pidgin/pidgin

Add a line for datallah's cd529e1158d3.
release-2.x.y
2014-01-13, Mark Doliner
57da02a6ff77
Parents 6cbf33689402
Children 2bb66ef1475e
Add a line for datallah's cd529e1158d3.

There's already a line in here for setting the max http fetch size
(added to ChangeLog in 0b8bec51e84b), but we should mention the
CVE, too.
1 files changed, 2 insertions(+), 0 deletions(-)
  • +2 -0
    ChangeLog
    • --- a/ChangeLog Mon Jan 13 22:26:26 2014 -0800
    +++ b/ChangeLog Mon Jan 13 23:12:58 2014 -0800
    @@ -9,6 +9,8 @@
    * Fix potential crash if libpurple gets an error attempting to read a
    reply from a STUN server. (Discovered by Coverity static analysis)
    (CVE-2014-NNNN)
    + * Fix potential crash parsing a malformed HTTP response. (Discovered by
    + Jacob Appelbaum of the Tor Project) (CVE-2014-NNNN)
    * Fix buffer overflow when parsing a malformed HTTP response with
    chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
    (CVE-2014-NNNN)