a Gaim Jabber user a certain invalid file transfer request triggers an
    +out-of-bounds read which causes Gaim to crash.
    ### Mitigation
    The invalid file transfer request is ignored.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-1261-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-1261-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,11 @@
    ### Description
    -It is possible for a remote user to overflow a static buffer by sending an IM containing a very large URL (greater than 8192 bytes) to the Gaim user. This is not possible on all protocols, due to message length restrictions. Jabber are SILC are known to be vulnerable.
    +It is possible for a remote user to overflow a static buffer by sending an IM
    +containing a very large URL (greater than 8192 bytes) to the Gaim user. This is
    +not possible on all protocols, due to message length restrictions. Jabber are
    +SILC are known to be vulnerable.
    ### Mitigation
    The URL parsing function was modified to not use a static buffer.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-1262-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-1262-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -Potential remote denial of service bug resulting from not checking a pointer for non-NULL before passing it to strncmp, which results in a crash. This can be triggered by a remote client sending an SLP message with an empty body.
    +Potential remote denial of service bug resulting from not checking a pointer
    +for non-`NULL` before passing it to strncmp, which results in a crash. This can
    +be triggered by a remote client sending an SLP message with an empty body.
    ### Mitigation
    -Check for NULL before attempting to use the pointer.
    -
    +Check for `NULL` before attempting to use the pointer.
    --- a/hugo/content/about/security/advisories/cve-2005-1269-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-1269-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -Remove denial of service when being offered files with names containing non-ASCII characters.
    +Remove denial of service when being offered files with names containing
    +non-ASCII characters.
    ### Mitigation
    -Attempt to convert the file name to a usable encoding, or fail gracefully in the case of an invalid file name.
    -
    +Attempt to convert the file name to a usable encoding, or fail gracefully in
    +the case of an invalid file name.
    --- a/hugo/content/about/security/advisories/cve-2005-1934-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-1934-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -Remote attackers can cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
    +Remote attackers can cause a denial of service (crash) via a malformed MSN
    +message that leads to a memory allocation of a large size, possibly due to an
    +integer signedness error.
    ### Mitigation
    Added a check for the invalid message.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-2102-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-2102-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,11 @@
    ### Description
    -A remote user could cause Gaim to crash on some systems by sending the Gaim user a file whose filename contains certain invalid characters. It is unknown what combination of systems are affected, but it is suspected that Windows users and systems with older versions of GTK+ are especially susceptible.
    +A remote user could cause Gaim to crash on some systems by sending the Gaim
    +user a file whose filename contains certain invalid characters. It is unknown
    +what combination of systems are affected, but it is suspected that Windows
    +users and systems with older versions of GTK are especially susceptible.
    ### Mitigation
    The filename is validated as UTF-8 before Gaim attemps to display it.
    -
    --- a/hugo/content/about/security/advisories/cve-2005-2103-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-2103-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -A remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (such as %t or %n).
    +A remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away
    +message containing many AIM substitution strings (such as `%t` or `%n`).
    ### Mitigation
    -The substitution function was modified to use a dynamic buffer instead of one with a fixed size.
    -
    +The substitution function was modified to use a dynamic buffer instead of one
    +with a fixed size.
    --- a/hugo/content/about/security/advisories/cve-2005-2370-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2005-2370-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,12 @@
    ### Description
    -There was a memory alignment bug in the library Gaim uses to access the Gadu-Gadu network. This bug can not be exploited on x86 architectures. This bug was recently fixed in the libgadu library, but also needed to be fixed in Gaim because Gaim includes a copy of the libgadu library.
    +There was a memory alignment bug in the library Gaim uses to access the
    +Gadu-Gadu network. This bug can not be exploited on x86 architectures. This bug
    +was recently fixed in the libgadu library, but also needed to be fixed in Gaim
    +because Gaim includes a copy of the libgadu library.
    ### Mitigation
    -The vulnerable section of code was modified to work correctly on all architectures.
    -
    +The vulnerable section of code was modified to work correctly on all
    +architectures.
