MiracleLinux 7 : pidgin-2.10.11-5.el7 (AXSA:2017-1913:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1913:01 advisory. Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell...

Linux Distros Unpatched Vulnerability : CVE-2017-2640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash...

RHEL 5 : pidgin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pidgin: Out-of-bounds write in purplemarkupunescapeentity triggered by invalid XML CVE-2017-2640 - A deni...

Mageia: Security Advisory (MGASA-2017-0102)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1165)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2018:2235-1 Security update for pidgin

This update for pidgin fixes the following issues: The following security vulnerability was fixed: - CVE-2017-2640: Fixed an out of bound write in purplemarkupunescapeentity, which could be triggered by a server controlled by an attacker and could lead to crashes or, in some extreme cases, to...

CVE-2017-2640

CVE-2017-2640 affects Pidgin/libpurple prior to 2.12.0. An out-of-bounds write in parsing XML content (e.g., via invalid XML entities) can allow a remote server to crash the client or, in some cases, execute arbitrary code. Upstream fixes/advise upgrading to 2.12.0 or newer (e.g., libpurple 2.12....

CVE-2017-2640

An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process...

CentOS 7 : pidgin (CESA-2017:1854)

An update for pidgin is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 7 : pidgin (ELSA-2017-1854)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1854 advisory. - Add patch for CVE-2017-2640 Resolves: 1431022 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

pidgin security, bug fix, and enhancement update

2.10.11-5 - Drop MXit support in RHEL Resolves: 1439296 2.10.11-4 - Silence -Wsign-compare - Rename the previous patch for consistency Resolves: 1445921, 1446368 2.10.11-3 - Avoid a use-after-free in an error path Resolves: 1445921 2.10.11-2 - Add patch for CVE-2017-2640 Resolves: 1431022 2.10.11...

openSUSE: Security Advisory for pidgin (openSUSE-SU-2017:0973-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : pidgin (openSUSE-2017-457)

This update for pidgin to version 2.12.0 fixes the following issues : This security issue was fixed : - CVE-2017-2640: Out of bounds memory read in purplemarkupunescapeentity boo1028835. These non-security issues were fixed : + libpurple : - Fix the use of uninitialised memory if running...

Security update for pidgin (important)

This update for pidgin to version 2.12.0 fixes the following issues: This security issue was fixed: - CVE-2017-2640: Out of bounds memory read in purplemarkupunescapeentity boo1028835. These non-security issues were fixed: + libpurple: - Fix the use of uninitialised memory if running...

Updated pidgin packages fix security vulnerability

A server controlled by an attacker can send an invalid XML that can trigger an out-of-bound memory access. This might lead to a crash or, in some extreme cases, to remote code execution in the client-side CVE-2017-2640. The pidgin package has been updated to version 2.12.0, which fixes this issue...

openSUSE Security Update : pidgin (openSUSE-2017-410)

This update for pidgin fixes the following issues : Feature update : - Update to GNOME 3.20.2 fate318572. Security issues fixed : - CVE-2017-2640: Fix an out of bounds memory read in purplemarkupunescapeentity. boo1028835 Bugfixes - Correctly remove .so files for plugins fixes...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : pidgin (SSA:2017-074-01)

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-074-01. The...

[SECURITY] [DSA 3806-1] pidgin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3806-1 [email protected] https://www.debian.org/security/ Luciano Bello March 10, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3806-1] pidgin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3806-1 [email protected] https://www.debian.org/security/ Luciano Bello March 10, 2017 https://www.debian.org/security/faq -...