Detections
Analytics

openSUSE Security Update : pidgin / pidgin-branding-openSUSE (openSUSE-SU-2014:0239-1)

high Nessus Plugin ID 75256

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

- Update to version 2.10.8 (bnc#861019) :

 + General: Python build scripts and example plugins are now compatible with Python 3 (pidgin.im#15624).

 + libpurple :

 - Fix potential crash if libpurple gets an error attempting to read a reply from a STUN server (CVE-2013-6484).

 - Fix potential crash parsing a malformed HTTP response (CVE-2013-6479).

 - Fix buffer overflow when parsing a malformed HTTP response with chunked Transfer-Encoding (CVE-2013-6485).

 - Better handling of HTTP proxy responses with negative Content-Lengths.

 - Fix handling of SSL certificates without subjects when using libnss.

 - Fix handling of SSL certificates with timestamps in the distant future when using libnss (pidgin.im#15586).

 - Impose maximum download size for all HTTP fetches.

 + Pidgin :

 - Fix crash displaying tooltip of long URLs (CVE-2013-6478).

 - Better handling of URLs longer than 1000 letters.

 - Fix handling of multibyte UTF-8 characters in smiley themes (pidgin.im#15756).

 + AIM: Fix untrusted certificate error.

 + AIM and ICQ: Fix a possible crash when receiving a malformed message in a Direct IM session.

 + Gadu-Gadu :

 - Fix buffer overflow with remote code execution potential. Only triggerable by a Gadu-Gadu server or a man-in-the-middle (CVE-2013-6487).

 - Disabled buddy list import/export from/to server.

 - Disabled new account registration and password change options.

 + IRC :

 - Fix bug where a malicious server or man-in-the-middle could trigger a crash by not sending enough arguments with various messages (CVE-2014-0020).

 - Fix bug where initial IRC status would not be set correctly.

 - Fix bug where IRC wasn't available when libpurple was compiled with Cyrus SASL support (pidgin.im#15517).

 + MSN :

 - Fix NULL pointer dereference parsing headers in MSN (CVE-2013-6482).

 - Fix NULL pointer dereference parsing OIM data in MSN (CVE-2013-6482).

 - Fix NULL pointer dereference parsing SOAP data in MSN (CVE-2013-6482).

 - Fix possible crash when sending very long messages. Not remotely-triggerable.

 + MXit :

 - Fix buffer overflow with remote code execution potential (CVE-2013-6487).

 - Fix sporadic crashes that can happen after user is disconnected.

 - Fix crash when attempting to add a contact via search results.

 - Show error message if file transfer fails.

 - Fix compiling with InstantBird.

 - Fix display of some custom emoticons.

 + SILC: Correctly set whiteboard dimensions in whiteboard sessions.

 + SIMPLE: Fix buffer overflow with remote code execution potential (CVE-2013-6487).

 + XMPP :

 - Prevent spoofing of iq replies by verifying that the 'from' address matches the 'to' address of the iq request (CVE-2013-6483).

 - Fix crash on some systems when receiving fake delay timestamps with extreme values (CVE-2013-6477).

 - Fix possible crash or other erratic behavior when selecting a very small file for your own buddy icon.

 - Fix crash if the user tries to initiate a voice/video session with a resourceless JID.

 - Fix login errors when the first two available auth mechanisms fail but a subsequent mechanism would otherwise work when using Cyrus SASL (pidgin.im#15524).

 - Fix dropping incoming stanzas on BOSH connections when we receive multiple HTTP responses at once (pidgin.im#15684).

 + Yahoo! :

 - Fix possible crashes handling incoming strings that are not UTF-8 (CVE-2012-6152).

 - Fix a bug reading a peer to peer message where a remote user could trigger a crash (CVE-2013-6481).

 + Plugins :

 - Fix crash in contact availability plugin.

 - Fix perl function Purple::Network::ip_atoi.

 - Add Unity integration plugin.

