/pidgin/main: ed1f9a0c0979: I guess we should get a CVE for this?
Mark Doliner
mark at kingant.net
Tue Jan 28 10:38:11 EST 2014
Changeset: ed1f9a0c0979de8e1af1de7ad5dbbf747278d109
Author: Mark Doliner <mark at kingant.net>
Date: 2014-01-12 19:29 -0800
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/ed1f9a0c0979
Description:
I guess we should get a CVE for this?
diffstat:
ChangeLog | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diffs (22 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@ version 2.10.8:
Python 3. (Ashish Gupta) (#15624)
libpurple:
+ * Fix potential crash if libpurple gets an error attempting to read a
+ reply from a STUN server. (Discovered by Coverity static analysis)
+ (CVE-2014-NNNN)
* Fix buffer overflow when parsing a malformed HTTP response with
chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
(CVE-2014-NNNN)
@@ -14,8 +17,6 @@ version 2.10.8:
* Fix handling of SSL certificates without subjects when using libnss.
* Fix handling of SSL certificates with timestamps in the distant future
when using libnss. (#15586)
- * Fix potential crash if libpurple gets an error attempting to read a
- reply from a STUN server.
* Impose maximum download size for all HTTP fetches.
Pidgin:
More information about the Commits
mailing list