Pidgin 2.6.5 released
bressers at redhat.com
Mon Jan 11 08:17:13 EST 2010
----- "Paul Aurich" <paul at darkrain42.org> wrote:
> Pidgin 2.6.5 is released (though not yet listed as such at pidgin.im).
> As mentioned previously, this release provides a fix for CVE-2010-013
> (MSN arbitrary file upload), along with a number of build fixes and crash
Does this update this fix this the MSN memory corruption bug?
slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and
Adium 1.3.8 allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via
unknown vectors, a different issue than CVE-2010-0013.
More information about the Packagers