what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-143

Mandriva Linux Security Advisory 2008-143
Posted Jul 11, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An integer overflow flaw was found in Pidgin's MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message. In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVSA-2008:103 (updated pidgin for 2008.1). The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2008-2927
SHA-256 | 7d84696431ca3cbdcdd7bc3811cc4ffa055ddcf1c20c7cb29c685bb32ae3d154
Download | Favorite | View

Mandriva Linux Security Advisory 2008-143

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:143
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : pidgin
 Date    : July 10, 2008
 Affected: 2008.0, 2008.1
 _______________________________________________________________________
 
 Problem Description:
 
 An integer overflow flaw was found in Pidgin's MSN protocol handler
 that could allow for the execution of arbitrary code if a user received
 a malicious MSN message (CVE-2008-2927).
 
 In addition, this update provides the ability to use ICQ networks
 again on Mandriva Linux 2008.0, as in MDVA-2008:103 (updated pidgin
 for 2008.1).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2008.0:
 509b0087973fa73ce677f3df84533ea5  2008.0/i586/finch-2.2.1-2.1mdv2008.0.i586.rpm
 587ee9d2853cfcc848c8a133b90c112d  2008.0/i586/libfinch0-2.2.1-2.1mdv2008.0.i586.rpm
 55b077915a8fe399bf24817bbd06c204  2008.0/i586/libpurple0-2.2.1-2.1mdv2008.0.i586.rpm
 eda90e586e160243de149c01bf60922e  2008.0/i586/libpurple-devel-2.2.1-2.1mdv2008.0.i586.rpm
 64e11e5aafa3bae3261579e52ff61102  2008.0/i586/pidgin-2.2.1-2.1mdv2008.0.i586.rpm
 b616662d66460eefa94e67773f63679d  2008.0/i586/pidgin-bonjour-2.2.1-2.1mdv2008.0.i586.rpm
 0a40b9f6e0ebd896bc5cadf9c941c0aa  2008.0/i586/pidgin-client-2.2.1-2.1mdv2008.0.i586.rpm
 0ec01e1a48745a5c712cd6461096793c  2008.0/i586/pidgin-facebook-2.2.1-2.1mdv2008.0.i586.rpm
 3d35a41a95190a645d23942e50c0d836  2008.0/i586/pidgin-gevolution-2.2.1-2.1mdv2008.0.i586.rpm
 08d55606cdc47a373a2f00d96384798f  2008.0/i586/pidgin-i18n-2.2.1-2.1mdv2008.0.i586.rpm
 507385fff430c937cdae2b905fef68f9  2008.0/i586/pidgin-meanwhile-2.2.1-2.1mdv2008.0.i586.rpm
 0b16d9e4d7e45d5693545dc91117524e  2008.0/i586/pidgin-mono-2.2.1-2.1mdv2008.0.i586.rpm
 3dd2f3b6715406f6d49c89361f494063  2008.0/i586/pidgin-perl-2.2.1-2.1mdv2008.0.i586.rpm
 ae910793ab236990d8918552f49f7ae9  2008.0/i586/pidgin-silc-2.2.1-2.1mdv2008.0.i586.rpm
 5d025e8085e9dac3cfac0fa8eb29c561  2008.0/i586/pidgin-tcl-2.2.1-2.1mdv2008.0.i586.rpm 
 e36f85784a84514af05b6cd4a2355a87  2008.0/SRPMS/pidgin-2.2.1-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 e2f11fa982f7d51a45770c7032be086e  2008.0/x86_64/finch-2.2.1-2.1mdv2008.0.x86_64.rpm
 2cd2bd84268ba18d2ee6c493ed3bfbd1  2008.0/x86_64/lib64finch0-2.2.1-2.1mdv2008.0.x86_64.rpm
 55e3d0067ef6ab5b6bd4acfce578a6d8  2008.0/x86_64/lib64purple0-2.2.1-2.1mdv2008.0.x86_64.rpm
 98c5f4f751041662eef46be53a331b3a  2008.0/x86_64/lib64purple-devel-2.2.1-2.1mdv2008.0.x86_64.rpm
 9a2f1a20abcd75a6bca90a4fcbf73e44  2008.0/x86_64/pidgin-2.2.1-2.1mdv2008.0.x86_64.rpm
 6afdf79793b66b0ea59cdeb57f65011e  2008.0/x86_64/pidgin-bonjour-2.2.1-2.1mdv2008.0.x86_64.rpm
 950bb83e3232d522be12bd09a618d9e3  2008.0/x86_64/pidgin-client-2.2.1-2.1mdv2008.0.x86_64.rpm
 cafa5a63cfe7b3da268c4d667614f5bb  2008.0/x86_64/pidgin-facebook-2.2.1-2.1mdv2008.0.x86_64.rpm
 e29a3161a12b981e105e354cfc901c9c  2008.0/x86_64/pidgin-gevolution-2.2.1-2.1mdv2008.0.x86_64.rpm
 af56fd50efa80cc9601672b3b8953248  2008.0/x86_64/pidgin-i18n-2.2.1-2.1mdv2008.0.x86_64.rpm
