/pidgin/main: 635339ce6bf7: ChangeLog the IRC fix.
Mark Doliner
mark at kingant.net
Tue Jan 28 10:38:13 EST 2014
Changeset: 635339ce6bf70c7049625fa94067d851e7a7687c
Author: Mark Doliner <mark at kingant.net>
Date: 2014-01-18 10:25 -0800
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/635339ce6bf7
Description:
ChangeLog the IRC fix.
diffstat:
ChangeLog | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diffs (13 lines):
diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -56,6 +56,9 @@ version 2.10.8:
functions are available using official Gadu-Gadu website.
IRC:
+ * Fix bug where a malicious server or man-in-the-middle could trigger
+ a crash by not sending enough arguments with various messages.
+ (Discovered by Daniel Atallah) (CVE-2014-0020)
* Fix bug where initial IRC status would not be set correctly.
* Fix bug where IRC wasn't available when libpurple was compiled with
Cyrus SASL support. (#15517)
More information about the Commits
mailing list