Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-3083 (GCVE-0-2009-3083)
Vulnerability from cvelistv5
Published
2009-09-08 18:00
Modified
2024-08-07 06:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:55.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"name": "36601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36601"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"name": "oval:org.mitre.oval:def:11852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"name": "36277",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36277"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"name": "oval:org.mitre.oval:def:6322",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"name": "36601",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36601"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"name": "oval:org.mitre.oval:def:11852",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"name": "36277",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36277"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"name": "oval:org.mitre.oval:def:6322",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.pidgin.im/ticket/10159",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"name": "36601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36601"
},
{
"name": "http://www.pidgin.im/news/security/index.php?id=39",
"refsource": "CONFIRM",
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"name": "oval:org.mitre.oval:def:11852",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"name": "36277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36277"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"name": "oval:org.mitre.oval:def:6322",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3083",
"datePublished": "2009-09-08T18:00:00",
"dateReserved": "2009-09-08T00:00:00",
"dateUpdated": "2024-08-07T06:14:55.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-3083\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-09-08T18:30:00.360\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n msn_slp_sip_recv de libpurple/protocols/msn/slp.c en el \\\"plugin\\\" (complemento) del protocolo MSN de libpurple de Pidgin en sus versiones anteriores a la v2.6.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resoluci\u00f3n de una referencia a puntero NULL y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un mensaje SLP invite que carece de determinados campos obligatorios, tal como se ha demostrado con un mensaje mal formado desde un cliente KMess.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:libpurple:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD5DB51C-9FD1-41CB-AAFD-5F6A072C3F82\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.1\",\"matchCriteriaId\":\"4B6B929B-1F85-4584-AA92-5B30BE110D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBC2EBF3-73A7-4542-8E9C-47A4241A224C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF62072D-4956-4FE6-931E-E6EE9C49F3E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6499D8D5-0801-498C-BD4D-508506918CEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"5C5B2A50-6734-4B64-AFD0-DB34C3BDA86F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73CC76CD-FF35-4B3A-9F1E-4E5A65963057\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F694A1FC-2F10-48F9-8E8D-C88A8E7397AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D22A117-78BE-4BAC-8A2A-6C00C9E3A4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59E216BC-29E4-4C31-9CF0-DE22C2E84968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BD203F7-B983-4FDD-9837-D68D4F388A4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB90B7CB-1A11-45A8-B0BC-9B2143D84A2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C8E3CBA-2B33-49EF-9105-8DDBB938F519\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72AA3282-CA7D-438C-A07C-A63392333630\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.0:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D1DFC7-4B7F-4006-9058-8335A292821E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEEFF420-2868-422B-BD22-9A5749C2398F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.1:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"12095F49-8DFD-4C74-9454-5C3A5992A3FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B139D83D-7D18-42C7-988C-2070B66CB943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.2:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"C62110B5-61D7-406D-B1A5-65AEC202DDFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"047D9636-BCCE-4956-B5A3-D276F1C2EF2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.4.3:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD01B8C6-7D3E-4FF9-A5B5-AAF33F4CEBB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A8A794E-E1CB-4F0F-9739-D625E94EA566\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.0:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD6D98DC-06FC-46E7-A790-98A0B43A4E8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E64EEEA0-89CE-46BD-B387-A96521E76A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6E96AA3-B567-4E97-979A-D97A4F786D55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.2:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FEE4F73-A426-4B47-8BAF-1C7D2F955850\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09C407C0-99A2-477B-87CF-6BE9F7B367E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.3:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"777EF35C-195A-4784-986D-3811CF1DCF16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBEF0457-39D8-465B-86A7-8DFA44A1F820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.4:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2DD21F1-7A08-4F2D-B8EA-C02771E960FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E593BFF0-650E-4EDB-BF65-C509C8A807C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.5:32_bit:*:*:*:*:*:*\",\"matchCriteriaId\":\"01256F83-6E67-409A-B99A-6E27E83DA05F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E39468D5-1378-4441-B927-5C34C85B18AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C80012AD-8F49-4287-8AEC-C21AC5774CA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB3CF0C-BECE-4685-A370-96424B0A5703\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D5BC0FC-2F7D-41BE-83E4-AEDACD71F427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:pidgin:pidgin:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8321D92-B935-4C2A-81B1-5984BFF4FD57\"}]}]}],\"references\":[{\"url\":\"http://developer.pidgin.im/ticket/10159\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36601\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.pidgin.im/news/security/index.php?id=39\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36277\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://developer.pidgin.im/ticket/10159\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.pidgin.im/news/security/index.php?id=39\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36277\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
fkie_cve-2009-3083
Vulnerability from fkie_nvd
Published
2009-09-08 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://developer.pidgin.im/ticket/10159 | Patch, Vendor Advisory | |
| cve@mitre.org | http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c | Patch, Vendor Advisory | |
| cve@mitre.org | http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/36601 | Vendor Advisory | |
| cve@mitre.org | http://www.pidgin.im/news/security/index.php?id=39 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/36277 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://developer.pidgin.im/ticket/10159 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/36601 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.pidgin.im/news/security/index.php?id=39 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/36277 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pidgin | libpurple | * | |
| pidgin | pidgin | * | |
| pidgin | pidgin | 2.0.0 | |
| pidgin | pidgin | 2.0.1 | |
| pidgin | pidgin | 2.0.2 | |
| pidgin | pidgin | 2.0.2 | |
| pidgin | pidgin | 2.1.0 | |
| pidgin | pidgin | 2.1.1 | |
| pidgin | pidgin | 2.2.0 | |
| pidgin | pidgin | 2.2.1 | |
| pidgin | pidgin | 2.2.2 | |
| pidgin | pidgin | 2.3.0 | |
| pidgin | pidgin | 2.3.1 | |
| pidgin | pidgin | 2.4.0 | |
| pidgin | pidgin | 2.4.0 | |
| pidgin | pidgin | 2.4.1 | |
| pidgin | pidgin | 2.4.1 | |
| pidgin | pidgin | 2.4.2 | |
| pidgin | pidgin | 2.4.2 | |
| pidgin | pidgin | 2.4.3 | |
| pidgin | pidgin | 2.4.3 | |
| pidgin | pidgin | 2.5.0 | |
| pidgin | pidgin | 2.5.0 | |
| pidgin | pidgin | 2.5.1 | |
| pidgin | pidgin | 2.5.2 | |
| pidgin | pidgin | 2.5.2 | |
| pidgin | pidgin | 2.5.3 | |
| pidgin | pidgin | 2.5.3 | |
