Request for CVEs for Pidgin
mark at kingant.net
Wed Jan 15 11:01:27 EST 2014
On Wed, Jan 15, 2014 at 6:19 AM, Tomas Hoger <thoger at redhat.com> wrote:
> On Tue, 14 Jan 2014 13:35:15 -0800 Mark Doliner wrote:
>> > I'd like to share this list with a colleague, Kurt Seifried, who
>> > handles many CVE assignments, to help with deciding on the
>> > merge/split cases. You can find him do a lot of assignments on the
>> > oss-security list. Please let me know if it's ok to send him your
>> > list.
>> Sure, that sounds totally reasonable.
> Forwarded, I hope to get you IDs soon.
Hi Tomas. Can I please add one more security bug to the list? :-(
It was discovered yesterday by a Pidgin developer. We believe it is
not public knowledge.
ISSUE-16, discovered by Daniel Atallah
Remotely triggerable crash in IRC argument parsing.
A malicious server or man-in-the-middle could trigger a crash in
libpurple by sending a message with fewer than expected arguments.
More information about the security