Remote crash in Finch

Tomas Hoger thoger at
Wed Feb 10 11:05:15 EST 2010

Hi Sadrul!

On Tue, 9 Feb 2010 22:11:10 -0500 Sadrul Habib Chowdhury
<sadrul at> wrote:

> In an XMPP MUC, if someone changes the nick to '<br>' (using '/nick
> <br>' for example), then libpurple ends up having two users with
> username '\n' in the room, and finch crashes in this situation.

Why does it crash?  Can it be more than a crash?  Does libpurple
created two '\n' users from that one changing nick to <br>, or does it
have the first one for some other purpose?

> From the looks of things, it appears the remote exploitability in
> finch is still 'unknown'. I have CC'ed this mail to Josh Bressers. I
> believe you can issue a CVE# for this yet-undisclosed issue?

Josh is not reading his mails too often these days, but we can help you
with CVE assignment, if you as upstream are going to treat this as
security issue.  CVE can be assigned before the issue is publicly
disclosed, so you can use it in e.g. new release announcements.

By "remote exploitability", do you mean whether it's more than a crash?

Tomas Hoger / Red Hat Security Response Team

More information about the Packagers mailing list