| pidgin | pidgin | 2.5.4 | |
| pidgin | pidgin | 2.5.4 | |
| pidgin | pidgin | 2.5.5 | |
| pidgin | pidgin | 2.5.5 | |
| pidgin | pidgin | 2.5.6 | |
| pidgin | pidgin | 2.5.7 | |
| pidgin | pidgin | 2.5.8 | |
| pidgin | pidgin | 2.5.9 | |
| pidgin | pidgin | 2.6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pidgin:libpurple:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5DB51C-9FD1-41CB-AAFD-5F6A072C3F82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6B929B-1F85-4584-AA92-5B30BE110D4F",
"versionEndIncluding": "2.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC2EBF3-73A7-4542-8E9C-47A4241A224C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF62072D-4956-4FE6-931E-E6EE9C49F3E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6499D8D5-0801-498C-BD4D-508506918CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "5C5B2A50-6734-4B64-AFD0-DB34C3BDA86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73CC76CD-FF35-4B3A-9F1E-4E5A65963057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F694A1FC-2F10-48F9-8E8D-C88A8E7397AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D22A117-78BE-4BAC-8A2A-6C00C9E3A4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59E216BC-29E4-4C31-9CF0-DE22C2E84968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD203F7-B983-4FDD-9837-D68D4F388A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90B7CB-1A11-45A8-B0BC-9B2143D84A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8E3CBA-2B33-49EF-9105-8DDBB938F519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72AA3282-CA7D-438C-A07C-A63392333630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.0:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "A7D1DFC7-4B7F-4006-9058-8335A292821E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BEEFF420-2868-422B-BD22-9A5749C2398F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.1:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "12095F49-8DFD-4C74-9454-5C3A5992A3FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B139D83D-7D18-42C7-988C-2070B66CB943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.2:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "C62110B5-61D7-406D-B1A5-65AEC202DDFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "047D9636-BCCE-4956-B5A3-D276F1C2EF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.4.3:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "CD01B8C6-7D3E-4FF9-A5B5-AAF33F4CEBB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8A794E-E1CB-4F0F-9739-D625E94EA566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.0:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "AD6D98DC-06FC-46E7-A790-98A0B43A4E8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E64EEEA0-89CE-46BD-B387-A96521E76A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E96AA3-B567-4E97-979A-D97A4F786D55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.2:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "3FEE4F73-A426-4B47-8BAF-1C7D2F955850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "09C407C0-99A2-477B-87CF-6BE9F7B367E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.3:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "777EF35C-195A-4784-986D-3811CF1DCF16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EBEF0457-39D8-465B-86A7-8DFA44A1F820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.4:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "F2DD21F1-7A08-4F2D-B8EA-C02771E960FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E593BFF0-650E-4EDB-BF65-C509C8A807C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.5:32_bit:*:*:*:*:*:*",
"matchCriteriaId": "01256F83-6E67-409A-B99A-6E27E83DA05F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E39468D5-1378-4441-B927-5C34C85B18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C80012AD-8F49-4287-8AEC-C21AC5774CA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB3CF0C-BECE-4685-A370-96424B0A5703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3D5BC0FC-2F7D-41BE-83E4-AEDACD71F427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pidgin:pidgin:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8321D92-B935-4C2A-81B1-5984BFF4FD57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client."
},
{
"lang": "es",
"value": "La funci\u00f3n msn_slp_sip_recv de libpurple/protocols/msn/slp.c en el \"plugin\" (complemento) del protocolo MSN de libpurple de Pidgin en sus versiones anteriores a la v2.6.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resoluci\u00f3n de una referencia a puntero NULL y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un mensaje SLP invite que carece de determinados campos obligatorios, tal como se ha demostrado con un mensaje mal formado desde un cliente KMess."
}
],
"id": "CVE-2009-3083",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-08T18:30:00.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36601"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36277"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36601"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2009-3083
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-3083",
"description": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"id": "GSD-2009-3083",
"references": [
"https://www.suse.com/security/cve/CVE-2009-3083.html",
"https://access.redhat.com/errata/RHSA-2009:1535",
"https://access.redhat.com/errata/RHSA-2009:1453",
"https://linux.oracle.com/cve/CVE-2009-3083.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-3083"
],
"details": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"id": "GSD-2009-3083",
"modified": "2023-12-13T01:19:49.254909Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.pidgin.im/ticket/10159",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"name": "36601",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36601"
},
{
"name": "http://www.pidgin.im/news/security/index.php?id=39",
"refsource": "CONFIRM",
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"name": "oval:org.mitre.oval:def:11852",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"name": "36277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36277"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"name": "oval:org.mitre.oval:def:6322",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:pidgin:libpurple:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.2:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.2:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.3:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.0:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.1:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.5:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.3:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.0:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.5.4:32_bit:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.6.1",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3083"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://developer.pidgin.im/ticket/10159",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"name": "36601",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36601"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"name": "36277",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/36277"
},
{
"name": "http://www.pidgin.im/news/security/index.php?id=39",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"name": "oval:org.mitre.oval:def:6322",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
},
{
"name": "oval:org.mitre.oval:def:11852",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-09-19T01:29Z",
"publishedDate": "2009-09-08T18:30Z"
}
}
}
rhsa-2009:1535
Vulnerability from csaf_redhat
Published
2009-10-29 14:13
Modified
2024-11-22 03:05
Summary
Red Hat Security Advisory: pidgin security update
Notes
Topic
An updated pidgin package that fixes several security issues is now
available for Red Hat Enterprise Linux 3.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously.
An invalid pointer dereference bug was found in the way the Pidgin OSCAR
protocol implementation processed lists of contacts. A remote attacker
could send a specially-crafted contact list to a user running Pidgin,
causing Pidgin to crash. (CVE-2009-3615)
A NULL pointer dereference flaw was found in the way the Pidgin IRC
protocol plug-in handles IRC topics. A malicious IRC server could send a
specially-crafted IRC TOPIC message, which once received by Pidgin, would
lead to a denial of service (Pidgin crash). (CVE-2009-2703)
A NULL pointer dereference flaw was found in the way the Pidgin MSN
protocol plug-in handles improper MSNSLP invitations. A remote attacker
could send a specially-crafted MSNSLP invitation request, which once