 013b49fdc2961a376fdee9dcfb2f6eb7  2008.0/x86_64/pidgin-meanwhile-2.2.1-2.1mdv2008.0.x86_64.rpm
 3e04e61ccda3ee5522ec6f762b9aaaee  2008.0/x86_64/pidgin-mono-2.2.1-2.1mdv2008.0.x86_64.rpm
 89a96f61d4e9baeb29eb543720a6b2dd  2008.0/x86_64/pidgin-perl-2.2.1-2.1mdv2008.0.x86_64.rpm
 8ed2fe28fc433d1955e84815e7fe6bfc  2008.0/x86_64/pidgin-silc-2.2.1-2.1mdv2008.0.x86_64.rpm
 5bca0408021ba9ed219cccb00b50553d  2008.0/x86_64/pidgin-tcl-2.2.1-2.1mdv2008.0.x86_64.rpm 
 e36f85784a84514af05b6cd4a2355a87  2008.0/SRPMS/pidgin-2.2.1-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 a0a2b96d3c2e07f7c8ade41b14356da4  2008.1/i586/finch-2.4.1-2.2mdv2008.1.i586.rpm
 a651dd51073999681404e9d4f9911e40  2008.1/i586/libfinch0-2.4.1-2.2mdv2008.1.i586.rpm
 86d8f6679e31ac72c9d8b1cf6c6abe23  2008.1/i586/libpurple0-2.4.1-2.2mdv2008.1.i586.rpm
 8c030456211c723164c6cfa3cf27bc00  2008.1/i586/libpurple-devel-2.4.1-2.2mdv2008.1.i586.rpm
 165ae136a6801c8e3b152cf131689e58  2008.1/i586/pidgin-2.4.1-2.2mdv2008.1.i586.rpm
 bcac01478d3bf6e27e3a2d93c5ac48d7  2008.1/i586/pidgin-bonjour-2.4.1-2.2mdv2008.1.i586.rpm
 9a52067105cb7b43f0aa373dc52bef3e  2008.1/i586/pidgin-client-2.4.1-2.2mdv2008.1.i586.rpm
 fe5771389c06733b5b8cf2aa2bc67db0  2008.1/i586/pidgin-gevolution-2.4.1-2.2mdv2008.1.i586.rpm
 953152aea997453e835a7abb4c9c77df  2008.1/i586/pidgin-i18n-2.4.1-2.2mdv2008.1.i586.rpm
 b9fed85e3fdbb7fdec2e54bfdd34c9e3  2008.1/i586/pidgin-meanwhile-2.4.1-2.2mdv2008.1.i586.rpm
 91b42d2b70c9136c4be3b74258dbab87  2008.1/i586/pidgin-mono-2.4.1-2.2mdv2008.1.i586.rpm
 24a94402a42079c6c6d69d9d16b523ca  2008.1/i586/pidgin-perl-2.4.1-2.2mdv2008.1.i586.rpm
 9daeb10a70822bbfdba6a168bb08344d  2008.1/i586/pidgin-silc-2.4.1-2.2mdv2008.1.i586.rpm
 2c3c4832a7f491b81a64404d17e01070  2008.1/i586/pidgin-tcl-2.4.1-2.2mdv2008.1.i586.rpm 
 61d05852f634d5d509b00d40e25bed19  2008.1/SRPMS/pidgin-2.4.1-2.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 0c285ec7f81a08d3ebb368abe16fbb8f  2008.1/x86_64/finch-2.4.1-2.2mdv2008.1.x86_64.rpm
 f9116830b3d96d1014fdcc0a70d4567a  2008.1/x86_64/lib64finch0-2.4.1-2.2mdv2008.1.x86_64.rpm
 464b0531188b3a5fb70441764208f9f2  2008.1/x86_64/lib64purple0-2.4.1-2.2mdv2008.1.x86_64.rpm
 6198756941ef340dc23b07b6b342cb50  2008.1/x86_64/lib64purple-devel-2.4.1-2.2mdv2008.1.x86_64.rpm
 cb2588ca2ddaf94aa808ab5041e24c77  2008.1/x86_64/pidgin-2.4.1-2.2mdv2008.1.x86_64.rpm
 b0c515b5d144076575c34a461ae51d65  2008.1/x86_64/pidgin-bonjour-2.4.1-2.2mdv2008.1.x86_64.rpm
 9b1dee6aeb0ea58d6af015c9bc3dce1b  2008.1/x86_64/pidgin-client-2.4.1-2.2mdv2008.1.x86_64.rpm
 5b5bb13dcd6e4010ff9ba2f8eb0fe999  2008.1/x86_64/pidgin-gevolution-2.4.1-2.2mdv2008.1.x86_64.rpm
 d40b42b60eb624155661a92b2e9ce421  2008.1/x86_64/pidgin-i18n-2.4.1-2.2mdv2008.1.x86_64.rpm
 dba89ed53c87388ab386622445585094  2008.1/x86_64/pidgin-meanwhile-2.4.1-2.2mdv2008.1.x86_64.rpm
 5004f75616437e7568df52c535957ab7  2008.1/x86_64/pidgin-mono-2.4.1-2.2mdv2008.1.x86_64.rpm
 e7b4f4b7572fbf0a97a7357381c963df  2008.1/x86_64/pidgin-perl-2.4.1-2.2mdv2008.1.x86_64.rpm
 4eb4a4e308b6d944d568265c762595c6  2008.1/x86_64/pidgin-silc-2.4.1-2.2mdv2008.1.x86_64.rpm
 ec0ca5b5956d983f705780610dee4f06  2008.1/x86_64/pidgin-tcl-2.4.1-2.2mdv2008.1.x86_64.rpm 
 61d05852f634d5d509b00d40e25bed19  2008.1/SRPMS/pidgin-2.4.1-2.2mdv2008.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIdp8PmqjQ0CJFipgRAtvpAJ49ShN9VRjdghv5P/0ClFJZ/4HeKACgmKDu
RnnwTwhqG7EveiZ0caFGG3g=
=kzVv
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    35 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close