drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Pidgin
| Name: |
Zwei Probleme in Pidgin |
|
| ID: |
USN-1014-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 8.04 LTS, Ubuntu 9.10, Ubuntu 10.04 LTS, Ubuntu 10.10 |
|
| Datum: |
Do, 4. November 2010, 16:48 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3711 |
|
Originalnachricht |
--===============3209294062083612423==
Content-Type: multipart/signed; micalg="pgp-sha1";
protocol="application/pgp-signature"; boundary="=-AfRFzjv5Q8NY+5S3G7X4"
--=-AfRFzjv5Q8NY+5S3G7X4
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
===========================================================
Ubuntu Security Notice USN-1014-1 November 04, 2010
pidgin vulnerabilities
CVE-2010-1624, CVE-2010-3711
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
pidgin 1:2.4.1-1ubuntu2.10
Ubuntu 9.10:
pidgin 1:2.6.2-1ubuntu7.3
Ubuntu 10.04 LTS:
pidgin 1:2.6.6-1ubuntu4.1
Ubuntu 10.10:
pidgin 1:2.7.3-1ubuntu3.1
After a standard system update you need to restart Pidgin to make all the
necessary changes.
Details follow:
Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP
messages in the MSN protocol handler. A remote attacker could send a
specially crafted message and cause Pidgin to crash, leading to a denial
of service. This issue only affected Ubuntu 8.04 LTS, 9.10 and 10.04 LTS.
(CVE-2010-1624)
Daniel Atallah discovered that Pidgin incorrectly handled the return code
of the Base64 decoding function. A remote attacker could send a specially
crafted message and cause Pidgin to crash, leading to a denial of service.
(CVE-2010-3711)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
pidgin_2.4.1-1ubuntu2.10.diff.gz
Size/MD5: 147069 5f4efde7ef31a8a9615d31919b821f08
pidgin_2.4.1-1ubuntu2.10.dsc
Size/MD5: 2183 e16088a49a79d90aa15cf6f40d8f89ce
pidgin_2.4.1.orig.tar.gz
Size/MD5: 13297380 25e3593d5e6bfc17911111475a057778
Architecture independent packages:
finch-dev_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 37846 88f4b3a0eaa95a4a9a6a00675ff02d72
libpurple-bin_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 93454 a4899ec48af9238f4da71caf2e0c66d7
libpurple-dev_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 235892 0e4a3abb205413f899f6ddfd506ee69a
pidgin-data_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 1329902 477cb535396c7f5da32cb60881884817
pidgin-dev_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 72650 b667907131bf23fa43e0f95e98c42e2c
gaim_2.4.1-1ubuntu2.10_all.deb
Size/MD5: 87554 78751749f83263d29a18dea695e30ee3
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