accepted by a valid Pidgin user, would lead to a denial of service (Pidgin
crash). (CVE-2009-3083)
All Pidgin users should upgrade to this updated package, which contains
backported patches to resolve these issues. Pidgin must be restarted for
this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated pidgin package that fixes several security issues is now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Pidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nAn invalid pointer dereference bug was found in the way the Pidgin OSCAR\nprotocol implementation processed lists of contacts. A remote attacker\ncould send a specially-crafted contact list to a user running Pidgin,\ncausing Pidgin to crash. (CVE-2009-3615)\n\nA NULL pointer dereference flaw was found in the way the Pidgin IRC\nprotocol plug-in handles IRC topics. A malicious IRC server could send a\nspecially-crafted IRC TOPIC message, which once received by Pidgin, would\nlead to a denial of service (Pidgin crash). (CVE-2009-2703)\n\nA NULL pointer dereference flaw was found in the way the Pidgin MSN\nprotocol plug-in handles improper MSNSLP invitations. A remote attacker\ncould send a specially-crafted MSNSLP invitation request, which once\naccepted by a valid Pidgin user, would lead to a denial of service (Pidgin\ncrash). (CVE-2009-3083)\n\nAll Pidgin users should upgrade to this updated package, which contains\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1535",
"url": "https://access.redhat.com/errata/RHSA-2009:1535"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "521823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521823"
},
{
"category": "external",
"summary": "521832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521832"
},
{
"category": "external",
"summary": "529357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529357"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1535.json"
}
],
"title": "Red Hat Security Advisory: pidgin security update",
"tracking": {
"current_release_date": "2024-11-22T03:05:53+00:00",
"generator": {
"date": "2024-11-22T03:05:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1535",
"initial_release_date": "2009-10-29T14:13:00+00:00",
"revision_history": [
{
"date": "2009-10-29T14:13:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-10-29T10:20:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:05:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.ia64",
"product": {
"name": "pidgin-0:1.5.1-6.el3.ia64",
"product_id": "pidgin-0:1.5.1-6.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.src",
"product": {
"name": "pidgin-0:1.5.1-6.el3.src",
"product_id": "pidgin-0:1.5.1-6.el3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.x86_64",
"product": {
"name": "pidgin-0:1.5.1-6.el3.x86_64",
"product_id": "pidgin-0:1.5.1-6.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.i386",
"product": {
"name": "pidgin-0:1.5.1-6.el3.i386",
"product_id": "pidgin-0:1.5.1-6.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.ppc",
"product": {
"name": "pidgin-0:1.5.1-6.el3.ppc",
"product_id": "pidgin-0:1.5.1-6.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.s390x",
"product": {
"name": "pidgin-0:1.5.1-6.el3.s390x",
"product_id": "pidgin-0:1.5.1-6.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:1.5.1-6.el3.s390",
"product": {
"name": "pidgin-0:1.5.1-6.el3.s390",
"product_id": "pidgin-0:1.5.1-6.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@1.5.1-6.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"product": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"product_id": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-6.el3?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.src"
},
"product_reference": "pidgin-0:1.5.1-6.el3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.src"
},
"product_reference": "pidgin-0:1.5.1-6.el3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.src"
},
"product_reference": "pidgin-0:1.5.1-6.el3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.src"
},
"product_reference": "pidgin-0:1.5.1-6.el3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
},
"product_reference": "pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2703",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521823"
}
],
"notes": [
{
"category": "description",
"text": "libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: NULL pointer dereference by handling IRC topic(s) (DoS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2703"
},
{
"category": "external",
"summary": "RHBZ#521823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521823"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2703",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2703"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2703",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2703"
}
],
"release_date": "2009-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-10-29T14:13:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1535"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Pidgin: NULL pointer dereference by handling IRC topic(s) (DoS)"
},
{
"cve": "CVE-2009-3083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521832"
}
],
"notes": [
{
"category": "description",
"text": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: NULL pointer dereference by processing incomplete MSN SLP invite (DoS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3083"
},
{
"category": "external",
"summary": "RHBZ#521832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521832"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3083",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3083"
}
],
"release_date": "2009-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-10-29T14:13:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1535"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Pidgin: NULL pointer dereference by processing incomplete MSN SLP invite (DoS)"
},
{
"cve": "CVE-2009-3615",
"discovery_date": "2009-10-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529357"
}
],
"notes": [
{
"category": "description",
"text": "The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: Invalid pointer dereference (crash) after receiving contacts from SIM IM client",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3615"
},
{
"category": "external",
"summary": "RHBZ#529357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529357"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3615"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3615",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3615"
}
],
"release_date": "2009-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-10-29T14:13:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1535"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"3AS:pidgin-0:1.5.1-6.el3.i386",
"3AS:pidgin-0:1.5.1-6.el3.ia64",
"3AS:pidgin-0:1.5.1-6.el3.ppc",
"3AS:pidgin-0:1.5.1-6.el3.s390",
"3AS:pidgin-0:1.5.1-6.el3.s390x",
"3AS:pidgin-0:1.5.1-6.el3.src",
"3AS:pidgin-0:1.5.1-6.el3.x86_64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3AS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-0:1.5.1-6.el3.src",
"3Desktop:pidgin-0:1.5.1-6.el3.x86_64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3Desktop:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-0:1.5.1-6.el3.i386",
"3ES:pidgin-0:1.5.1-6.el3.ia64",
"3ES:pidgin-0:1.5.1-6.el3.ppc",
"3ES:pidgin-0:1.5.1-6.el3.s390",
"3ES:pidgin-0:1.5.1-6.el3.s390x",
"3ES:pidgin-0:1.5.1-6.el3.src",
"3ES:pidgin-0:1.5.1-6.el3.x86_64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3ES:pidgin-debuginfo-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-0:1.5.1-6.el3.i386",
"3WS:pidgin-0:1.5.1-6.el3.ia64",
"3WS:pidgin-0:1.5.1-6.el3.ppc",
"3WS:pidgin-0:1.5.1-6.el3.s390",
"3WS:pidgin-0:1.5.1-6.el3.s390x",
"3WS:pidgin-0:1.5.1-6.el3.src",
"3WS:pidgin-0:1.5.1-6.el3.x86_64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.i386",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ia64",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.ppc",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.s390x",
"3WS:pidgin-debuginfo-0:1.5.1-6.el3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Pidgin: Invalid pointer dereference (crash) after receiving contacts from SIM IM client"
}
]
}
rhsa-2009:1453
Vulnerability from csaf_redhat
Published
2009-09-21 15:34
Modified
2024-11-22 03:05
Summary
Red Hat Security Advisory: pidgin security update
Notes
Topic
Updated pidgin packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details
Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously. Info/Query
(IQ) is an Extensible Messaging and Presence Protocol (XMPP) specific
request-response mechanism.
