www: 67f7be99: CVE has been issued.
markdoliner at pidgin.im
markdoliner at pidgin.im
Mon Aug 22 03:10:32 EDT 2011
----------------------------------------------------------------------
Revision: 67f7be9934ab304dd6265913313b38ea8805ab84
Parent: 7f8a3d7d20821dd9b9c39015f42cbcf7ab8ae7c5
Author: markdoliner at pidgin.im
Date: 08/22/11 03:06:51
Branch: im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/67f7be9934ab304dd6265913313b38ea8805ab84
Changelog:
CVE has been issued.
Changes against parent 7f8a3d7d20821dd9b9c39015f42cbcf7ab8ae7c5
patched htdocs/news/security/index.php
-------------- next part --------------
============================================================
--- htdocs/news/security/index.php d2ced480168b73802f82b0ef0da058de1bcde5b2
+++ htdocs/news/security/index.php bbdd0af5fc0ce8855fbb11278f3b4e7a34fab361
@@ -567,7 +567,7 @@ $vulnerabilities = array(
array(
"title" => "Remote crash in IRC protocol plugin",
"date" => "2011-08-20",
- "cve" => "",
+ "cve" => "CVE-2011-2943",
"description" => "Certain characters in the nicknames of IRC users can trigger a null pointer dereference in the IRC protocol plugin's handling of responses to WHO requests. This can cause a crash on some operating systems. Clients based on libpurple 2.8.0 through 2.9.0 are affected.",
"fix" => "Change libpurple to validate the data it receives from the server before attempting to use it.",
"fixrevisions" => "5c2dba4a7e2e76b76e7f472b88953a4316706d43",
More information about the Commits
mailing list