--- a/htdocs/news/security/index.php Mon Jun 20 19:52:05 2016 -0500
+++ b/htdocs/news/security/index.php Mon Jun 20 20:21:54 2016 -0500
@@ -943,7 +943,187 @@
"fixrevisions" => "ea46ab68f0dc",
"fixedversion" => "2.10.10",
"discoveredby" => "Thijs Alkemade and Paul Aurich"
+ "title" => "X.509 Certificates Improperly Imported", + "date" => "2016-06-21", + "description" => "X.509 certificates may be improperly imported when using GnuTLS.", + "fix" => "Check return values from gnutls_x509_crt_init() and gnutls_x509_crt_import().", + "fixrevisions" => "d6fc1ce76ffe", + "fixedversion" => "2.11.0", + "discoveredby" => "Yuan Kang and Suman Jana from Columbia University and Baishakhi Ray from the University of Virginia" + "title" => "Pidgin MXIT read stage 0x3 Code Execution Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2376", + "description" => "A malicious server or man-in-the-middle could trigger a crash or potentially arbitrary code execution. (TALOS-CAN-0118)", + "fix" => "Verify the size from the packet.", + "fixrevisions" => "19f89eda8587", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT HTTP Content-Length Buffer Overflow Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2377", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0119)", + "fix" => "Use an unsigned integer.", + "fixrevisions" => "0f94ef13ab37", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT get_utf8_string Code Execution Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2378", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0120)", + "fix" => "Use correct data types.", + "fixrevisions" => "06278419c703", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "date" => "2016-06-21", + "cve" => "CVE 2016-2379", + "description" => "An attacker who eavesdrops on a Mxit session captures the user's hashed password. The hashed password can be re-used to login as that user. (TALOS-CAN-0122)", + "fix" => "N/A. This is a fundamental problem with the Mxit protocol.", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2380", + "description" => "A specially crafted local message (by the user or a plugin) could lead to the disclosure of 7 bytes to the server. (TALOS-CAN-0123)", + "fix" => "Check the length of the font tag.", + "fixrevisions" => "8172584fd640", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-4323", + "description" => "A malicious server or man-in-the-middle could trigger libpurple to overwrite a local file with the name and contents specified by the attacker. (TALOS-CAN-0128)", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Markup Command Denial of Service Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2365", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0133)", + "fix" => "Escape the provided filename before using it.", + "fixrevisions" => "5fa3f2bc69d7", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Table Command Denial of Service Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2366", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0134)", + "fix" => "Validate the data length. Use the correct data types.", + "fixrevisions" => "abdc3025f6b8", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Avatar Length Memory Disclosure Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2367", + "description" => "A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file. (TALOS-CAN-0135)", + "fix" => "Various changes to the chunk decoding.", + "fixrevisions" => "5e3601f8bde4,1c5197a66760,648f667a679c", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities", + "date" => "2016-06-21", + "cve" => "CVE 2016-2368", + "description" => "Data is copied without verifying that it was copied successfully. (TALOS-CAN-0136)", + "fix" => "Separate the handling of HTTP headers and body. Check the return value from g_vsnprintf().", + "fixrevisions" => "60f95045db42,f6efc254e947", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2369", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0137)", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Custom Resource Denial of Service Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2370", + "description" => "A malicious server or man-in-the-middle could trigger a crash. (TALOS-CAN-0138)", + "fix" => "Various changes to the chunk decoding.", + "fixrevisions" => "5e3601f8bde4,1c5197a66760,648f667a679c", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Extended Profiles Code Execution Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2371", + "description" => "A malicious server or man-in-the-middle could trigger a crash or potentially arbitrary code execution. (TALOS-CAN-0139)", + "fix" => "Check the field count before accessing fields.", + "fixrevisions" => "7b52ca213832", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2372", + "description" => "A malicious user, server, or man-in-the-middle could trigger a crash or unexpected writing of data from memory to file. (TALOS-CAN-0140)", + "fix" => "Various changes to the chunk decoding.", + "fixrevisions" => "5e3601f8bde4,1c5197a66760,648f667a679c", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Contact Mood Denial of Service Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2373", + "description" => "A malicious user, server, or man-in-the-middle could trigger a crash. (TALOS-CAN-0141)", + "fix" => "Validate the received value.", + "fixrevisions" => "e6159ad42c4c", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT MultiMX Message Code Execution Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2374", + "description" => "A malicious server or man-in-the-middle could trigger a crash or potentially arbitrary code execution. (TALOS-CAN-0142)", + "fix" => "Validate the incoming message format.", + "fixrevisions" => "f6c08d962618", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" + "title" => "Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability", + "date" => "2016-06-21", + "cve" => "CVE 2016-2375", + "description" => "A malicious server or man-in-the-middle could trigger a crash or disclosure of information from memory. TALOS-CAN-0143", + "fix" => "Validate the field and attribute counts.", + "fixrevisions" => "b786e9814536", + "fixedversion" => "2.11.0", + "discoveredby" => "Yves Younan of Cisco Talos" /* Template for the unfortunate future