opensuse-su-2024:10432-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
finch-2.11.0-4.1 on GA media
Notes
Title of the patch
finch-2.11.0-4.1 on GA media
Description of the patch
These are all security issues fixed in the finch-2.11.0-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10432
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "finch-2.11.0-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the finch-2.11.0-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10432",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10432-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2694 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2703 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3026 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3083 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3084 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3085 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3615 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0013 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0277 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0420 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0423 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0423/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-1624 page",
"url": "https://www.suse.com/security/cve/CVE-2010-1624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2528 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2528/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-3711 page",
"url": "https://www.suse.com/security/cve/CVE-2010-3711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-1091 page",
"url": "https://www.suse.com/security/cve/CVE-2011-1091/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3594 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-2214 page",
"url": "https://www.suse.com/security/cve/CVE-2012-2214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-3374 page",
"url": "https://www.suse.com/security/cve/CVE-2012-3374/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-6152 page",
"url": "https://www.suse.com/security/cve/CVE-2012-6152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0271 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0272 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0273 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-0274 page",
"url": "https://www.suse.com/security/cve/CVE-2013-0274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6477 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6478 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6479 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6481 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6482 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6483 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6484 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6485 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6485/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6486 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6486/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6487 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0020 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3694 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3695 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3696 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3697 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-3698 page",
"url": "https://www.suse.com/security/cve/CVE-2014-3698/"
}
],
"title": "finch-2.11.0-4.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10432-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.aarch64",
"product": {
"name": "finch-2.11.0-4.1.aarch64",
"product_id": "finch-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.aarch64",
"product": {
"name": "finch-devel-2.11.0-4.1.aarch64",
"product_id": "finch-devel-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-2.11.0-4.1.aarch64",
"product_id": "libpurple-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-devel-2.11.0-4.1.aarch64",
"product_id": "libpurple-devel-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-lang-2.11.0-4.1.aarch64",
"product_id": "libpurple-lang-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.aarch64",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.aarch64",
"product_id": "libpurple-tcl-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.aarch64",
"product": {
"name": "pidgin-2.11.0-4.1.aarch64",
"product_id": "pidgin-2.11.0-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.aarch64",
"product": {
"name": "pidgin-devel-2.11.0-4.1.aarch64",
"product_id": "pidgin-devel-2.11.0-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.ppc64le",
"product": {
"name": "finch-2.11.0-4.1.ppc64le",
"product_id": "finch-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "finch-devel-2.11.0-4.1.ppc64le",
"product_id": "finch-devel-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-2.11.0-4.1.ppc64le",
"product_id": "libpurple-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-devel-2.11.0-4.1.ppc64le",
"product_id": "libpurple-devel-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-lang-2.11.0-4.1.ppc64le",
"product_id": "libpurple-lang-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.ppc64le",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.ppc64le",
"product_id": "libpurple-tcl-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.ppc64le",
"product": {
"name": "pidgin-2.11.0-4.1.ppc64le",
"product_id": "pidgin-2.11.0-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.ppc64le",
"product": {
"name": "pidgin-devel-2.11.0-4.1.ppc64le",
"product_id": "pidgin-devel-2.11.0-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.s390x",
"product": {
"name": "finch-2.11.0-4.1.s390x",
"product_id": "finch-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.s390x",
"product": {
"name": "finch-devel-2.11.0-4.1.s390x",
"product_id": "finch-devel-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-2.11.0-4.1.s390x",
