Pidgin security vulnerabilities and 2.10.8

Mark Doliner mark at kingant.net
Thu Jan 23 18:40:19 EST 2014


*** The contents of this email are sensitive!  Please do not share
publicly until after the embargo date -- Tuesday 2014-01-28 at 07:00
PST, 10:00 EST, 15:00 UTC ***

Another correction:
CVE-2013-6487 was previously used for three different issues. It has
now been split into three CVE IDs. See below for the new IDs. I'm not
planning to re-tag or rebuild the 2.10.8 release so the "ChangeLog"
file will contain incorrect CVE IDs for two of the issues. This will
be corrected in later releases. Hopefully this won't cause any
problems.

On Wed, Jan 22, 2014 at 1:10 AM, Mark Doliner <mark at kingant.net> wrote:
> -----
>
> CVE-2013-6487, discovered by Yves Younan and Ryan Pentney of Sourcefire VRT
> Buffer overflow in Gadu-Gadu HTTP parsing.
> A malicious server or man-in-the-middle could send a large value for
> Content-Length and cause an integer overflow which could lead to a
> buffer overflow.
>
> -----
>
> CVE-2013-6489, discovered by Yves Younan and Pawel Janic of Sourcefire VRT
> Buffer overflow in MXit emoticon parsing.
> A specially crafted emoticon value could cause an integer overflow
> which could lead to a buffer overflow.
>
> -----
>
> CVE-2013-6490, discovered by Yves Younan of Sourcefire VRT
> Buffer overflow in SIMPLE header parsing.
> A Content-Length of -1 could lead to a buffer overflow.
>
> -----



More information about the Packagers mailing list