/pidgin/main: 57da02a6ff77: Add a line for datallah's cd529e1158d3.
Mark Doliner
mark at kingant.net
Tue Jan 28 10:38:12 EST 2014
Changeset: 57da02a6ff77337aec22d31e6c594fe18f00e1d8
Author: Mark Doliner <mark at kingant.net>
Date: 2014-01-13 23:12 -0800
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/57da02a6ff77
Description:
Add a line for datallah's cd529e1158d3.
There's already a line in here for setting the max http fetch size
(added to ChangeLog in 0b8bec51e84b), but we should mention the
CVE, too.
diffstat:
ChangeLog | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diffs (12 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,8 @@ version 2.10.8:
* Fix potential crash if libpurple gets an error attempting to read a
reply from a STUN server. (Discovered by Coverity static analysis)
(CVE-2014-NNNN)
+ * Fix potential crash parsing a malformed HTTP response. (Discovered by
+ Jacob Appelbaum of the Tor Project) (CVE-2014-NNNN)
* Fix buffer overflow when parsing a malformed HTTP response with
chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
(CVE-2014-NNNN)
More information about the Commits
mailing list