Lucene search
OracleLinuxELSA-2017-1854HistoryAug 07, 2017 - 12:00 a.m.
pidgin security, bug fix, and enhancement update
2017-08-0700:00:00
linux.oracle.com
14
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
85.9%
[2.10.11-5]
- Drop MXit support in RHEL
Resolves: #1439296
[2.10.11-4] - Silence -Wsign-compare
- Rename the previous patch for consistency
Resolves: #1445921, #1446368
[2.10.11-3] - Avoid a use-after-free in an error path
Resolves: #1445921
[2.10.11-2] - Add patch for CVE-2017-2640
Resolves: #1431022
[2.10.11-1] - Update to 2.10.11
Resolves: #1369526
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | pidgin | <Â 2.10.11-5.el7 | pidgin-2.10.11-5.el7.src.rpm |
| oracle linux | 7 | aarch64 | finch | <Â 2.10.11-5.el7 | finch-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | finch-devel | <Â 2.10.11-5.el7 | finch-devel-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | libpurple | <Â 2.10.11-5.el7 | libpurple-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | libpurple-devel | <Â 2.10.11-5.el7 | libpurple-devel-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | libpurple-perl | <Â 2.10.11-5.el7 | libpurple-perl-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | libpurple-tcl | <Â 2.10.11-5.el7 | libpurple-tcl-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | pidgin | <Â 2.10.11-5.el7 | pidgin-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | pidgin-devel | <Â 2.10.11-5.el7 | pidgin-devel-2.10.11-5.el7.aarch64.rpm |
| oracle linux | 7 | aarch64 | pidgin-perl | <Â 2.10.11-5.el7 | pidgin-perl-2.10.11-5.el7.aarch64.rpm |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1166)
2020-01-23 00:00:00
RedHat Update for pidgin RHSA-2017:1854-01
2017-08-04 00:00:00
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1165)
2020-01-23 00:00:00
nessus
nessus
Oracle Linux 7 : pidgin (ELSA-2017-1854)
2017-08-09 00:00:00
EulerOS 2.0 SP1 : pidgin (EulerOS-SA-2017-1165)
2017-09-08 00:00:00
RHEL 7 : pidgin (RHSA-2017:1854)
2017-08-02 00:00:00
centos
centos
finch, libpurple, pidgin security update
2017-08-24 01:40:35
redhat
redhat
(RHSA-2017:1854) Moderate: pidgin security, bug fix, and enhancement update
2017-08-01 05:55:25
fedora
fedora
[SECURITY] Fedora 21 Update: pidgin-2.10.10-2.fc21
2014-11-10 06:31:44
[SECURITY] Fedora 20 Update: pidgin-2.10.10-1.fc20
2014-11-10 06:47:47
debian
debian
[SECURITY] [DSA 3055-1] pidgin security update
2014-10-23 21:06:22
[SECURITY] [DSA 3806-1] pidgin security update
2017-03-10 03:43:45
[SECURITY] [DSA 3806-1] pidgin security update
2017-03-10 03:44:07
osv
osv
pidgin - security update
2014-10-23 00:00:00
pidgin - security update
2017-03-11 00:00:00
pidgin - security update
2017-03-10 00:00:00
mageia
mageia
Updated pidgin packages fix security vulnerabilities
2014-10-26 00:23:09
Updated pidgin packages fix security vulnerability
2017-04-04 09:44:05
securityvulns
securityvulns
[USN-2390-1] Pidgin vulnerabilities
2014-11-03 00:00:00
Pidgin multiple security vulnerabilities
2014-11-03 00:00:00
[slackware-security] pidgin (SSA:2014-296-02)
2014-10-27 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2014-10-28 00:00:00
Pidgin vulnerability
2017-03-14 00:00:00
freebsd
freebsd
libpurple/pidgin -- multiple vulnerabilities
2014-10-22 00:00:00
slackware
slackware
[slackware-security] pidgin
2014-10-24 05:36:22
[slackware-security] pidgin
2017-03-16 03:25:04
kaspersky
kaspersky
KLA10448 Multiple Pidgin vulnerabilities
2014-10-22 00:00:00
KLA11359 ACE vulnerability in Pidgin
2017-03-09 00:00:00
archlinux
archlinux
libpurple: remote dos and information leakage
2014-10-22 00:00:00
[ASA-201703-18] libpurple: arbitrary code execution
2017-03-21 00:00:00
threatpost
threatpost
Pidgin 2.10.10 Patches SSL MiTM, DoS Vulnerabilities
2014-11-10 10:48:05
Code Execution Vulnerability Found in Libpurple IM Library
2017-03-21 14:28:44
debiancve
debiancve
prion
prion
Information disclosure
2014-10-29 10:55:00
Memory corruption
2014-10-29 10:55:00
Memory corruption
2014-10-29 10:55:00
cve
cve
ubuntucve
ubuntucve
cvelist
cvelist
talos
talos
Pidgin libpurple Mxit Emoticon ASN Length Denial of Service Vulnerability
2014-11-06 00:00:00
Pidgin libpurple Novell Protocol Multiple Denial of Service Vulnerabilities
2014-11-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:43:50
Information Disclosure
2019-05-02 06:43:50
Denial Of Service (DoS)
2019-05-02 06:43:50
gentoo
gentoo
Pidgin: Arbitrary code execution
2017-06-06 00:00:00
alpinelinux
alpinelinux
CVE-2017-2640
2018-07-27 18:29:00
redhatcve
redhatcve
CVE-2017-2640
2017-03-10 08:48:05
suse
suse
Security update for pidgin (important)
2017-04-11 15:08:50
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
85.9%
Related for ELSA-2017-1854