 + Windows specific fixes: (CVE-2013-6486, pidgin.im#15520, pidgin.im#15521, bgo#668154).

 - Drop pidgin-irc-sasl.patch, fixed upstream.

 - Obsolete pidgin-facebookchat: the package is no longer maintained and pidgin as built-in support for Facebook Chat.

 - Protect buildrequires for mono-devel with with_mono macro.

 - Add pidgin-gstreamer1.patch: Port to GStreamer 1.0. Only enabled on openSUSE 13.1 and newer.

 - On openSUSE 13.1 and newer, use gstreamer-devel and gstreamer-plugins-base-devel BuildRequires.

Solution

Update the affected pidgin / pidgin-branding-openSUSE packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=861019

https://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html

Plugin Details

Severity: High

ID: 75256

File Name: openSUSE-2014-132.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:mozillafirefox-branding-basedonopensuse, p-cpe:/a:novell:opensuse:packagekit-branding-basedonopensuse, p-cpe:/a:novell:opensuse:awesome-branding-basedonopensuse, p-cpe:/a:novell:opensuse:bot-sentry-debugsource, p-cpe:/a:novell:opensuse:branding-basedonopensuse, p-cpe:/a:novell:opensuse:compiz-branding-basedonopensuse, p-cpe:/a:novell:opensuse:dynamic-wallpaper-branding-basedonopensuse, p-cpe:/a:novell:opensuse:e17-branding-basedonopensuse, p-cpe:/a:novell:opensuse:epiphany-branding-basedonopensuse, p-cpe:/a:novell:opensuse:fcitx-branding-basedonopensuse, p-cpe:/a:novell:opensuse:finch, p-cpe:/a:novell:opensuse:finch-debuginfo, p-cpe:/a:novell:opensuse:finch-devel, p-cpe:/a:novell:opensuse:gcin-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gconf2-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gdm-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gfxboot-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gio-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gnome-menus-branding-basedonopensuse, p-cpe:/a:novell:opensuse:grub2-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gtk2-branding-basedonopensuse, p-cpe:/a:novell:opensuse:gtk3-branding-basedonopensuse, p-cpe:/a:novell:opensuse:hicolor-icon-theme-branding-basedonopensuse, p-cpe:/a:novell:opensuse:install-initrd-branding-basedonopensuse, p-cpe:/a:novell:opensuse:kdebase3-suse-branding-basedonopensuse, p-cpe:/a:novell:opensuse:kdebase4-runtime-branding-basedonopensuse, p-cpe:/a:novell:opensuse:kdebase4-workspace-branding-basedonopensuse, p-cpe:/a:novell:opensuse:kdelibs4-branding-basedonopensuse, p-cpe:/a:novell:opensuse:kdm-branding-basedonopensuse, p-cpe:/a:novell:opensuse:ksplash-qml-branding-basedonopensuse, p-cpe:/a:novell:opensuse:ksplashx-branding-basedonopensuse, p-cpe:/a:novell:opensuse:leechcraft, p-cpe:/a:novell:opensuse:leechcraft-advancednotifications, p-cpe:/a:novell:opensuse:leechcraft-advancednotifications-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-aggregator, p-cpe:/a:novell:opensuse:leechcraft-aggregator-bodyfetch, p-cpe:/a:novell:opensuse:leechcraft-aggregator-bodyfetch-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-aggregator-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-anhero, p-cpe:/a:novell:opensuse:leechcraft-anhero-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-auscrie, p-cpe:/a:novell:opensuse:leechcraft-auscrie-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth, p-cpe:/a:novell:opensuse:leechcraft-azoth-acetamide, p-cpe:/a:novell:opensuse:leechcraft-azoth-acetamide-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-adiumstyles, p-cpe:/a:novell:opensuse:leechcraft-azoth-adiumstyles-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-autoidler, p-cpe:/a:novell:opensuse:leechcraft-azoth-autoidler-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-autopaste, p-cpe:/a:novell:opensuse:leechcraft-azoth-autopaste-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-birthdaynotifier, p-cpe:/a:novell:opensuse:leechcraft-azoth-birthdaynotifier-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