/pidgin/main: 3f04427974d7: Update CVE IDs for two of the Source...

[Mark Doliner]

Changeset: 3f04427974d71892ab71f94b29fb5c28c150b646
Author:	 Mark Doliner <mark at kingant.net>
Date:	 2014-01-23 22:43 -0800
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/3f04427974d7

Description:

Update CVE IDs for two of the Sourcefire vulnerabilities and give
credit to Thijs for the iq spoofing fix.

diffstat:

 ChangeLog |  8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diffs (29 lines):

diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -81,7 +81,7 @@ version 2.10.8 (1/28/2014):
 	MXit:
 	* Fix buffer overflow with remote code execution potential.
 	  (Discovered by Yves Younan and Pawel Janic of Sourcefire VRT)
-	  (CVE-2013-6487)
+	  (CVE-2013-6489)
 	* Fix sporadic crashes that can happen after user is disconnected.
 	* Fix crash when attempting to add a contact via search results.
 	* Show error message if file transfer fails.
@@ -93,13 +93,13 @@ version 2.10.8 (1/28/2014):
 
 	SIMPLE:
 	* Fix buffer overflow with remote code execution potential.
-	  (Discovered by Yves Younan of Sourcefire VRT) (CVE-2013-6487)
+	  (Discovered by Yves Younan of Sourcefire VRT) (CVE-2013-6490)
 
 	XMPP:
 	* Prevent spoofing of iq replies by verifying that the 'from' address
 	  matches the 'to' address of the iq request. (Discovered by Fabian
-	  Yamaguchi and Christian Wressnegger of the University of Goettingen)
-	  (CVE-2013-6483)
+	  Yamaguchi and Christian Wressnegger of the University of Goettingen,
+	  fixed by Thijs Alkemade) (CVE-2013-6483)
 	* Fix crash on some systems when receiving fake delay timestamps with
 	  extreme values. (Discovered by Jaime Breva Ribes) (CVE-2013-6477)
 	* Fix possible crash or other erratic behavior when selecting a very