"product_id": "libpurple-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-devel-2.11.0-4.1.s390x",
"product_id": "libpurple-devel-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-lang-2.11.0-4.1.s390x",
"product_id": "libpurple-lang-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.s390x",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.s390x",
"product_id": "libpurple-tcl-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.s390x",
"product": {
"name": "pidgin-2.11.0-4.1.s390x",
"product_id": "pidgin-2.11.0-4.1.s390x"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.s390x",
"product": {
"name": "pidgin-devel-2.11.0-4.1.s390x",
"product_id": "pidgin-devel-2.11.0-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "finch-2.11.0-4.1.x86_64",
"product": {
"name": "finch-2.11.0-4.1.x86_64",
"product_id": "finch-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "finch-devel-2.11.0-4.1.x86_64",
"product": {
"name": "finch-devel-2.11.0-4.1.x86_64",
"product_id": "finch-devel-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-2.11.0-4.1.x86_64",
"product_id": "libpurple-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"product_id": "libpurple-branding-upstream-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-devel-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-devel-2.11.0-4.1.x86_64",
"product_id": "libpurple-devel-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-lang-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-lang-2.11.0-4.1.x86_64",
"product_id": "libpurple-lang-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"product_id": "libpurple-plugin-sametime-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpurple-tcl-2.11.0-4.1.x86_64",
"product": {
"name": "libpurple-tcl-2.11.0-4.1.x86_64",
"product_id": "libpurple-tcl-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "pidgin-2.11.0-4.1.x86_64",
"product": {
"name": "pidgin-2.11.0-4.1.x86_64",
"product_id": "pidgin-2.11.0-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "pidgin-devel-2.11.0-4.1.x86_64",
"product": {
"name": "pidgin-devel-2.11.0-4.1.x86_64",
"product_id": "pidgin-devel-2.11.0-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64"
},
"product_reference": "finch-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le"
},
"product_reference": "finch-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.s390x"
},
"product_reference": "finch-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64"
},
"product_reference": "finch-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64"
},
"product_reference": "finch-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "finch-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x"
},
"product_reference": "finch-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "finch-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64"
},
"product_reference": "finch-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-branding-upstream-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-branding-upstream-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-lang-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-lang-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-lang-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-lang-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-lang-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-plugin-sametime-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpurple-tcl-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64"
},
"product_reference": "libpurple-tcl-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64"
},
"product_reference": "pidgin-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le"
},
"product_reference": "pidgin-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x"
},
"product_reference": "pidgin-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64"
},
"product_reference": "pidgin-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64"
},
"product_reference": "pidgin-devel-2.11.0-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le"
},
"product_reference": "pidgin-devel-2.11.0-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x"
},
"product_reference": "pidgin-devel-2.11.0-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pidgin-devel-2.11.0-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
},
"product_reference": "pidgin-devel-2.11.0-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2694"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2694",
"url": "https://www.suse.com/security/cve/CVE-2009-2694"
},
{
"category": "external",
"summary": "SUSE Bug 527100 for CVE-2009-2694",
"url": "https://bugzilla.suse.com/527100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2009-2694"
},
{
"cve": "CVE-2009-2703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2703"
}
],
"notes": [
{
"category": "general",
"text": "libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2703",
"url": "https://www.suse.com/security/cve/CVE-2009-2703"
},
{
"category": "external",
"summary": "SUSE Bug 537214 for CVE-2009-2703",
"url": "https://bugzilla.suse.com/537214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-2703"
},
{
"cve": "CVE-2009-3026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3026"
}
],
"notes": [
{
"category": "general",
"text": "protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the \"require TLS/SSL\" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3026",
"url": "https://www.suse.com/security/cve/CVE-2009-3026"
},
{
"category": "external",
"summary": "SUSE Bug 535570 for CVE-2009-3026",
"url": "https://bugzilla.suse.com/535570"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3026",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3026"
},
{
"cve": "CVE-2009-3083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3083"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3083",
"url": "https://www.suse.com/security/cve/CVE-2009-3083"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3083",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3083",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3083"