finch_2.4.1-1ubuntu2.10_amd64.deb
Size/MD5: 226224 b0cbc9a26fea0c9d1af2fd3bbbe5d037
libpurple0_2.4.1-1ubuntu2.10_amd64.deb
Size/MD5: 1578146 3923146f0421e7d68a2e21a217bc7618
pidgin-dbg_2.4.1-1ubuntu2.10_amd64.deb
Size/MD5: 4448992 56a8db75a28615c34f32d7f231de6665
pidgin_2.4.1-1ubuntu2.10_amd64.deb
Size/MD5: 572704 c1b6f58f508966541f3601c9ca1eeb75
i386 architecture (x86 compatible Intel/AMD):
finch_2.4.1-1ubuntu2.10_i386.deb
Size/MD5: 200892 5384efbbfc97fea2ec5dd52c9d7829b4
libpurple0_2.4.1-1ubuntu2.10_i386.deb
Size/MD5: 1332808 7a25758784b02a23fd60c55bd16e453e
pidgin-dbg_2.4.1-1ubuntu2.10_i386.deb
Size/MD5: 4246320 593bde66d77a932d083f2f28c16b74d8
pidgin_2.4.1-1ubuntu2.10_i386.deb
Size/MD5: 517290 4a7eb5669a431eee66a5630db950f1fc
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.10_lpia.deb
Size/MD5: 197250 2fcb51e3f8b9f182ee17e6680d3fa3bf
libpurple0_2.4.1-1ubuntu2.10_lpia.deb
Size/MD5: 1384764 c4fc2d80a7ce98cbc86328a5f0be9934
pidgin-dbg_2.4.1-1ubuntu2.10_lpia.deb
Size/MD5: 4375562 1961c29d657cbe919b25b8f3d56aa8dd
pidgin_2.4.1-1ubuntu2.10_lpia.deb
Size/MD5: 511840 44cbd78a96f1e390dcc56a907e0de695
powerpc architecture (Apple Macintosh G3/G4/G5):
finch_2.4.1-1ubuntu2.10_powerpc.deb
Size/MD5: 237172 16fcf22f1ec0fde502ac1d006e2d12c8
libpurple0_2.4.1-1ubuntu2.10_powerpc.deb
Size/MD5: 1603036 3eb276bbb42bd282ad65bec3f460c1d3
pidgin-dbg_2.4.1-1ubuntu2.10_powerpc.deb
Size/MD5: 4480414 0208218edbc4c6c7e002d3b84105d180
pidgin_2.4.1-1ubuntu2.10_powerpc.deb
Size/MD5: 589730 9eaa3cf214014a9ed5c3cea33fc9578c
sparc architecture (Sun SPARC/UltraSPARC):
finch_2.4.1-1ubuntu2.10_sparc.deb
Size/MD5: 212872 9cdc7a144bf546733c8a874243f0bd32
libpurple0_2.4.1-1ubuntu2.10_sparc.deb
Size/MD5: 1501102 41da727ff18b085bac935ca61c5dfca8
pidgin-dbg_2.4.1-1ubuntu2.10_sparc.deb
Size/MD5: 4370332 851497952aa7b778aaef424b676977d1
pidgin_2.4.1-1ubuntu2.10_sparc.deb
Size/MD5: 545740 9f9182600051d3c56a1188b095ac8e4b
Updated packages for Ubuntu 9.10:
Source archives:
pidgin_2.6.2-1ubuntu7.3.diff.gz
Size/MD5: 69189 31240de647279ce482dcae85476dbcb1
pidgin_2.6.2-1ubuntu7.3.dsc
Size/MD5: 2663 44bdd8e9998600fe412257c07e35dd0a
pidgin_2.6.2.orig.tar.gz
Size/MD5: 12953515 ec6053408251413f6879a80760787405
Architecture independent packages:
finch-dev_2.6.2-1ubuntu7.3_all.deb
Size/MD5: 39654 07644b5e4a2b749496c769c2db5385c4
libpurple-bin_2.6.2-1ubuntu7.3_all.deb
Size/MD5: 99984 e163ec3d0d8f8fd40add230738040f72
libpurple-dev_2.6.2-1ubuntu7.3_all.deb
Size/MD5: 278308 6a3b6ef7b068f03a44ccfad0a0ea966e
pidgin-data_2.6.2-1ubuntu7.3_all.deb
Size/MD5: 1233788 4d9ea739390b72d38ede50770c436a94