-chathistory, p-cpe:/a:novell:opensuse:leechcraft-azoth-chathistory-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-depester, p-cpe:/a:novell:opensuse:leechcraft-azoth-depester-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-embedmedia, p-cpe:/a:novell:opensuse:leechcraft-azoth-embedmedia-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-herbicide, p-cpe:/a:novell:opensuse:leechcraft-azoth-herbicide-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-hili, p-cpe:/a:novell:opensuse:leechcraft-azoth-hili-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-isterique, p-cpe:/a:novell:opensuse:leechcraft-azoth-isterique-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-juick, p-cpe:/a:novell:opensuse:leechcraft-azoth-juick-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-keeso, p-cpe:/a:novell:opensuse:leechcraft-monocle-pdf-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle-postrus, p-cpe:/a:novell:opensuse:leechcraft-azoth-keeso-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-lastseen, p-cpe:/a:novell:opensuse:leechcraft-azoth-lastseen-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-metacontacts, p-cpe:/a:novell:opensuse:leechcraft-azoth-metacontacts-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-modnok, p-cpe:/a:novell:opensuse:leechcraft-azoth-modnok-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-nativeemoticons, p-cpe:/a:novell:opensuse:leechcraft-azoth-nativeemoticons-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-otroid, p-cpe:/a:novell:opensuse:leechcraft-azoth-otroid-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-p100q, p-cpe:/a:novell:opensuse:leechcraft-azoth-p100q-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-rosenthal, p-cpe:/a:novell:opensuse:leechcraft-azoth-rosenthal-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-shx, p-cpe:/a:novell:opensuse:leechcraft-azoth-shx-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-standardstyles, p-cpe:/a:novell:opensuse:leechcraft-azoth-standardstyles-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-vader, p-cpe:/a:novell:opensuse:leechcraft-azoth-vader-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-velvetbird, p-cpe:/a:novell:opensuse:leechcraft-azoth-velvetbird-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-xoox, p-cpe:/a:novell:opensuse:leechcraft-azoth-xoox-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-xtazy, p-cpe:/a:novell:opensuse:leechcraft-azoth-xtazy-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-azoth-zheet, p-cpe:/a:novell:opensuse:leechcraft-azoth-zheet-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-bittorrent, p-cpe:/a:novell:opensuse:leechcraft-bittorrent-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-blogique, p-cpe:/a:novell:opensuse:leechcraft-blogique-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-blogique-hestia, p-cpe:/a:novell:opensuse:leechcraft-blogique-hestia-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-blogique-metida, p-cpe:/a:novell:opensuse:leechcraft-blogique-metida-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-choroid, p-cpe:/a:novell:opensuse:leechcraft-choroid-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-cstp, p-cpe:/a:novell:opensuse:leechcraft-cstp-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-dbusmanager, p-cpe:/a:novell:opensuse:leechcraft-dbusmanager-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-deadlyrics, p-cpe:/a:novell:opensuse:leechcraft-deadlyrics-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-debugsource, p-cpe:/a:novell:opensuse:leechcraft-devel, p-cpe:/a:novell:opensuse:leechcraft-dolozhee, p-cpe:/a:novell:opensuse:leechcraft-dolozhee-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-dumbeep, p-cpe:/a:novell:opensuse:leechcraft-dumbeep-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-gacts, p-cpe:/a:novell:opensuse:leechcraft-gacts-