A NULL pointer dereference flaw was found in the way the Pidgin XMPP
protocol plug-in processes IQ error responses when trying to fetch a custom
smiley. A remote client could send a specially-crafted IQ error response
that would crash Pidgin. (CVE-2009-3085)
A NULL pointer dereference flaw was found in the way the Pidgin IRC
protocol plug-in handles IRC topics. A malicious IRC server could send a
specially-crafted IRC TOPIC message, which once received by Pidgin, would
lead to a denial of service (Pidgin crash). (CVE-2009-2703)
It was discovered that, when connecting to certain, very old Jabber servers
via XMPP, Pidgin may ignore the "Require SSL/TLS" setting. In these
situations, a non-encrypted connection is established rather than the
connection failing, causing the user to believe they are using an encrypted
connection when they are not, leading to sensitive information disclosure
(session sniffing). (CVE-2009-3026)
A NULL pointer dereference flaw was found in the way the Pidgin MSN
protocol plug-in handles improper MSNSLP invitations. A remote attacker
could send a specially-crafted MSNSLP invitation request, which once
accepted by a valid Pidgin user, would lead to a denial of service (Pidgin
crash). (CVE-2009-3083)
These packages upgrade Pidgin to version 2.6.2. Refer to the Pidgin release
notes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog
All Pidgin users should upgrade to these updated packages, which correct
these issues. Pidgin must be restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated pidgin packages that fix several security issues are now available\nfor Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "Pidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. Info/Query\n(IQ) is an Extensible Messaging and Presence Protocol (XMPP) specific\nrequest-response mechanism.\n\nA NULL pointer dereference flaw was found in the way the Pidgin XMPP\nprotocol plug-in processes IQ error responses when trying to fetch a custom\nsmiley. A remote client could send a specially-crafted IQ error response\nthat would crash Pidgin. (CVE-2009-3085)\n\nA NULL pointer dereference flaw was found in the way the Pidgin IRC\nprotocol plug-in handles IRC topics. A malicious IRC server could send a\nspecially-crafted IRC TOPIC message, which once received by Pidgin, would\nlead to a denial of service (Pidgin crash). (CVE-2009-2703)\n\nIt was discovered that, when connecting to certain, very old Jabber servers\nvia XMPP, Pidgin may ignore the \"Require SSL/TLS\" setting. In these\nsituations, a non-encrypted connection is established rather than the\nconnection failing, causing the user to believe they are using an encrypted\nconnection when they are not, leading to sensitive information disclosure\n(session sniffing). (CVE-2009-3026)\n\nA NULL pointer dereference flaw was found in the way the Pidgin MSN\nprotocol plug-in handles improper MSNSLP invitations. A remote attacker\ncould send a specially-crafted MSNSLP invitation request, which once\naccepted by a valid Pidgin user, would lead to a denial of service (Pidgin\ncrash). (CVE-2009-3083)\n\nThese packages upgrade Pidgin to version 2.6.2. Refer to the Pidgin release\nnotes for a full list of changes: http://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1453",
"url": "https://access.redhat.com/errata/RHSA-2009:1453"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "http://xmpp.org/rfcs/rfc3920.html#stanzas-semantics-iq",
"url": "http://xmpp.org/rfcs/rfc3920.html#stanzas-semantics-iq"
},
{
"category": "external",
"summary": "519224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519224"
},
{
"category": "external",
"summary": "521823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521823"
},
{
"category": "external",
"summary": "521832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521832"
},
{
"category": "external",
"summary": "521853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521853"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1453.json"
}
],
"title": "Red Hat Security Advisory: pidgin security update",
"tracking": {
"current_release_date": "2024-11-22T03:05:48+00:00",
"generator": {
"date": "2024-11-22T03:05:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1453",
"initial_release_date": "2009-09-21T15:34:00+00:00",
"revision_history": [
{
"date": "2009-09-21T15:34:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-09-21T11:46:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:05:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_productivity:5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el4.ia64",
"product": {
"name": "pidgin-0:2.6.2-2.el4.ia64",
"product_id": "pidgin-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el4.ia64",
"product": {
"name": "libpurple-0:2.6.2-2.el4.ia64",
"product_id": "libpurple-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el4.ia64",
"product": {
"name": "finch-0:2.6.2-2.el4.ia64",
"product_id": "finch-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el4.ia64",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el4.ia64",
"product_id": "libpurple-perl-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el4.ia64",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el4.ia64",
"product_id": "pidgin-devel-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el4.ia64",
"product": {
"name": "finch-devel-0:2.6.2-2.el4.ia64",
"product_id": "finch-devel-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el4.ia64",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el4.ia64",
"product_id": "pidgin-perl-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el4.ia64",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el4.ia64",
"product_id": "libpurple-devel-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"product_id": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el4.src",
"product": {
"name": "pidgin-0:2.6.2-2.el4.src",
"product_id": "pidgin-0:2.6.2-2.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el4?arch=src"
}
}
},
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el5.src",
"product": {
"name": "pidgin-0:2.6.2-2.el5.src",
"product_id": "pidgin-0:2.6.2-2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el4.x86_64",
"product": {
"name": "pidgin-0:2.6.2-2.el4.x86_64",
"product_id": "pidgin-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el4.x86_64",
"product": {
"name": "libpurple-0:2.6.2-2.el4.x86_64",
"product_id": "libpurple-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el4.x86_64",
"product": {
"name": "finch-0:2.6.2-2.el4.x86_64",
"product_id": "finch-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"product_id": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"product_id": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el4.x86_64",
"product": {
"name": "finch-devel-0:2.6.2-2.el4.x86_64",
"product_id": "finch-devel-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"product_id": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"product_id": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"product_id": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"product_id": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"product_id": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el5.x86_64",
"product": {
"name": "finch-devel-0:2.6.2-2.el5.x86_64",
"product_id": "finch-devel-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"product_id": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el5.x86_64",
"product": {
"name": "pidgin-0:2.6.2-2.el5.x86_64",
"product_id": "pidgin-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el5.x86_64",
"product": {
"name": "libpurple-0:2.6.2-2.el5.x86_64",
"product_id": "libpurple-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el5.x86_64",
"product": {
"name": "finch-0:2.6.2-2.el5.x86_64",
"product_id": "finch-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"product_id": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"product_id": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el4.i386",
"product": {
"name": "pidgin-0:2.6.2-2.el4.i386",
"product_id": "pidgin-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el4.i386",
"product": {
"name": "libpurple-0:2.6.2-2.el4.i386",
"product_id": "libpurple-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el4.i386",
"product": {
"name": "finch-0:2.6.2-2.el4.i386",
"product_id": "finch-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el4.i386",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el4.i386",
"product_id": "libpurple-perl-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el4.i386",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el4.i386",
"product_id": "pidgin-devel-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el4.i386",
"product": {
"name": "finch-devel-0:2.6.2-2.el4.i386",
"product_id": "finch-devel-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el4.i386",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el4.i386",
"product_id": "pidgin-perl-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el4.i386",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el4.i386",
"product_id": "libpurple-devel-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el4.i386",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el4.i386",
"product_id": "libpurple-tcl-0:2.6.2-2.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el5.i386",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el5.i386",
"product_id": "pidgin-devel-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el5.i386",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el5.i386",
"product_id": "libpurple-devel-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el5.i386",
"product": {
"name": "finch-devel-0:2.6.2-2.el5.i386",
"product_id": "finch-devel-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el5.i386",
"product": {
"name": "pidgin-0:2.6.2-2.el5.i386",
"product_id": "pidgin-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el5.i386",
"product": {
"name": "libpurple-0:2.6.2-2.el5.i386",
"product_id": "libpurple-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el5.i386",
"product": {
"name": "finch-0:2.6.2-2.el5.i386",
"product_id": "finch-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el5.i386",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el5.i386",
"product_id": "libpurple-tcl-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el5.i386",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el5.i386",
"product_id": "libpurple-perl-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el5.i386",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el5.i386",
