www: 67f7be99: CVE has been issued.

markdoliner at pidgin.im markdoliner at pidgin.im
Mon Aug 22 03:10:32 EDT 2011

Revision: 67f7be9934ab304dd6265913313b38ea8805ab84
Parent:   7f8a3d7d20821dd9b9c39015f42cbcf7ab8ae7c5
Author:   markdoliner at pidgin.im
Date:     08/22/11 03:06:51
Branch:   im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/67f7be9934ab304dd6265913313b38ea8805ab84


CVE has been issued.

Changes against parent 7f8a3d7d20821dd9b9c39015f42cbcf7ab8ae7c5

  patched  htdocs/news/security/index.php

-------------- next part --------------
--- htdocs/news/security/index.php	d2ced480168b73802f82b0ef0da058de1bcde5b2
+++ htdocs/news/security/index.php	bbdd0af5fc0ce8855fbb11278f3b4e7a34fab361
@@ -567,7 +567,7 @@ $vulnerabilities = array(
 		"title"        => "Remote crash in IRC protocol plugin",
 		"date"         => "2011-08-20",
-		"cve"          => "",
+		"cve"          => "CVE-2011-2943",
 		"description"  => "Certain characters in the nicknames of IRC users can trigger a null pointer dereference in the IRC protocol plugin's handling of responses to WHO requests.  This can cause a crash on some operating systems.  Clients based on libpurple 2.8.0 through 2.9.0 are affected.",
 		"fix"          => "Change libpurple to validate the data it receives from the server before attempting to use it.",
 		"fixrevisions" => "5c2dba4a7e2e76b76e7f472b88953a4316706d43",

More information about the Commits mailing list