openSUSE Security Update : pidgin (openSUSE-2012-29)
Medium Nessus Plugin ID 74639
SynopsisThe remote openSUSE host is missing a security update.
Descriptionpidgin was updated to version 2.10.1
+ AIM and ICQ :
- Fix remotely-triggerable crashes by validating strings in a few messages related to buddy list management (bnc#736147, CVE-2011-4601).
+ Bonjour :
- IPv6 fixes
+ Gadu-Gadu :
- Fix problems linking against GnuTLS.
+ IRC :
- Fix a memory leak when admitting UTF-8 text with a non-UTF-8 primary encoding.
+ Jabber :
- Fix crashes and memory leaks when receiving malformed voice and video requests.
+ Sametime :
- Separate 'username' and 'server' when adding new Sametime accounts.
- Fix compilation in Visual C++.
+ SILC :
- Fix CVE-2011-3594, by UTF-8 validating incoming messages before passing them to glib or libpurple.
+ Yahoo! :
- Fetch buddy icons in some cases where we previously weren't.
SolutionUpdate the affected pidgin packages.