"product_id": "pidgin-perl-0:2.6.2-2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "pidgin-0:2.6.2-2.el4.ppc",
"product": {
"name": "pidgin-0:2.6.2-2.el4.ppc",
"product_id": "pidgin-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"product": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"product_id": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-debuginfo@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libpurple-0:2.6.2-2.el4.ppc",
"product": {
"name": "libpurple-0:2.6.2-2.el4.ppc",
"product_id": "libpurple-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "finch-0:2.6.2-2.el4.ppc",
"product": {
"name": "finch-0:2.6.2-2.el4.ppc",
"product_id": "finch-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libpurple-perl-0:2.6.2-2.el4.ppc",
"product": {
"name": "libpurple-perl-0:2.6.2-2.el4.ppc",
"product_id": "libpurple-perl-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-perl@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pidgin-devel-0:2.6.2-2.el4.ppc",
"product": {
"name": "pidgin-devel-0:2.6.2-2.el4.ppc",
"product_id": "pidgin-devel-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-devel@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "finch-devel-0:2.6.2-2.el4.ppc",
"product": {
"name": "finch-devel-0:2.6.2-2.el4.ppc",
"product_id": "finch-devel-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/finch-devel@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "pidgin-perl-0:2.6.2-2.el4.ppc",
"product": {
"name": "pidgin-perl-0:2.6.2-2.el4.ppc",
"product_id": "pidgin-perl-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pidgin-perl@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libpurple-devel-0:2.6.2-2.el4.ppc",
"product": {
"name": "libpurple-devel-0:2.6.2-2.el4.ppc",
"product_id": "libpurple-devel-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-devel@2.6.2-2.el4?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"product": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"product_id": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libpurple-tcl@2.6.2-2.el4?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:finch-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-tcl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-tcl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-tcl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-0:2.6.2-2.el4.src"
},
"product_reference": "pidgin-0:2.6.2-2.el4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:pidgin-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:finch-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-0:2.6.2-2.el4.src"
},
"product_reference": "pidgin-0:2.6.2-2.el4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:finch-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-tcl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-tcl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-tcl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-0:2.6.2-2.el4.src"
},
"product_reference": "pidgin-0:2.6.2-2.el4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:pidgin-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:finch-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-tcl-0:2.6.2-2.el4.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-tcl-0:2.6.2-2.el4.ia64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-tcl-0:2.6.2-2.el4.ppc"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-0:2.6.2-2.el4.src"
},
"product_reference": "pidgin-0:2.6.2-2.el4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-devel-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-devel-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-devel-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-devel-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-perl-0:2.6.2-2.el4.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-perl-0:2.6.2-2.el4.ia64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-perl-0:2.6.2-2.el4.ppc"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:pidgin-perl-0:2.6.2-2.el4.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:finch-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:finch-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-0:2.6.2-2.el5.src"
},
"product_reference": "pidgin-0:2.6.2-2.el5.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:finch-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:finch-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:finch-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:finch-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-tcl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-0:2.6.2-2.el5.src"
},
"product_reference": "pidgin-0:2.6.2-2.el5.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:pidgin-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:finch-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:finch-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "finch-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "libpurple-tcl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-0:2.6.2-2.el5.src"
},
"product_reference": "pidgin-0:2.6.2-2.el5.src",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-devel-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.i386",
"relates_to_product_reference": "5Server-DPAS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-perl-0:2.6.2-2.el5.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
"product_id": "5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
},
"product_reference": "pidgin-perl-0:2.6.2-2.el5.x86_64",
"relates_to_product_reference": "5Server-DPAS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2703",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521823"
}
],
"notes": [
{
"category": "description",
"text": "libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: NULL pointer dereference by handling IRC topic(s) (DoS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2703"
},
{
"category": "external",
"summary": "RHBZ#521823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521823"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2703",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2703"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2703",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2703"
}
],
"release_date": "2009-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:34:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1453"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Pidgin: NULL pointer dereference by handling IRC topic(s) (DoS)"
},
{
"cve": "CVE-2009-3026",
"discovery_date": "2009-08-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "519224"
}
],
"notes": [
{
"category": "description",
"text": "protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the \"require TLS/SSL\" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pidgin: ignores SSL/TLS requirements with old jabber servers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3026"
},
{
"category": "external",
"summary": "RHBZ#519224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3026",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3026"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3026",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3026"
}
],
"release_date": "2009-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:34:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1453"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pidgin: ignores SSL/TLS requirements with old jabber servers"
},
{
"cve": "CVE-2009-3083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521832"
}
],
"notes": [
{
"category": "description",
"text": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: NULL pointer dereference by processing incomplete MSN SLP invite (DoS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3083"
},
{
"category": "external",
"summary": "RHBZ#521832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521832"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3083",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3083"
}
],
"release_date": "2009-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:34:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1453"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Pidgin: NULL pointer dereference by processing incomplete MSN SLP invite (DoS)"
},
{
"cve": "CVE-2009-3085",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "521853"
}
],
"notes": [
{
"category": "description",
"text": "The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Pidgin: NULL pointer dereference by processing a custom smiley (DoS)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3085"
},
{
"category": "external",
"summary": "RHBZ#521853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521853"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3085",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3085"
}
],
"release_date": "2009-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-09-21T15:34:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1453"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:M/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:finch-0:2.6.2-2.el4.i386",
"4AS:finch-0:2.6.2-2.el4.ia64",
"4AS:finch-0:2.6.2-2.el4.ppc",
"4AS:finch-0:2.6.2-2.el4.x86_64",
"4AS:finch-devel-0:2.6.2-2.el4.i386",
"4AS:finch-devel-0:2.6.2-2.el4.ia64",
"4AS:finch-devel-0:2.6.2-2.el4.ppc",
"4AS:finch-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-0:2.6.2-2.el4.i386",
"4AS:libpurple-0:2.6.2-2.el4.ia64",
"4AS:libpurple-0:2.6.2-2.el4.ppc",
"4AS:libpurple-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-devel-0:2.6.2-2.el4.i386",
"4AS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4AS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4AS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-perl-0:2.6.2-2.el4.i386",
"4AS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4AS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4AS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-0:2.6.2-2.el4.i386",
"4AS:pidgin-0:2.6.2-2.el4.ia64",
"4AS:pidgin-0:2.6.2-2.el4.ppc",
"4AS:pidgin-0:2.6.2-2.el4.src",
"4AS:pidgin-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4AS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-devel-0:2.6.2-2.el4.i386",
"4AS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4AS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4AS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4AS:pidgin-perl-0:2.6.2-2.el4.i386",
