Mandriva Linux Security Advisory : pidgin (MDVSA-2012:082)
Medium Nessus Plugin ID 61954
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been discovered and corrected in pidgin :
A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests (CVE-2012-2214).
Incoming messages with certain characters or character encodings can cause clients to crash (CVE-2012-2318).
This update provides pidgin 2.10.4, which is not vulnerable to these issues.
SolutionUpdate the affected packages.