www: 710a967a: Revise the text.
rekkanoryo at pidgin.im
rekkanoryo at pidgin.im
Thu May 13 01:16:28 EDT 2010
-----------------------------------------------------------------
Revision: 710a967a7e7d4f53f20463df82b46a20d3015ce5
Ancestor: 4288de09be2a049c02709c0e256ed83b2db3f747
Author: rekkanoryo at pidgin.im
Date: 2010-05-12T13:46:45
Branch: im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/710a967a7e7d4f53f20463df82b46a20d3015ce5
Modified files:
htdocs/news/security/index.php
ChangeLog:
Revise the text.
-------------- next part --------------
============================================================
--- htdocs/news/security/index.php d52f0eb798a01132cf07e423c383b8777359f03b
+++ htdocs/news/security/index.php a7577041c02562aa7ae93dce6f75837a19c986fc
@@ -493,7 +493,7 @@ $vulnerabilities = array(
"date" => "2010-05-12",
"cve" => "",
"summary" => "Libpurple clients can crash due to malformed SLP message",
- "description" => "A vulnerability was discovered in libpurple's MSN protocol plugin that can cause a denial of service (crash) due to insufficient validation of certain SLP packets related to custom emoticons. An attacker could use this vulnerability to remotely crash a client using libpurple for MSN. It is not possible for this vulnerability to be exploited for code execution.",
+ "description" => "A vulnerability was discovered in libpurple's MSN protocol plugin that can cause a denial of service (crash) due to insufficient validation of certain SLP packets related to custom emoticons. An attacker could use this vulnerability to remotely crash a client using libpurple for MSN. It is not possible for this vulnerability to be exploited for code execution. As a workaround, disabling custom emoticons on MSN accounts will prevent the vulnerability.",
"fix" => "Validation has been added to the MSN plugin to prevent the crash.",
"fixrevisions" => "894460d22c434e73d60b71ec031611988e687c8b",
"fixedversion" => "2.7.0",
More information about the Commits
mailing list