"4AS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4AS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4AS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-0:2.6.2-2.el4.i386",
"4Desktop:finch-0:2.6.2-2.el4.ia64",
"4Desktop:finch-0:2.6.2-2.el4.ppc",
"4Desktop:finch-0:2.6.2-2.el4.x86_64",
"4Desktop:finch-devel-0:2.6.2-2.el4.i386",
"4Desktop:finch-devel-0:2.6.2-2.el4.ia64",
"4Desktop:finch-devel-0:2.6.2-2.el4.ppc",
"4Desktop:finch-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.i386",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4Desktop:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-0:2.6.2-2.el4.src",
"4Desktop:pidgin-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.i386",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ia64",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.ppc",
"4Desktop:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4ES:finch-0:2.6.2-2.el4.i386",
"4ES:finch-0:2.6.2-2.el4.ia64",
"4ES:finch-0:2.6.2-2.el4.ppc",
"4ES:finch-0:2.6.2-2.el4.x86_64",
"4ES:finch-devel-0:2.6.2-2.el4.i386",
"4ES:finch-devel-0:2.6.2-2.el4.ia64",
"4ES:finch-devel-0:2.6.2-2.el4.ppc",
"4ES:finch-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-0:2.6.2-2.el4.i386",
"4ES:libpurple-0:2.6.2-2.el4.ia64",
"4ES:libpurple-0:2.6.2-2.el4.ppc",
"4ES:libpurple-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-devel-0:2.6.2-2.el4.i386",
"4ES:libpurple-devel-0:2.6.2-2.el4.ia64",
"4ES:libpurple-devel-0:2.6.2-2.el4.ppc",
"4ES:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-perl-0:2.6.2-2.el4.i386",
"4ES:libpurple-perl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-perl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.i386",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4ES:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4ES:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-0:2.6.2-2.el4.i386",
"4ES:pidgin-0:2.6.2-2.el4.ia64",
"4ES:pidgin-0:2.6.2-2.el4.ppc",
"4ES:pidgin-0:2.6.2-2.el4.src",
"4ES:pidgin-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4ES:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-devel-0:2.6.2-2.el4.i386",
"4ES:pidgin-devel-0:2.6.2-2.el4.ia64",
"4ES:pidgin-devel-0:2.6.2-2.el4.ppc",
"4ES:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4ES:pidgin-perl-0:2.6.2-2.el4.i386",
"4ES:pidgin-perl-0:2.6.2-2.el4.ia64",
"4ES:pidgin-perl-0:2.6.2-2.el4.ppc",
"4ES:pidgin-perl-0:2.6.2-2.el4.x86_64",
"4WS:finch-0:2.6.2-2.el4.i386",
"4WS:finch-0:2.6.2-2.el4.ia64",
"4WS:finch-0:2.6.2-2.el4.ppc",
"4WS:finch-0:2.6.2-2.el4.x86_64",
"4WS:finch-devel-0:2.6.2-2.el4.i386",
"4WS:finch-devel-0:2.6.2-2.el4.ia64",
"4WS:finch-devel-0:2.6.2-2.el4.ppc",
"4WS:finch-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-0:2.6.2-2.el4.i386",
"4WS:libpurple-0:2.6.2-2.el4.ia64",
"4WS:libpurple-0:2.6.2-2.el4.ppc",
"4WS:libpurple-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-devel-0:2.6.2-2.el4.i386",
"4WS:libpurple-devel-0:2.6.2-2.el4.ia64",
"4WS:libpurple-devel-0:2.6.2-2.el4.ppc",
"4WS:libpurple-devel-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-perl-0:2.6.2-2.el4.i386",
"4WS:libpurple-perl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-perl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-perl-0:2.6.2-2.el4.x86_64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.i386",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ia64",
"4WS:libpurple-tcl-0:2.6.2-2.el4.ppc",
"4WS:libpurple-tcl-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-0:2.6.2-2.el4.i386",
"4WS:pidgin-0:2.6.2-2.el4.ia64",
"4WS:pidgin-0:2.6.2-2.el4.ppc",
"4WS:pidgin-0:2.6.2-2.el4.src",
"4WS:pidgin-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.i386",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ia64",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.ppc",
"4WS:pidgin-debuginfo-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-devel-0:2.6.2-2.el4.i386",
"4WS:pidgin-devel-0:2.6.2-2.el4.ia64",
"4WS:pidgin-devel-0:2.6.2-2.el4.ppc",
"4WS:pidgin-devel-0:2.6.2-2.el4.x86_64",
"4WS:pidgin-perl-0:2.6.2-2.el4.i386",
"4WS:pidgin-perl-0:2.6.2-2.el4.ia64",
"4WS:pidgin-perl-0:2.6.2-2.el4.ppc",
"4WS:pidgin-perl-0:2.6.2-2.el4.x86_64",
"5Client-Workstation:finch-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client-Workstation:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.src",
"5Client-Workstation:pidgin-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client-Workstation:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Client:finch-0:2.6.2-2.el5.i386",
"5Client:finch-0:2.6.2-2.el5.x86_64",
"5Client:finch-devel-0:2.6.2-2.el5.i386",
"5Client:finch-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-0:2.6.2-2.el5.i386",
"5Client:libpurple-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-devel-0:2.6.2-2.el5.i386",
"5Client:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-perl-0:2.6.2-2.el5.i386",
"5Client:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Client:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Client:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-0:2.6.2-2.el5.i386",
"5Client:pidgin-0:2.6.2-2.el5.src",
"5Client:pidgin-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Client:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-devel-0:2.6.2-2.el5.i386",
"5Client:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Client:pidgin-perl-0:2.6.2-2.el5.i386",
"5Client:pidgin-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:finch-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-perl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.i386",
"5Server-DPAS:libpurple-tcl-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.src",
"5Server-DPAS:pidgin-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-debuginfo-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-devel-0:2.6.2-2.el5.x86_64",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.i386",
"5Server-DPAS:pidgin-perl-0:2.6.2-2.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Pidgin: NULL pointer dereference by processing a custom smiley (DoS)"
}
]
}
ghsa-xm3f-7w29-9q8h
Vulnerability from github
Published
2022-05-02 03:41
Modified
2022-05-02 03:41
VLAI Severity ?
Details
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.
{
"affected": [],
"aliases": [
"CVE-2009-3083"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-09-08T18:30:00Z",
"severity": "MODERATE"
},
"details": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"id": "GHSA-xm3f-7w29-9q8h",
"modified": "2022-05-02T03:41:40Z",
"published": "2022-05-02T03:41:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3083"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11852"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6322"
},
{
"type": "WEB",
"url": "http://developer.pidgin.im/ticket/10159"
},
{
"type": "WEB",
"url": "http://developer.pidgin.im/viewmtn/revision/diff/6d3fc30a0a0a379281efc5a6872a9c1d7c24c650/with/b4a95ea62b81a06ffc1993912471c511b786efdd/libpurple/protocols/msn/slp.c"
},
{
"type": "WEB",
"url": "http://developer.pidgin.im/viewmtn/revision/info/b4a95ea62b81a06ffc1993912471c511b786efdd"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36601"
},
{
"type": "WEB",
"url": "http://www.pidgin.im/news/security/index.php?id=39"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/36277"
}
],
"schema_version": "1.4.0",
"severity": []
}
opensuse-su-2024:10432-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
finch-2.11.0-4.1 on GA media
Notes
Title of the patch
finch-2.11.0-4.1 on GA media
Description of the patch
These are all security issues fixed in the finch-2.11.0-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10432
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "finch-2.11.0-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the finch-2.11.0-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10432",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10432-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2694 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3026 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3083 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3084 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3085 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3615 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0013 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0277 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0420 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0423 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1624 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2528 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3711 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1091 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3594 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-2214 page",
"url": "https://www.suse.com/security/cve/CVE-2012-2214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3374 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-6152 page",
"url": "https://www.suse.com/security/cve/CVE-2012-6152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0271 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0272 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0273 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0274 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6477 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6478 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6479 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6481 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6482 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6483 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6484 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6485 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6486 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6487 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0020 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3694 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3695 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3696 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3697 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3698 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3698/"
}
],
"title": "finch-2.11.0-4.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10432-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.aarch64",
"product": {
"name": "finch-2.11.0-4.1.aarch64",
"product_id": "finch-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.aarch64",
"product": {
"name": "finch-devel-2.11.0-4.1.aarch64",
