Pidgin / lib purple XMPP remote crash
Paul Aurich
darkrain42 at pidgin.im
Fri Apr 20 10:36:10 EDT 2012
And jv.gutierrezb at gmail.com spoke on 04/20/2012 03:39 AM, saying:
> I've just tested your patch in a linux environment and works fine. I can't
> build WinPidgin, but if you provide me the patched DLL I'll test it.
Are you able to reproduce the crash in a linux environment w/o the patch?
If so, that makes me comfortable in the fix. Otherwise, I'd like to nudge
someone to build a new DLL for you, just to be safe.
> Btw, i just introduced a typo in the POC name and you reproduced it in the
> name of the patch. Actually the CVE is CVE-2012-2214 and not 2012-2144.
> Excuse the mistake please.
Oops, thanks. I saved the patch referencing the name of your PoC script (heh).
--
Paul Aurich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/cgi-bin/mailman/private/security/attachments/20120420/8065722f/attachment.pgp>
More information about the security
mailing list