pidgin/pidgin

List three security vulnerability fixes in the ChangeLog.
release-2.x.y
2014-01-12, Mark Doliner
6bafdcde2b55
Parents 93d4bff19574
Children c03eefbf89a8
List three security vulnerability fixes in the ChangeLog.
Thanks to Fabian Yamaguchi and Christian Wressnegger for finding
all of these, and thanks to Daniel Atallah for fixing.

The fixes were committed in 23cbfff68a0c, ef836278304b, and 68d6df7dc69c.
1 files changed, 9 insertions(+), 0 deletions(-)
  • +9 -0
    ChangeLog
    • --- a/ChangeLog Sun Jan 12 22:51:33 2014 -0800
    +++ b/ChangeLog Sun Jan 12 23:29:51 2014 -0800
    @@ -49,6 +49,15 @@
    Cyrus SASL support. (#15517)
    MSN:
    + * Fix NULL pointer dereference parsing headers in MSN.
    + (Discovered by Fabian Yamaguchi and Christian Wressnegger of the
    + University of Goettingen) (CVE-2014-NNNN)
    + * Fix NULL pointer dereference parsing OIM data in MSN.
    + (Discovered by Fabian Yamaguchi and Christian Wressnegger of the
    + University of Goettingen) (CVE-2014-NNNN)
    + * Fix NULL pointer dereference parsing SOAP data in MSN.
    + (Discovered by Fabian Yamaguchi and Christian Wressnegger of the
    + University of Goettingen) (CVE-2014-NNNN)
    * Fix possible crash when sending very long messages. Not
    remotely-triggerable. (Discovered by Matt Jones, Volvent)