diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-03-03 10:22:54 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-03-03 10:22:54 +0000 |
commit | 6c587ad3a39bae5d6a3f4c0d78f0a239b253242e (patch) | |
tree | d0758f73a5edb497bec5d6fd52e6e9317478b65a | |
parent | 67acd4b824737a8ca2898d3eea7fbb4d3aeff8ba (diff) | |
download | aports-6c587ad3a39bae5d6a3f4c0d78f0a239b253242e.tar.bz2 aports-6c587ad3a39bae5d6a3f4c0d78f0a239b253242e.tar.xz |
main/pidgin: security upgrade to 2.10.9 (various CVEs)
fixes #2678
CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding
-rw-r--r-- | main/pidgin/APKBUILD | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/main/pidgin/APKBUILD b/main/pidgin/APKBUILD index f64eb20249..c15d6c675c 100644 --- a/main/pidgin/APKBUILD +++ b/main/pidgin/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=pidgin -pkgver=2.10.7 +pkgver=2.10.9 pkgrel=0 pkgdesc="graphical multi-protocol instant messaging client for X" url="http://pidgin.im/" @@ -69,5 +69,5 @@ libpurple() { mv "$pkgdir"/usr/share/purple "$pkgdir"/usr/share/sounds \ "$subpkgdir"/usr/share/ } -md5sums="ea88976b9952e80b702b030489f94393 pidgin-2.10.7.tar.bz2 +md5sums="10a4a69d077893f6dd3438cd8af94e81 pidgin-2.10.9.tar.bz2 3cf0c3a476007781f4b0d855817cf58a pidgin-libm.patch" |