"product_id": "finch-devel-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-2.11.0-4.1.aarch64",
"product_id": "libpurple-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-devel-2.11.0-4.1.aarch64",
"product_id": "libpurple-devel-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-lang-2.11.0-4.1.aarch64",
"product_id": "libpurple-lang-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.aarch64",
"product_id": "libpurple-tcl-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.aarch64",
"product": {
"name": "pidgin-2.11.0-4.1.aarch64",
"product_id": "pidgin-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.aarch64",
"product": {
"name": "pidgin-devel-2.11.0-4.1.aarch64",
"product_id": "pidgin-devel-2.11.0-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.ppc64le",
"product": {
"name": "finch-2.11.0-4.1.ppc64le",
"product_id": "finch-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "finch-devel-2.11.0-4.1.ppc64le",
"product_id": "finch-devel-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-2.11.0-4.1.ppc64le",
"product_id": "libpurple-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-devel-2.11.0-4.1.ppc64le",
"product_id": "libpurple-devel-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-lang-2.11.0-4.1.ppc64le",
"product_id": "libpurple-lang-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.ppc64le",
"product_id": "libpurple-tcl-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.ppc64le",
"product": {
"name": "pidgin-2.11.0-4.1.ppc64le",
"product_id": "pidgin-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "pidgin-devel-2.11.0-4.1.ppc64le",
"product_id": "pidgin-devel-2.11.0-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.s390x",
"product": {
"name": "finch-2.11.0-4.1.s390x",
"product_id": "finch-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.s390x",
"product": {
"name": "finch-devel-2.11.0-4.1.s390x",
"product_id": "finch-devel-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-2.11.0-4.1.s390x",
"product_id": "libpurple-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-devel-2.11.0-4.1.s390x",
"product_id": "libpurple-devel-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-lang-2.11.0-4.1.s390x",
"product_id": "libpurple-lang-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.s390x",
"product_id": "libpurple-tcl-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.s390x",
"product": {
"name": "pidgin-2.11.0-4.1.s390x",
"product_id": "pidgin-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.s390x",
"product": {
"name": "pidgin-devel-2.11.0-4.1.s390x",
"product_id": "pidgin-devel-2.11.0-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.x86_64",
"product": {
"name": "finch-2.11.0-4.1.x86_64",
"product_id": "finch-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.x86_64",
"product": {
"name": "finch-devel-2.11.0-4.1.x86_64",
"product_id": "finch-devel-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-2.11.0-4.1.x86_64",
"product_id": "libpurple-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-devel-2.11.0-4.1.x86_64",
"product_id": "libpurple-devel-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-lang-2.11.0-4.1.x86_64",
"product_id": "libpurple-lang-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.x86_64",
"product_id": "libpurple-tcl-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.x86_64",
"product": {
"name": "pidgin-2.11.0-4.1.x86_64",
"product_id": "pidgin-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.x86_64",
"product": {
"name": "pidgin-devel-2.11.0-4.1.x86_64",
"product_id": "pidgin-devel-2.11.0-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64"
},
"product_reference": "finch-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le"
},
"product_reference": "finch-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.s390x"
},
"product_reference": "finch-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64"
},
"product_reference": "finch-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64"
},
"product_reference": "finch-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "finch-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x"
},
"product_reference": "finch-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64"
},
"product_reference": "finch-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-lang-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-lang-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-lang-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-lang-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64"
},
"product_reference": "pidgin-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le"
},
"product_reference": "pidgin-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x"
},
"product_reference": "pidgin-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64"
},
"product_reference": "pidgin-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64"
},
"product_reference": "pidgin-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "pidgin-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x"
},
"product_reference": "pidgin-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
},
"product_reference": "pidgin-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2694"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2694",
"url": "https://www.suse.com/security/cve/CVE-2009-2694"
},
{
"category": "external",
"summary": "SUSE Bug 527100 for CVE-2009-2694",
"url": "https://bugzilla.suse.com/527100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-2694"
},
{
"cve": "CVE-2009-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2703"
}
],
"notes": [
{
"category": "general",
"text": "libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2703",
"url": "https://www.suse.com/security/cve/CVE-2009-2703"
},
{
"category": "external",
"summary": "SUSE Bug 537214 for CVE-2009-2703",
"url": "https://bugzilla.suse.com/537214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-2703"
},
{
"cve": "CVE-2009-3026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3026"
}
],
"notes": [
{
"category": "general",
"text": "protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the \"require TLS/SSL\" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3026",
"url": "https://www.suse.com/security/cve/CVE-2009-3026"
},
{
"category": "external",
"summary": "SUSE Bug 535570 for CVE-2009-3026",
"url": "https://bugzilla.suse.com/535570"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3026",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3026"
},
{
"cve": "CVE-2009-3083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3083"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3083",
"url": "https://www.suse.com/security/cve/CVE-2009-3083"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3083",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3083",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3083"
},
{
"cve": "CVE-2009-3084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3084"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect \"UTF16-LE\" charset name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3084",
"url": "https://www.suse.com/security/cve/CVE-2009-3084"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3084",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3084",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3084"
},
{
"cve": "CVE-2009-3085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3085"
}
],
"notes": [
{
"category": "general",
"text": "The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3085",
"url": "https://www.suse.com/security/cve/CVE-2009-3085"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3085",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3085",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3085"
},
{
"cve": "CVE-2009-3615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3615"
}
],
"notes": [
{
"category": "general",
"text": "The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3615",
"url": "https://www.suse.com/security/cve/CVE-2009-3615"
},
{
"category": "external",
"summary": "SUSE Bug 548072 for CVE-2009-3615",
"url": "https://bugzilla.suse.com/548072"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3615",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3615"
},
{
"cve": "CVE-2010-0013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0013"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0013",
"url": "https://www.suse.com/security/cve/CVE-2010-0013"
},
{
"category": "external",
"summary": "SUSE Bug 567799 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/567799"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-0013"
},
{
"cve": "CVE-2010-0277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0277"
}
],
"notes": [
{
"category": "general",
"text": "slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0277",
"url": "https://www.suse.com/security/cve/CVE-2010-0277"
},
{
"category": "external",
"summary": "SUSE Bug 567799 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/567799"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0277"
},
{
"cve": "CVE-2010-0420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0420"
}
],
"notes": [
{
"category": "general",
"text": "libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing \u003cbr\u003e sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0420",
"url": "https://www.suse.com/security/cve/CVE-2010-0420"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0420",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0420",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0420"
},
{
"cve": "CVE-2010-0423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0423"
}
],
"notes": [
{
"category": "general",
"text": "gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0423",
"url": "https://www.suse.com/security/cve/CVE-2010-0423"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0423",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0423",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0423"
},
{
"cve": "CVE-2010-1624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1624"
}
],
"notes": [
{
"category": "general",
"text": "The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1624",
"url": "https://www.suse.com/security/cve/CVE-2010-1624"
},
{
"category": "external",
"summary": "SUSE Bug 604225 for CVE-2010-1624",
"url": "https://bugzilla.suse.com/604225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1624"
},
{
"cve": "CVE-2010-2528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2528"
}
],
"notes": [
{
"category": "general",
"text": "The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2528",
"url": "https://www.suse.com/security/cve/CVE-2010-2528"
},
{
"category": "external",
"summary": "SUSE Bug 630965 for CVE-2010-2528",
"url": "https://bugzilla.suse.com/630965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2528"
},
{
"cve": "CVE-2010-3711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3711"
}
],
"notes": [
{
"category": "general",
"text": "libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3711",
"url": "https://www.suse.com/security/cve/CVE-2010-3711"
},
{
"category": "external",
"summary": "SUSE Bug 648273 for CVE-2010-3711",
"url": "https://bugzilla.suse.com/648273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2010-3711"
},
{
"cve": "CVE-2011-1091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1091"
}
],
"notes": [
{
"category": "general",
"text": "libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1091",
"url": "https://www.suse.com/security/cve/CVE-2011-1091"
},
{
"category": "external",
"summary": "SUSE Bug 736189 for CVE-2011-1091",
"url": "https://bugzilla.suse.com/736189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2011-1091"
},
{
"cve": "CVE-2011-3594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3594"
}
],
"notes": [
{
"category": "general",
"text": "The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3594",
"url": "https://www.suse.com/security/cve/CVE-2011-3594"
},
{
"category": "external",
"summary": "SUSE Bug 722199 for CVE-2011-3594",
"url": "https://bugzilla.suse.com/722199"
},
{
"category": "external",
"summary": "SUSE Bug 736161 for CVE-2011-3594",
"url": "https://bugzilla.suse.com/736161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3594"
},
{
"cve": "CVE-2012-2214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-2214"
}
],
"notes": [
{
"category": "general",
"text": "proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-2214",
"url": "https://www.suse.com/security/cve/CVE-2012-2214"
},
{
"category": "external",
"summary": "SUSE Bug 760890 for CVE-2012-2214",
"url": "https://bugzilla.suse.com/760890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-2214"
},
{
"cve": "CVE-2012-3374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3374"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3374",
"url": "https://www.suse.com/security/cve/CVE-2012-3374"
},
{
"category": "external",
"summary": "SUSE Bug 770304 for CVE-2012-3374",
"url": "https://bugzilla.suse.com/770304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-3374"
},
{
"cve": "CVE-2012-6152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-6152"
}
],
"notes": [
{
"category": "general",
"text": "The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-6152",
"url": "https://www.suse.com/security/cve/CVE-2012-6152"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2012-6152",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-6152"
},
{
"cve": "CVE-2013-0271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0271"
}
],
"notes": [
{
"category": "general",
"text": "The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0271",
"url": "https://www.suse.com/security/cve/CVE-2013-0271"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0271",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0271"
},
{
"cve": "CVE-2013-0272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0272"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0272",
"url": "https://www.suse.com/security/cve/CVE-2013-0272"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0272",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0272"
},
{
"cve": "CVE-2013-0273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0273"
}
],
"notes": [
{
"category": "general",
"text": "sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0273",
"url": "https://www.suse.com/security/cve/CVE-2013-0273"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0273",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0273"
},
{
"cve": "CVE-2013-0274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0274"
}
],
"notes": [
{
"category": "general",
"text": "upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0274",
"url": "https://www.suse.com/security/cve/CVE-2013-0274"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0274",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0274"
},
{
"cve": "CVE-2013-6477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6477",
"url": "https://www.suse.com/security/cve/CVE-2013-6477"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6477",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6477"
},
{
"cve": "CVE-2013-6478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6478"
}
],
"notes": [
{
"category": "general",
"text": "gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6478",
"url": "https://www.suse.com/security/cve/CVE-2013-6478"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6478",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6478"
},
{
"cve": "CVE-2013-6479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6479"
}
],
"notes": [
{
"category": "general",
"text": "util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6479",
"url": "https://www.suse.com/security/cve/CVE-2013-6479"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6479",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6479"
},
{
"cve": "CVE-2013-6481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6481"
}
],
"notes": [
{
"category": "general",
"text": "libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6481",
"url": "https://www.suse.com/security/cve/CVE-2013-6481"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6481",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6481"
},
{
"cve": "CVE-2013-6482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6482"
}
],
"notes": [
{
"category": "general",
"text": "Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6482",
"url": "https://www.suse.com/security/cve/CVE-2013-6482"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6482",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6482"
},
{
"cve": "CVE-2013-6483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6483"
}
],
"notes": [
{
"category": "general",
"text": "The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6483",
"url": "https://www.suse.com/security/cve/CVE-2013-6483"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6483",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6483"
},
{
"cve": "CVE-2013-6484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6484"
}
],
"notes": [
{
"category": "general",
"text": "The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service (out-of-bounds write operation and application crash) by triggering a socket read error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6484",
"url": "https://www.suse.com/security/cve/CVE-2013-6484"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6484",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6484"
},
{
"cve": "CVE-2013-6485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6485"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6485",
"url": "https://www.suse.com/security/cve/CVE-2013-6485"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6485",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6485"
},
{
"cve": "CVE-2013-6486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6486"
}
],
"notes": [
{
"category": "general",
"text": "gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6486",
"url": "https://www.suse.com/security/cve/CVE-2013-6486"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6486",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-6486"
},
{
"cve": "CVE-2013-6487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6487"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6487",
"url": "https://www.suse.com/security/cve/CVE-2013-6487"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6487",
"url": "https://bugzilla.suse.com/861019"
},
{
"category": "external",
"summary": "SUSE Bug 878540 for CVE-2013-6487",
"url": "https://bugzilla.suse.com/878540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-6487"
},
{
"cve": "CVE-2014-0020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0020"
}
],
"notes": [
{
"category": "general",
"text": "The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0020",
"url": "https://www.suse.com/security/cve/CVE-2014-0020"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2014-0020",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0020"
},
{
"cve": "CVE-2014-3694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3694"
}
],
"notes": [
{
"category": "general",
"text": "The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3694",
"url": "https://www.suse.com/security/cve/CVE-2014-3694"
},
{
"category": "external",
"summary": "SUSE Bug 902495 for CVE-2014-3694",
"url": "https://bugzilla.suse.com/902495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3694"
},
{
"cve": "CVE-2014-3695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3695"
}
],
"notes": [
{
"category": "general",
"text": "markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3695",
"url": "https://www.suse.com/security/cve/CVE-2014-3695"
},
{
"category": "external",
"summary": "SUSE Bug 902409 for CVE-2014-3695",
"url": "https://bugzilla.suse.com/902409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3695"
},
{
"cve": "CVE-2014-3696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3696"
}
],
"notes": [
{
"category": "general",
"text": "nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3696",
"url": "https://www.suse.com/security/cve/CVE-2014-3696"
},
{
"category": "external",
"summary": "SUSE Bug 902410 for CVE-2014-3696",
"url": "https://bugzilla.suse.com/902410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3696"
},
{
"cve": "CVE-2014-3697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3697"
}
],
"notes": [
{
"category": "general",
"text": "Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3697",
"url": "https://www.suse.com/security/cve/CVE-2014-3697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3697"
},
{
"cve": "CVE-2014-3698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3698"
}
],
"notes": [
{
"category": "general",
"text": "The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3698",
"url": "https://www.suse.com/security/cve/CVE-2014-3698"
},
{
"category": "external",
"summary": "SUSE Bug 902408 for CVE-2014-3698",
"url": "https://bugzilla.suse.com/902408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3698"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…