www: 8b8747e2: Add information about CVE-2009-1373
datallah at pidgin.im
datallah at pidgin.im
Thu May 21 23:25:51 EDT 2009
-----------------------------------------------------------------
Revision: 8b8747e20d4a4c559d185da8d17878d02d9b1741
Ancestor: a1dfc08b984df5f210df6ba536b862373842bec0
Author: datallah at pidgin.im
Date: 2009-05-22T03:10:11
Branch: im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/8b8747e20d4a4c559d185da8d17878d02d9b1741
Modified files:
htdocs/news/security/index.php
ChangeLog:
Add information about CVE-2009-1373
-------------- next part --------------
============================================================
--- htdocs/news/security/index.php c4ef4862c4b9c0a7daabd507381e276cd8b52003
+++ htdocs/news/security/index.php 98a3c94c6760d7d0be086b5b78f3f83298b64d94
@@ -313,10 +313,10 @@ $vulnerabilities = array(
"date" => "2 May 2009",
"cve" => "CVE-2009-1373",
"summary" => "Buffer overflow is possible when initiating file transfer to a malicious buddy over XMPP",
- "description" => "",
- "fix" => "",
+ "description" => "The XMPP SOCKS5 bytestream server was not correctly checking the bounds of a buffer when initiating an outgoing file transfer.",
+ "fix" => "The affected function has been patched to fix the vulnerability.",
"fixedversion" => "2.5.6",
- "discoveredby" => "Vercode"
+ "discoveredby" => "Veracode"
),
array(
"title" => "QQ remote DoS",
More information about the Commits
mailing list