Buffer overflow in Pidgin MXit protocol plugin
Mark Doliner
mark at kingant.net
Tue Jul 3 02:40:59 EDT 2012
-- please do not release this information publicly until after the
embargo date --
(cc'ing the discoverer of this bug as well as the developers of the
MXit protocol plugin)
Hello packagers of Pidgin for various operating systems,
Ulf Härnhammar found and privately reported to us a buffer overflow
when handling an incoming instant message in the MXit protocol plugin.
I believe this bug can be exploited by a remote user to cause a
crash, and in some circumstances can lead to remote code execution. I
believe this to be a fairly serious bug for any users of the MXit
protocol plugin (it's one of the standard protocols that we include
and is popular in South Africa).
The fix is pretty easy. You can find a patch for the problem, as well
as tarballs for 2.10.5 here:
http://pidgin.im/~markdoliner/lkFja97sFw89/ This is sensitive
information! Please be careful not to share this with the public.
Please be careful not to post it on public bug trackers, commit it to
public version control systems, etc.
The embargo date is 16:00 UTC on 2012-07-05 (roughly three days from
now). At this time we will post this information at
http://pidgin.im/news/security/?id=64 and we will release Pidgin
2.10.5 containing the attached patch.
Josh, Jan, and Tomas of Red Hat: Would you be able to issue a CVE for
this issue? AFAIK one does not exist and the issue is not public.
Thanks, and please let me know if anyone has any questions.
--Mark
-- please do not release this information publicly until after the
embargo date --
More information about the Packagers
mailing list