www: a2128e76: Add the assigned CVE number for our late...
nosnilmot at pidgin.im
nosnilmot at pidgin.im
Sat Jan 1 21:30:52 EST 2011
----------------------------------------------------------------------
Revision: a2128e768f2652c256335d6bf6c4b384fd12e47e
Parent: 7a9d1ef3b4d4ef562a69271f453d82223f55ffc5
Author: nosnilmot at pidgin.im
Date: 01/01/11 21:26:18
Branch: im.pidgin.www
URL: http://d.pidgin.im/viewmtn/revision/info/a2128e768f2652c256335d6bf6c4b384fd12e47e
Changelog:
Add the assigned CVE number for our latest vulnerability
Changes against parent 7a9d1ef3b4d4ef562a69271f453d82223f55ffc5
patched htdocs/news/security/index.php
-------------- next part --------------
============================================================
--- htdocs/news/security/index.php cc50795dc2e302181fb0cb7a5982904c19c4af32
+++ htdocs/news/security/index.php 37813ebabeea1164e0a765e7a200cd4572c87e42
@@ -523,7 +523,7 @@ $vulnerabilities = array(
),
array(
"date" => "2010-12-26",
- "cve" => "pending",
+ "cve" => "CVE-2010-4528",
"summary" => "Remotely-triggered denial of service in MSN",
"description" => "It was discovered that libpurple 2.7.6 through 2.7.8 did not properly handle "short" packets in MSN direct connection sessions, leading to a crash due to a NULL pointer dereference. Malicious clients or users can exploit this to cause a denial of service (crash).",
"fix" => "Ignore short packets.",
More information about the Commits
mailing list