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-glance, p-cpe:/a:novell:opensuse:leechcraft-glance-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-gmailnotifier, p-cpe:/a:novell:opensuse:leechcraft-gmailnotifier-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-historyholder, p-cpe:/a:novell:opensuse:leechcraft-historyholder-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-hotsensors, p-cpe:/a:novell:opensuse:leechcraft-hotsensors-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-hotstreams, p-cpe:/a:novell:opensuse:leechcraft-hotstreams-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-kbswitch, p-cpe:/a:novell:opensuse:leechcraft-kbswitch-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-kinotify, p-cpe:/a:novell:opensuse:leechcraft-kinotify-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-knowhow, p-cpe:/a:novell:opensuse:leechcraft-knowhow-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lackman, p-cpe:/a:novell:opensuse:leechcraft-lackman-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lastfmscrobble, p-cpe:/a:novell:opensuse:leechcraft-lastfmscrobble-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-launchy, p-cpe:/a:novell:opensuse:leechcraft-launchy-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lemon, p-cpe:/a:novell:opensuse:leechcraft-lemon-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lhtr, p-cpe:/a:novell:opensuse:leechcraft-lhtr-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-liznoo, p-cpe:/a:novell:opensuse:leechcraft-liznoo-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lmp, p-cpe:/a:novell:opensuse:leechcraft-lmp-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lmp-dumbsync, p-cpe:/a:novell:opensuse:leechcraft-lmp-dumbsync-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lmp-graffiti, p-cpe:/a:novell:opensuse:leechcraft-lmp-graffiti-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-lmp-mp3tunes, p-cpe:/a:novell:opensuse:leechcraft-lmp-mp3tunes-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle, p-cpe:/a:novell:opensuse:leechcraft-monocle-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle-fxb, p-cpe:/a:novell:opensuse:leechcraft-monocle-fxb-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle-postrus-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle-seen, p-cpe:/a:novell:opensuse:leechcraft-monocle-seen-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-musiczombie, p-cpe:/a:novell:opensuse:leechcraft-musiczombie-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-netstoremanager, p-cpe:/a:novell:opensuse:leechcraft-netstoremanager-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-netstoremanager-googledrive, p-cpe:/a:novell:opensuse:leechcraft-netstoremanager-googledrive-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-networkmonitor, p-cpe:/a:novell:opensuse:leechcraft-networkmonitor-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-newlife, p-cpe:/a:novell:opensuse:leechcraft-newlife-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-otlozhu, p-cpe:/a:novell:opensuse:leechcraft-otlozhu-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-pintab, p-cpe:/a:novell:opensuse:leechcraft-pintab-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-pogooglue, p-cpe:/a:novell:opensuse:leechcraft-pogooglue-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-popishu, p-cpe:/a:novell:opensuse:leechcraft-popishu-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku, p-cpe:/a:novell:opensuse:leechcraft-poshuku-autosearch, p-cpe:/a:novell:opensuse:leechcraft-poshuku-autosearch-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-cleanweb, p-cpe:/a:novell:opensuse:leechcraft-poshuku-cleanweb-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-fatape, p-cpe:/a:novell:opensuse:leechcraft-poshuku-fatape-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-filescheme, p-cpe:/a:novell:opensuse:leechcraft-poshuku-filescheme-