Fixes for gaim/pidgin vulnerabilities?

To: debian-security@lists.debian.org
Subject: Fixes for gaim/pidgin vulnerabilities?
From: "Michael Gilbert" <michael.s.gilbert@gmail.com>
Date: Mon, 24 Nov 2008 18:10:14 -0500
Message-id: <8e2a98be0811241510h68b4966bke27ed7207d7391aa@mail.gmail.com>

Ubuntu [1] has recently released fixes for CVE-2008-2955,
CVE-2008-2957, and CVE-2008-3532 in gaim/pidgin.  Can we expect to see
these fixes released for Etch soon?

Also note that Ubuntu seems to have missed CVE-2008-2956 [2], which
also applies to gaim/pidgin.  The problem has not yet been fixed in
any of the Debian archives, which may explain why they did not include
a patch for this one.

Thanks for working to keep Debian secure.

[1] http://www.ubuntu.com/usn/USN-675-1
[2] http://security-tracker.debian.net/tracker/CVE-2008-2956

Reply to:

Follow-Ups:
- Re: Fixes for gaim/pidgin vulnerabilities?
  - From: Kees Cook <kees@outflux.net>

Prev by Date: Re: Encrypt file while you are using it
Next by Date: Re: Fixes for gaim/pidgin vulnerabilities?
Previous by thread: Re: Encrypt file while you are using it
Next by thread: Re: Fixes for gaim/pidgin vulnerabilities?
Index(es):
- Date
- Thread