MiracleLinux 7 : pidgin-2.10.11-5.el7 (AXSA:2017-1913:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1913:01 advisory. Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell...

Linux Distros Unpatched Vulnerability : CVE-2014-3696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via...

SUSE CVE-2014-3696

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via a crafted server message that triggers a large memory allocation...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1165)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : pidgin (CESA-2017:1854)

An update for pidgin is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 7 : pidgin (ELSA-2017-1854)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1854 advisory. - Add patch for CVE-2017-2640 Resolves: 1431022 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Fedora 21 : pidgin-2.10.10-2.fc21 (2014-14112)

fix build on arches without valgrind Update to 2.10.10 Security fix for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

Fedora 20 : pidgin-2.10.10-1.fc20 (2014-14069)

Update to 2.10.10 Security fix for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Fedora Update for pidgin FEDORA-2014-14069

Check the version of pidgin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868472";...

[USN-2390-1] Pidgin vulnerabilities

========================================================================== Ubuntu Security Notice USN-2390-1 October 28, 2014 pidgin vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

DEBIAN-CVE-2014-3696

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via a crafted server message that triggers a large memory allocation...

CVE-2014-3696

nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service application crash via a crafted server message that triggers a large memory allocation...

CVE-2014-3696

CVE-2014-3696 affects Pidgin/libpurple via the Novell GroupWise protocol plugin. A crafted server message could trigger a large memory allocation, causing an application crash (DoS). Across sources, the vulnerability is addressed by upgradingPidgin/libpurple to a version that includes the fix (e....

Updated pidgin packages fix security vulnerabilities

In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...

[slackware-security] pidgin

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: pidgin-2.10.10-i486-1slack14.1.txz: Upgraded. This update fixes several security issues: Insufficient SSL certificate...

FreeBSD : libpurple/pidgin -- multiple vulnerabilities (d057c5e6-5b20-11e4-bebd-000c2980a9f3)

The pidgin development team reports : . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution and use in source VuXML and...

[SECURITY] [DSA 3055-1] pidgin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3055-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 23, 2014 http://www.debian.org/security/faq -...