pidgin-dev_2.6.2-1ubuntu7.3_all.deb
Size/MD5: 1627028 307f046ef0fe73245572957acb7c7241
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
finch_2.6.2-1ubuntu7.3_amd64.deb
Size/MD5: 243980 cd9fc62b5fce8d6a1159c4c712778220
libpurple0_2.6.2-1ubuntu7.3_amd64.deb
Size/MD5: 1928222 b687954d28badd43ca62524a7d960567
pidgin-dbg_2.6.2-1ubuntu7.3_amd64.deb
Size/MD5: 6159266 62f335e43af3af42bbf6f6910564d281
pidgin_2.6.2-1ubuntu7.3_amd64.deb
Size/MD5: 630124 613ee7f1064aea664a45f52e6b6c6129
i386 architecture (x86 compatible Intel/AMD):
finch_2.6.2-1ubuntu7.3_i386.deb
Size/MD5: 223302 27e04f1dcb55d29a961bcc5b025f2574
libpurple0_2.6.2-1ubuntu7.3_i386.deb
Size/MD5: 1776232 48dbbcde180c1a6463a4652692d6376e
pidgin-dbg_2.6.2-1ubuntu7.3_i386.deb
Size/MD5: 5877494 c798d3d346330a22cfd34c5657fe50e9
pidgin_2.6.2-1ubuntu7.3_i386.deb
Size/MD5: 575708 a84ceae68e6c2059c1b89b493d7bf81c
armel architecture (ARM Architecture):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.6.2-1ubuntu7.3_armel.deb
Size/MD5: 212748 348aaa7c62f147495b9803846bf7be4b
libpurple0_2.6.2-1ubuntu7.3_armel.deb
Size/MD5: 1683882 cd6d0830d54ba09abff720befcda8c64
pidgin-dbg_2.6.2-1ubuntu7.3_armel.deb
Size/MD5: 5961230 8e8877884f915e0bd331de904455e95f
pidgin_2.6.2-1ubuntu7.3_armel.deb
Size/MD5: 548346 9709697a2ec2d2b722505ee8d9739498
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.6.2-1ubuntu7.3_lpia.deb
Size/MD5: 223264 057d35b1124060f1b949718f2258c161
libpurple0_2.6.2-1ubuntu7.3_lpia.deb
Size/MD5: 1768282 d90e354cb5c9c1258e0f479eb242c309
pidgin-dbg_2.6.2-1ubuntu7.3_lpia.deb
Size/MD5: 6036010 10cab42a2fdcd6d487619fa311ef5ef8
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.6.2-1ubuntu7.3_lpia.deb
Size/MD5: 576062 76d0165c907a6dd7d90a20493a207412
powerpc architecture (Apple Macintosh G3/G4/G5):
finch_2.6.2-1ubuntu7.3_powerpc.deb
Size/MD5: 239704 06d60b2f3f0dd5b046f622c7db139799
libpurple0_2.6.2-1ubuntu7.3_powerpc.deb
Size/MD5: 1919664 f941f7374bc0c811474979b902348802
pidgin-dbg_2.6.2-1ubuntu7.3_powerpc.deb
Size/MD5: 6263016 61bfe1366159868be68daf4b7c5a46ac
pidgin_2.6.2-1ubuntu7.3_powerpc.deb
Size/MD5: 609536 88cc138be00476010223ac79f6ad9372
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.6.2-1ubuntu7.3_sparc.deb
Size/MD5: 224604 72bbcdba78a565e7338fec07a705ccbb
libpurple0_2.6.2-1ubuntu7.3_sparc.deb
Size/MD5: 1772330 66c51c21f288835ab085f678844b6b2a
pidgin-dbg_2.6.2-1ubuntu7.3_sparc.deb
Size/MD5: 5679476 bfcd5374a79e4631c62027294759f4ef
pidgin_2.6.2-1ubuntu7.3_sparc.deb
Size/MD5: 576808 3508dbfcdd03db1c02449ddfb7660034
Updated packages for Ubuntu 10.04 LTS:
