Bug#655178: pu: package pidgin/2.7.3-1+squeeze1

To: Ari Pollak <ari@debian.org>, 655178@bugs.debian.org
Subject: Bug#655178: pu: package pidgin/2.7.3-1+squeeze1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 09 Jan 2012 21:06:19 +0000
Message-id: <[🔎] 1326143179.3328.10.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 655178@bugs.debian.org
In-reply-to: <[🔎] 20120109004058.5867.45363.reportbug@darth>
References: <[🔎] 20120109004058.5867.45363.reportbug@darth>

On Sun, 2012-01-08 at 19:40 -0500, Ari Pollak wrote:
> The security team asked me to prepare an update for squeeze that
> includes fixes for the outstanding minor security issues (all remote
> crashers with no remote code execution). That diff is attached.

Something odd appears to have happened to CVE-2011-4602.patch; it looks
like a diff of a brokenly wrapped diff.  For instance: (sic)

+============================================================ Index:
+pidgin/libpurple/protocols/jabber/jingle/jingle.c
+=================================================================== ---
+pidgin.orig/libpurple/protocols/jabber/jingle/jingle.c +++
+pidgin/libpurple/protocols/jabber/jingle/jingle.c @@ -119,7 +119,7 @@
+jingle_handle_content_modify(JingleSessi if (local_content != NULL) { const
+gchar *senders = xmlnode_get_attrib(content, "senders"); gchar *local_senders =
+jingle_content_get_senders(local_content);
+-			if (strcmp(senders,
+			local_senders)) +			if

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#655178: pu: package pidgin/2.7.3-1+squeeze1
  - From: Ari Pollak <ari@debian.org>

References:
- Bug#655178: pu: package pidgin/2.7.3-1+squeeze1
  - From: Ari Pollak <ari@debian.org>

Prev by Date: Bug#631019: HDF5 transition, the return!
Next by Date: Bug#655158: pu: base-installer & libdebian-installer: Power 7 support
Previous by thread: Bug#655178: pu: package pidgin/2.7.3-1+squeeze1
Next by thread: Bug#655178: pu: package pidgin/2.7.3-1+squeeze1
Index(es):
- Date
- Thread