    --- a/hugo/content/about/security/advisories/cve-2007-4996-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2007-4996-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,13 @@
    ### Description
    -A remote MSN user that is not on the buddy list can cause a denial of service (crash) by sending a nudge message. The protocol plugin attempts to look up the buddy's information and accesses an invalid memory location if the user is not on the buddy list. This only affects libpurple version 2.2.0, older versions are not affected.
    +A remote MSN user that is not on the buddy list can cause a denial of service
    +(crash) by sending a nudge message. The protocol plugin attempts to look up the
    +buddy's information and accesses an invalid memory location if the user is not
    +on the buddy list. This only affects libpurple version 2.2.0, older versions
    +are not affected.
    ### Mitigation
    -The nudge functionality in the MSN protocol has been rewritten to avoid an unnecessary lookup of buddy information.
    -
    +The nudge functionality in the MSN protocol has been rewritten to avoid an
    +unnecessary lookup of buddy information.
    --- a/hugo/content/about/security/advisories/cve-2007-4999-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2007-4999-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -A remote user can cause a denial of service (crash) by sending a message with invalid HTML. It is believed that this crash can be triggered only when using HTML logging.
    +A remote user can cause a denial of service (crash) by sending a message with
    +invalid HTML. It is believed that this crash can be triggered only when using
    +HTML logging.
    ### Mitigation
    The affected function has been patched to fix the vulnerability.
    -
    --- a/hugo/content/about/security/advisories/cve-2008-2927-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2008-2927-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in libpurple allow remote attackers to execute arbitrary code via a malformed SLP message.
    +Multiple integer overflows in the `msn_slplink_process_msg` functions in the
    +MSN protocol handler in libpurple allow remote attackers to execute arbitrary
    +code via a malformed SLP message.
    ### Mitigation
    The affected function has been patched to fix the vulnerability.
    -
    --- a/hugo/content/about/security/advisories/cve-2008-2955-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2008-2955-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -A remote MSN user can cause a denial of service (crash) by sending a file with a file with a filename containing invalid characters. The local user must then accept the file transfer to trigger a double-free.
    +A remote MSN user can cause a denial of service (crash) by sending a file with
    +a file with a filename containing invalid characters. The local user must then
    +accept the file transfer to trigger a double-free.
    ### Mitigation
    A fix was applied to ensure that the double-free didn't occur.
    -
    --- a/hugo/content/about/security/advisories/cve-2008-2957-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2008-2957-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -The UPnP functionality in libpurple allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
    +The UPnP functionality in libpurple allows remote attackers to trigger the
    +download of arbitrary files and cause a denial of service (memory or disk
    +consumption) via a UDP packet that specifies an arbitrary URL.
    ### Mitigation
    UPnP related downloads are limited to 128kB.
    -
    --- a/hugo/content/about/security/advisories/cve-2008-3532-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2008-3532-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -12,9 +12,10 @@
    ### Description
    -The NSS SSL implementation in libpurple does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.
    +The NSS SSL implementation in libpurple does not verify SSL certificates, which
    +makes it easier for remote attackers to trick a user into accepting an invalid
    +server certificate for a spoofed service.
    ### Mitigation
    SSL/TLS Certificates are now verified in the NSS implementation in libpurple.
    -
    --- a/hugo/content/about/security/advisories/cve-2016-2375-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2016-2375-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -13,9 +13,9 @@
    ### Description
    -A malicious server or man-in-the-middle could trigger a crash or disclosure of information from memory.
    +A malicious server or man-in-the-middle could trigger a crash or disclosure of
    +information from memory.
    ### Mitigation
    Validate the field and attribute counts.
    -
    --- a/hugo/content/about/security/advisories/cve-2017-2640-00.md Thu Feb 11 02:56:40 2021 -0600
    +++ b/hugo/content/about/security/advisories/cve-2017-2640-00.md Fri Feb 12 01:55:54 2021 -0600
    @@ -18,4 +18,3 @@
    ### Mitigation
    Only decode HTML entities that are well formed.
    -