Source archives:
pidgin_2.6.6-1ubuntu4.1.debian.tar.gz
Size/MD5: 67576 ad6479976dd8bc7ba4d1ca0c2251176c
pidgin_2.6.6-1ubuntu4.1.dsc
Size/MD5: 2727 74d2c2971488583a01c49802823b0cc9
pidgin_2.6.6.orig.tar.bz2
Size/MD5: 9479337 b37ab6c52db8355e8c70c044c2ba17c1
Architecture independent packages:
finch-dev_2.6.6-1ubuntu4.1_all.deb
Size/MD5: 39778 e9dba9a4e9b8d9d9cfce78c94dad7724
libpurple-bin_2.6.6-1ubuntu4.1_all.deb
Size/MD5: 101948 0d96e9a65e4bf46b6c6e56ccd11895b7
libpurple-dev_2.6.6-1ubuntu4.1_all.deb
Size/MD5: 284500 618cbf104ec0625df8b717da2b5856e9
pidgin-data_2.6.6-1ubuntu4.1_all.deb
Size/MD5: 1242308 523af401a3c5a2780c25c93c7940ed19
pidgin-dev_2.6.6-1ubuntu4.1_all.deb
Size/MD5: 1757706 fc894645f6b580184378a01545d922d9
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
finch_2.6.6-1ubuntu4.1_amd64.deb
Size/MD5: 247706 83293de94ca6b2762ba6de1c251a205a
libpurple0_2.6.6-1ubuntu4.1_amd64.deb
Size/MD5: 1985620 37941558dc898d98ecafc68a72e0d8d6
pidgin-dbg_2.6.6-1ubuntu4.1_amd64.deb
Size/MD5: 6285368 56100ea8a3a7ec30db1238bc99daa569
pidgin_2.6.6-1ubuntu4.1_amd64.deb
Size/MD5: 629338 a1eae3e35d1aa6389e50ad6cc0419f37
i386 architecture (x86 compatible Intel/AMD):
finch_2.6.6-1ubuntu4.1_i386.deb
Size/MD5: 225102 6abf52d2720cc26109d541817b4bfb25
libpurple0_2.6.6-1ubuntu4.1_i386.deb
Size/MD5: 1839368 19120285fedb4ef270b00ddafb9dda7e
pidgin-dbg_2.6.6-1ubuntu4.1_i386.deb
Size/MD5: 6013076 5756957408c40a702dfbc6160b282b0a
pidgin_2.6.6-1ubuntu4.1_i386.deb
Size/MD5: 577052 52731fe1d39a82e40f6f104a0479d10d
armel architecture (ARM Architecture):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.6.6-1ubuntu4.1_armel.deb
Size/MD5: 212962 f5ed2def81e37c5a996652cc8cc022f0
libpurple0_2.6.6-1ubuntu4.1_armel.deb
Size/MD5: 1708488 a42fe98ac616a2fdb924db70eb88625d
pidgin-dbg_2.6.6-1ubuntu4.1_armel.deb
Size/MD5: 6186258 c73f150f46fa718f81df515030df5110
pidgin_2.6.6-1ubuntu4.1_armel.deb
Size/MD5: 547784 9bfb45fb553305e7079398a1d55e02c0
powerpc architecture (Apple Macintosh G3/G4/G5):
finch_2.6.6-1ubuntu4.1_powerpc.deb
Size/MD5: 241910 37e73378d44b62b665b442baacca983e
libpurple0_2.6.6-1ubuntu4.1_powerpc.deb
Size/MD5: 1985654 550692d22229987c1393dc4b1f641ac4
pidgin-dbg_2.6.6-1ubuntu4.1_powerpc.deb
Size/MD5: 6410332 1aaebea09ae715f2ebbb7da3e23223fb
pidgin_2.6.6-1ubuntu4.1_powerpc.deb
Size/MD5: 610814 d2469bb17402ec3a32442b042ec20ebb
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.6.6-1ubuntu4.1_sparc.deb
Size/MD5: 232614 893d680af42b3bbff0d1a48d19bd80e3
libpurple0_2.6.6-1ubuntu4.1_sparc.deb
Size/MD5: 1867620 e73d958e1132269b9af33bfd6b4b6eea
