Red Hat Security Advisory 2017-1854-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin. Security Fix: A denial of service flaw was found in the way Pidgin's Mxit plug-in handled emoticons. A malicious remote server or a man-in-the-middle attacker could potentially use this flaw to crash Pidgin by sending a specially crafted emoticon.
8025ad83e85f7711d5359c27763a16556d76510821e47dc5d645d2f65d5b42abUbuntu Security Notice 2390-1 - Jacob Appelbaum and an anonymous person discovered that Pidgin incorrectly handled certificate validation. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled certain malformed MXit emoticons. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service. Various other issues were also addressed.
9de2fd893b05d9381e103c2fc1c9fa71c92e128c9e9885eff70ac44ee7e4e2b2Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
5cbe6f4c509145ab2cca11c0b6d42108ea1c7b3a6b2eb3f143083978c7b37df2Debian Linux Security Advisory 3055-1 - Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client.
71a6874b3dc2259d8c5a453197bf19480a1798e328e3a60d8282fef8ae738580
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed