/pidgin/main: 57da02a6ff77: Add a line for datallah's cd529e1158d3.

Mark Doliner mark at kingant.net
Tue Jan 28 10:38:12 EST 2014


Changeset: 57da02a6ff77337aec22d31e6c594fe18f00e1d8
Author:	 Mark Doliner <mark at kingant.net>
Date:	 2014-01-13 23:12 -0800
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/57da02a6ff77

Description:

Add a line for datallah's cd529e1158d3.

There's already a line in here for setting the max http fetch size
(added to ChangeLog in 0b8bec51e84b), but we should mention the
CVE, too.

diffstat:

 ChangeLog |  2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diffs (12 lines):

diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,8 @@ version 2.10.8:
 	* Fix potential crash if libpurple gets an error attempting to read a
 	  reply from a STUN server. (Discovered by Coverity static analysis)
 	  (CVE-2014-NNNN)
+	* Fix potential crash parsing a malformed HTTP response. (Discovered by
+	  Jacob Appelbaum of the Tor Project) (CVE-2014-NNNN)
 	* Fix buffer overflow when parsing a malformed HTTP response with
 	  chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
 	  (CVE-2014-NNNN)



More information about the Commits mailing list