},
{
"cve": "CVE-2009-3084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3084"
}
],
"notes": [
{
"category": "general",
"text": "The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect \"UTF16-LE\" charset name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3084",
"url": "https://www.suse.com/security/cve/CVE-2009-3084"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3084",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3084",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3084"
},
{
"cve": "CVE-2009-3085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3085"
}
],
"notes": [
{
"category": "general",
"text": "The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3085",
"url": "https://www.suse.com/security/cve/CVE-2009-3085"
},
{
"category": "external",
"summary": "SUSE Bug 536602 for CVE-2009-3085",
"url": "https://bugzilla.suse.com/536602"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3085",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3085"
},
{
"cve": "CVE-2009-3615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3615"
}
],
"notes": [
{
"category": "general",
"text": "The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3615",
"url": "https://www.suse.com/security/cve/CVE-2009-3615"
},
{
"category": "external",
"summary": "SUSE Bug 548072 for CVE-2009-3615",
"url": "https://bugzilla.suse.com/548072"
},
{
"category": "external",
"summary": "SUSE Bug 550170 for CVE-2009-3615",
"url": "https://bugzilla.suse.com/550170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3615"
},
{
"cve": "CVE-2010-0013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0013"
}
],
"notes": [
{
"category": "general",
"text": "Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0013",
"url": "https://www.suse.com/security/cve/CVE-2010-0013"
},
{
"category": "external",
"summary": "SUSE Bug 567799 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/567799"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0013",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-0013"
},
{
"cve": "CVE-2010-0277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0277"
}
],
"notes": [
{
"category": "general",
"text": "slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0277",
"url": "https://www.suse.com/security/cve/CVE-2010-0277"
},
{
"category": "external",
"summary": "SUSE Bug 567799 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/567799"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0277",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0277"
},
{
"cve": "CVE-2010-0420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0420"
}
],
"notes": [
{
"category": "general",
"text": "libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing \u003cbr\u003e sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0420",
"url": "https://www.suse.com/security/cve/CVE-2010-0420"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0420",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0420",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0420"
},
{
"cve": "CVE-2010-0423",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0423"
}
],
"notes": [
{
"category": "general",
"text": "gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0423",
"url": "https://www.suse.com/security/cve/CVE-2010-0423"
},
{
"category": "external",
"summary": "SUSE Bug 569616 for CVE-2010-0423",
"url": "https://bugzilla.suse.com/569616"
},
{
"category": "external",
"summary": "SUSE Bug 581201 for CVE-2010-0423",
"url": "https://bugzilla.suse.com/581201"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-0423"
},
{
"cve": "CVE-2010-1624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-1624"
}
],
"notes": [
{
"category": "general",
"text": "The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-1624",
"url": "https://www.suse.com/security/cve/CVE-2010-1624"
},
{
"category": "external",
"summary": "SUSE Bug 604225 for CVE-2010-1624",
"url": "https://bugzilla.suse.com/604225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-1624"
},
{
"cve": "CVE-2010-2528",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2528"
}
],
"notes": [
{
"category": "general",
"text": "The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2528",
"url": "https://www.suse.com/security/cve/CVE-2010-2528"
},
{
"category": "external",
"summary": "SUSE Bug 630965 for CVE-2010-2528",
"url": "https://bugzilla.suse.com/630965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2010-2528"
},
{
"cve": "CVE-2010-3711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-3711"
}
],
"notes": [
{
"category": "general",
"text": "libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins for MSN, MySpaceIM, XMPP, and Yahoo! and the NTLM authentication support.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-3711",
"url": "https://www.suse.com/security/cve/CVE-2010-3711"
},
{
"category": "external",
"summary": "SUSE Bug 648273 for CVE-2010-3711",
"url": "https://bugzilla.suse.com/648273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2010-3711"
},
{
"cve": "CVE-2011-1091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-1091"
}
],
"notes": [
{
"category": "general",
"text": "libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-1091",
"url": "https://www.suse.com/security/cve/CVE-2011-1091"
},
{
"category": "external",
"summary": "SUSE Bug 736189 for CVE-2011-1091",
"url": "https://bugzilla.suse.com/736189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2011-1091"
},
{
"cve": "CVE-2011-3594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3594"
}
],
"notes": [
{
"category": "general",
"text": "The g_markup_escape_text function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service (crash) via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, related to interactions with certain versions of glib2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3594",
"url": "https://www.suse.com/security/cve/CVE-2011-3594"
},
{
"category": "external",
"summary": "SUSE Bug 722199 for CVE-2011-3594",
