question about the CVE-2014-3775 fix

Murray McAllister mmcallis at
Mon May 26 00:04:43 EDT 2014

Good morning,

Apologies if you were already told about this. I noticed the following 
commit (linked from

It appears to be missing this commit:

I looked in pidgin-2.10.9.tar.bz2 and it was also using 
"gg_fix32(pkt->rcount > 256)" instead of "gg_fix32(pkt->rcount) > 256".


Murray McAllister / Red Hat Security Response Team

More information about the security mailing list