pidgin-dbg_2.6.6-1ubuntu4.1_sparc.deb
Size/MD5: 5812856 4c4d3b63453d57a3807ed3b2aba62f3d
pidgin_2.6.6-1ubuntu4.1_sparc.deb
Size/MD5: 586614 7231da751da3000a04b079e18862a76c
Updated packages for Ubuntu 10.10:
Source archives:
pidgin_2.7.3-1ubuntu3.1.debian.tar.gz
Size/MD5: 65684 b34b8a96ae8645d4e9ffa781639f3415
pidgin_2.7.3-1ubuntu3.1.dsc
Size/MD5: 2687 64c3764d93a2232ed05a5ce4d9dc1ebc
pidgin_2.7.3.orig.tar.bz2
Size/MD5: 9746117 e4bbadadae85e5e008690b52dd51f102
Architecture independent packages:
finch-dev_2.7.3-1ubuntu3.1_all.deb
Size/MD5: 40084 c051d855433c3d43e7185f86959f8f41
libpurple-bin_2.7.3-1ubuntu3.1_all.deb
Size/MD5: 48158 44e19e8021f42ff6a984f352196e23d7
libpurple-dev_2.7.3-1ubuntu3.1_all.deb
Size/MD5: 233556 fd481a9c76915707b4905dda096105e2
pidgin-data_2.7.3-1ubuntu3.1_all.deb
Size/MD5: 1225198 c3eb5ad32944f5a00e1d3d1de5eb63f0
pidgin-dev_2.7.3-1ubuntu3.1_all.deb
Size/MD5: 1591368 4fb48a59952dd2e10e264a411345aa45
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
finch_2.7.3-1ubuntu3.1_amd64.deb
Size/MD5: 244476 622200d9eefcc3d140a7ce3171c1a541
libpurple0_2.7.3-1ubuntu3.1_amd64.deb
Size/MD5: 1935518 52781e6834e4c8056251681dee82ab0f
pidgin-dbg_2.7.3-1ubuntu3.1_amd64.deb
Size/MD5: 6264622 370ecfe8333faa63249e855fecc3d6b2
pidgin_2.7.3-1ubuntu3.1_amd64.deb
Size/MD5: 602026 5973db6a62c5b57e4a3b7919729a3fba
i386 architecture (x86 compatible Intel/AMD):
finch_2.7.3-1ubuntu3.1_i386.deb
Size/MD5: 221380 ea11f4f016def4f344fe29be80adc1dc
libpurple0_2.7.3-1ubuntu3.1_i386.deb
Size/MD5: 1778712 5a83a543506d91985d7509f2d235a137
pidgin-dbg_2.7.3-1ubuntu3.1_i386.deb
Size/MD5: 6027262 43a713f30909442d17571e5b7902d6a8
pidgin_2.7.3-1ubuntu3.1_i386.deb
Size/MD5: 549516 c82a9e629e6a349a7d39994fb0bd137f
armel architecture (ARM Architecture):
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.7.3-1ubuntu3.1_armel.deb
Size/MD5: 213186 944147c170c1d6e4a23332ca8be6e7cb
libpurple0_2.7.3-1ubuntu3.1_armel.deb
Size/MD5: 1705282 085e3d048ac86188a0d1239524471f91
pidgin-dbg_2.7.3-1ubuntu3.1_armel.deb
Size/MD5: 6150256 fb31675f89700c8a97daada5233d3b40
pidgin_2.7.3-1ubuntu3.1_armel.deb
Size/MD5: 527218 525fbdda9c1ea14a7ce63e4b2abd381b
powerpc architecture (Apple Macintosh G3/G4/G5):
finch_2.7.3-1ubuntu3.1_powerpc.deb
Size/MD5: 238912 c6a561eb0b6e9a3b32a59f5a5771c0d1
libpurple0_2.7.3-1ubuntu3.1_powerpc.deb
Size/MD5: 1932160 6a584ffe3fa43f989729858e18015e57
pidgin-dbg_2.7.3-1ubuntu3.1_powerpc.deb
Size/MD5: 6387028 c8b2d846da7c551ad9953856deb52537
pidgin_2.7.3-1ubuntu3.1_powerpc.deb
Size/MD5: 583324 c642c57eacd3bd6299cd0a5a2bd611e7
--
|
|
|
|
