Remote crashes being fixed in 2.6.2
Mark Doliner
mark at kingant.net
Thu Sep 3 16:08:52 EDT 2009
I added all five newish issues to the top of
http://pidgin.im/news/security/ They all have a link to the mtn
revision that fixes the bug. From there you can click "diff" on the
"oldrevision" line then follow the "raw diff" link. ViewMTN tends to
give "internal server error" maybe 4 out of 5 times... but it'll work
eventually if you keep refreshing.
On Thu, Sep 3, 2009 at 9:33 AM, Warren Togami<wtogami at redhat.com> wrote:
> On 09/03/2009 11:53 AM, Paul Aurich wrote:
>>
>> Per Warren's request, this is a list of remote crashes being fixed in
>> 2.6.2. The XMPP crash, at the least, probably impacts everything back to
>> and including 2.5.2 (when that support was added). I don't know about
>> the others.
>>
>> * XMPP crash when receiving a message with a custom smiley from a client
>> that doesn't actually support custom smileys.
>>
>> http://developer.pidgin.im/viewmtn/revision/info/fd5955618eddcd84d522b30ff11102f9601f38c8
>>
>> * MSN #10159 - Crash from users of the KMess 2.1dev client.
>> * MSN #10048.
>
> They want to know if these are only exploitable by people on your buddy list
> by default?
I'm not 100% sure, but I suspect:
* The XMPP crash only happens after we send an IM to someone
* Both MSN bugs are exploitable by people not on your buddy list
-Mark
More information about the Packagers
mailing list