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-fua, p-cpe:/a:novell:opensuse:leechcraft-poshuku-fua-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-keywords, p-cpe:/a:novell:opensuse:leechcraft-monocle-mu, p-cpe:/a:novell:opensuse:leechcraft-monocle-mu-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-monocle-pdf, p-cpe:/a:novell:opensuse:pidgin-embeddedvideo-debugsource, p-cpe:/a:novell:opensuse:pidgin-facebookchat, p-cpe:/a:novell:opensuse:pidgin-facebookchat-debugsource, p-cpe:/a:novell:opensuse:pidgin-guifications-debugsource, p-cpe:/a:novell:opensuse:pidgin-guifications-lang, p-cpe:/a:novell:opensuse:pidgin-mrim, p-cpe:/a:novell:opensuse:pidgin-openfetion, p-cpe:/a:novell:opensuse:pidgin-openfetion-debugsource, p-cpe:/a:novell:opensuse:pidgin-otr, p-cpe:/a:novell:opensuse:pidgin-otr-debuginfo, p-cpe:/a:novell:opensuse:pidgin-otr-debugsource, p-cpe:/a:novell:opensuse:pidgin-plugin-advanced-sound-notification, p-cpe:/a:novell:opensuse:pidgin-plugin-advanced-sound-notification-debuginfo, p-cpe:/a:novell:opensuse:pidgin-plugin-birthday-reminder, p-cpe:/a:novell:opensuse:pidgin-plugin-birthday-reminder-debuginfo, p-cpe:/a:novell:opensuse:pidgin-plugin-embeddedvideo, p-cpe:/a:novell:opensuse:pidgin-plugin-embeddedvideo-debuginfo, p-cpe:/a:novell:opensuse:pidgin-plugin-guifications, p-cpe:/a:novell:opensuse:pidgin-plugin-guifications-debuginfo, p-cpe:/a:novell:opensuse:pidgin-plugin-pack, p-cpe:/a:novell:opensuse:pidgin-plugin-pack-debuginfo, p-cpe:/a:novell:opensuse:pidgin-plugin-pack-extras, p-cpe:/a:novell:opensuse:pidgin-plugin-skype, p-cpe:/a:novell:opensuse:pidgin-sipe, p-cpe:/a:novell:opensuse:pidgin-sipe-debugsource, p-cpe:/a:novell:opensuse:plymouth-branding-basedonopensuse, p-cpe:/a:novell:opensuse:purple-plugin-pack-debugsource, p-cpe:/a:novell:opensuse:purple-plugin-pack-lang, p-cpe:/a:novell:opensuse:skype4pidgin-debugsource, p-cpe:/a:novell:opensuse:splashy-branding-basedonopensuse, p-cpe:/a:novell:opensuse:susegreeter-branding-basedonopensuse, p-cpe:/a:novell:opensuse:systemd-presets-branding-basedonopensuse, p-cpe:/a:novell:opensuse:telepathy-haze, p-cpe:/a:novell:opensuse:telepathy-haze-debuginfo, p-cpe:/a:novell:opensuse:telepathy-haze-debugsource, p-cpe:/a:novell:opensuse:telepathy-plugin-sipe, p-cpe:/a:novell:opensuse:telepathy-plugin-sipe-debuginfo, p-cpe:/a:novell:opensuse:thunar-volman-branding-basedonopensuse, p-cpe:/a:novell:opensuse:wallpaper-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfce4-notifyd-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfce4-panel-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfce4-session-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfce4-settings-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfce4-splash-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfdesktop-branding-basedonopensuse, p-cpe:/a:novell:opensuse:xfwm4-branding-basedonopensuse, p-cpe:/a:novell:opensuse:yast2-branding-basedonopensuse, p-cpe:/a:novell:opensuse:yast2-qt-branding-basedonopensuse, cpe:/o:novell:opensuse:12.3, cpe:/o:novell:opensuse:13.1, p-cpe:/a:novell:opensuse:leechcraft-poshuku-keywords-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks-delicious, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks-delicious-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks-readitlater, p-cpe:/a:novell:opensuse:leechcraft-poshuku-onlinebookmarks-readitlater-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-sb2, p-cpe:/a:novell:opensuse:leechcraft-sb2-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-secman, p-cpe:/a:novell:opensuse:leechcraft-secman-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-secman-simplestorage, p-cpe:/a:novell:opensuse:leechcraft-secman-simplestorage-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-seekthru, p-cpe:/a:novell:opensuse:leechcraft-seekthru-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-shaitan, p-cpe:/a:novell:opensuse:leechcraft-shaitan-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-shellopen, p-cpe:/a:novell:opensuse:leechcraft-shellopen-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-summary, p-cpe:/a:novell:opensuse:leechcraft-summary-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-syncer, p-cpe:/a:novell:opensuse:leechcraft-syncer-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-tabsessionmanager, p-cpe:/a:novell:opensuse:leechcraft-tabsessionmanager-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-tabslist, p-cpe:/a:novell:opensuse:leechcraft-tabslist-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-touchstreams, p-cpe:/a:novell:opensuse:leechcraft-touchstreams-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-tpi, p-cpe:/a:novell:opensuse:leechcraft-tpi-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-vgrabber, p-cpe:/a:novell:opensuse:leechcraft-vgrabber-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-vrooby, p-cpe:/a:novell:opensuse:leechcraft-vrooby-debuginfo, p-cpe:/a:novell:opensuse:leechcraft-xproxy, p-cpe:/a:novell:opensuse:leechcraft-xproxy-debuginfo, p-cpe:/a:novell:opensuse:libexo-1-0-branding-basedonopensuse, p-cpe:/a:novell:opensuse:libgarcon-branding-basedonopensuse, p-cpe:/a:novell:opensuse:libpurple, p-cpe:/a:novell:opensuse:libpurple-branding-basedonopensuse, p-cpe:/a:novell:opensuse:libpurple-branding-opensuse, p-cpe:/a:novell:opensuse:libpurple-branding-upstream, p-cpe:/a:novell:opensuse:libpurple-debuginfo, p-cpe:/a:novell:opensuse:libpurple-devel, p-cpe:/a:novell:opensuse:libpurple-lang, p-cpe:/a:novell:opensuse:libpurple-meanwhile, p-cpe:/a:novell:opensuse:libpurple-meanwhile-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-bot-sentry, p-cpe:/a:novell:opensuse:libpurple-plugin-bot-sentry-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-bot-sentry-lang, p-cpe:/a:novell:opensuse:libpurple-plugin-facebookchat, p-cpe:/a:novell:opensuse:libpurple-plugin-facebookchat-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-mrim, p-cpe:/a:novell:opensuse:libpurple-plugin-mrim-lang, p-cpe:/a:novell:opensuse:libpurple-plugin-openfetion, p-cpe:/a:novell:opensuse:libpurple-plugin-openfetion-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-openfetion-lang, p-cpe:/a:novell:opensuse:libpurple-plugin-pack, p-cpe:/a:novell:opensuse:libpurple-plugin-pack-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-pack-extras, p-cpe:/a:novell:opensuse:libpurple-plugin-pack-extras-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-sipe, p-cpe:/a:novell:opensuse:libpurple-plugin-sipe-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-skype, p-cpe:/a:novell:opensuse:libpurple-plugin-skype-debuginfo, p-cpe:/a:novell:opensuse:libpurple-plugin-skype-lang, p-cpe:/a:novell:opensuse:libpurple-tcl, p-cpe:/a:novell:opensuse:libpurple-tcl-debuginfo, p-cpe:/a:novell:opensuse:libreoffice-branding-basedonopensuse, p-cpe:/a:novell:opensuse:libsocialweb-branding-basedonopensuse, p-cpe:/a:novell:opensuse:libxfce4ui-branding-basedonopensuse, p-cpe:/a:novell:opensuse:lightdm-gtk-greeter-branding-basedonopensuse, p-cpe:/a:novell:opensuse:lxde-common-branding-basedonopensuse, p-cpe:/a:novell:opensuse:midori-branding-basedonopensuse, p-cpe:/a:novell:opensuse:pidgin, p-cpe:/a:novell:opensuse:pidgin-advanced-sound-notification-debugsource, p-cpe:/a:novell:opensuse:pidgin-advanced-sound-notification-lang, p-cpe:/a:novell:opensuse:pidgin-birthday-reminder-debugsource, p-cpe:/a:novell:opensuse:pidgin-birthday-reminder-lang, p-cpe:/a:novell:opensuse:pidgin-debuginfo, p-cpe:/a:novell:opensuse:pidgin-debugsource, p-cpe:/a:novell:opensuse:pidgin-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/17/2014

Reference Information

CVE: CVE-2012-6152, CVE-2013-6477, CVE-2013-6478, CVE-2013-6479, CVE-2013-6481, CVE-2013-6482, CVE-2013-6483, CVE-2013-6484, CVE-2013-6485, CVE-2013-6486, CVE-2013-6487, CVE-2014-0020

BID: 65188, 65189, 65243, 65492