www: fc6b40a0: Add the oscar thing to the security page

markdoliner at pidgin.im markdoliner at pidgin.im
Wed Jul 21 12:33:58 EDT 2010


----------------------------------------------------------------------
Revision: fc6b40a092b290e84774dc2eec4a5687ad3a2b58
Parent:   14f319723296ff18e9e7f4134eb902be4c88104f
Author:   markdoliner at pidgin.im
Date:     07/21/10 12:27:35
Branch:   im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/fc6b40a092b290e84774dc2eec4a5687ad3a2b58

Changelog: 

Add the oscar thing to the security page

Changes against parent 14f319723296ff18e9e7f4134eb902be4c88104f

  patched  htdocs/news/security/index.php

-------------- next part --------------
============================================================
--- htdocs/news/security/index.php	f623910b5518ccc1c0a34ace083548cbc908ea8f
+++ htdocs/news/security/index.php	52d644ef64357affee2d8dc941da8c3d944ef020
@@ -498,6 +498,17 @@ $vulnerabilities = array(
 		"fixrevisions" => "894460d22c434e73d60b71ec031611988e687c8b",
 		"fixedversion" => "2.7.0",
 		"discoveredby" => "Pierre Nogu?s of Meta Security"
+	),
+	array(
+		"title"        => "ICQ X-Status denial of service",
+		"date"         => "2010-07-21",
+		"cve"          => "CVE-2010-2528",
+		"summary"      => "libpurple clients can crash due to malformed X-Status messages",
+		"description"  => "Certainly incorrectly formed X-Status messages can cause libpurple to attempt to dereference a NULL pointer, which triggers a crash.",
+		"fix"          => "Improve the parsing of the X-Status message to be more robust",
+		"fixrevisions" => "8e8ff246492e45af8f8d0808296d6f2906794dc0",
+		"fixedversion" => "2.7.2",
+		"discoveredby" => "Mark Doliner"
 	)
 );
 /*	Template for the unfortunate future


More information about the Commits mailing list