--- a/ChangeLog Mon Jan 13 22:26:26 2014 -0800
+++ b/ChangeLog Mon Jan 13 23:12:58 2014 -0800
@@ -9,6 +9,8 @@
* Fix potential crash if libpurple gets an error attempting to read a
reply from a STUN server. (Discovered by Coverity static analysis)
+ * Fix potential crash parsing a malformed HTTP response. (Discovered by + Jacob Appelbaum of the Tor Project) (CVE-2014-NNNN) * Fix buffer overflow when parsing a malformed HTTP response with
chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)