"url": "https://bugzilla.suse.com/722199"
},
{
"category": "external",
"summary": "SUSE Bug 736161 for CVE-2011-3594",
"url": "https://bugzilla.suse.com/736161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2011-3594"
},
{
"cve": "CVE-2012-2214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-2214"
}
],
"notes": [
{
"category": "general",
"text": "proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-2214",
"url": "https://www.suse.com/security/cve/CVE-2012-2214"
},
{
"category": "external",
"summary": "SUSE Bug 760890 for CVE-2012-2214",
"url": "https://bugzilla.suse.com/760890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-2214"
},
{
"cve": "CVE-2012-3374",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-3374"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-3374",
"url": "https://www.suse.com/security/cve/CVE-2012-3374"
},
{
"category": "external",
"summary": "SUSE Bug 770304 for CVE-2012-3374",
"url": "https://bugzilla.suse.com/770304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-3374"
},
{
"cve": "CVE-2012-6152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-6152"
}
],
"notes": [
{
"category": "general",
"text": "The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-6152",
"url": "https://www.suse.com/security/cve/CVE-2012-6152"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2012-6152",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2012-6152"
},
{
"cve": "CVE-2013-0271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0271"
}
],
"notes": [
{
"category": "general",
"text": "The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0271",
"url": "https://www.suse.com/security/cve/CVE-2013-0271"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0271",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0271"
},
{
"cve": "CVE-2013-0272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0272"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0272",
"url": "https://www.suse.com/security/cve/CVE-2013-0272"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0272",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0272"
},
{
"cve": "CVE-2013-0273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0273"
}
],
"notes": [
{
"category": "general",
"text": "sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0273",
"url": "https://www.suse.com/security/cve/CVE-2013-0273"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0273",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0273"
},
{
"cve": "CVE-2013-0274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-0274"
}
],
"notes": [
{
"category": "general",
"text": "upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-0274",
"url": "https://www.suse.com/security/cve/CVE-2013-0274"
},
{
"category": "external",
"summary": "SUSE Bug 804742 for CVE-2013-0274",
"url": "https://bugzilla.suse.com/804742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-0274"
},
{
"cve": "CVE-2013-6477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6477"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6477",
"url": "https://www.suse.com/security/cve/CVE-2013-6477"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6477",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6477"
},
{
"cve": "CVE-2013-6478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6478"
}
],
"notes": [
{
"category": "general",
"text": "gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6478",
"url": "https://www.suse.com/security/cve/CVE-2013-6478"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6478",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6478"
},
{
"cve": "CVE-2013-6479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6479"
}
],
"notes": [
{
"category": "general",
"text": "util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6479",
"url": "https://www.suse.com/security/cve/CVE-2013-6479"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6479",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6479"
},
{
"cve": "CVE-2013-6481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6481"
}
],
"notes": [
{
"category": "general",
"text": "libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6481",
"url": "https://www.suse.com/security/cve/CVE-2013-6481"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6481",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6481"
},
{
"cve": "CVE-2013-6482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6482"
}
],
"notes": [
{
"category": "general",
"text": "Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6482",
"url": "https://www.suse.com/security/cve/CVE-2013-6482"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6482",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6482"
},
{
"cve": "CVE-2013-6483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6483"
}
],
"notes": [
{
"category": "general",
"text": "The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6483",
"url": "https://www.suse.com/security/cve/CVE-2013-6483"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6483",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6483"
},
{
"cve": "CVE-2013-6484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6484"
}
],
"notes": [
{
"category": "general",
"text": "The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service (out-of-bounds write operation and application crash) by triggering a socket read error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6484",
"url": "https://www.suse.com/security/cve/CVE-2013-6484"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6484",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6484"
},
{
"cve": "CVE-2013-6485",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6485"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6485",
"url": "https://www.suse.com/security/cve/CVE-2013-6485"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6485",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-6485"
},
{
"cve": "CVE-2013-6486",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6486"
}
],
"notes": [
{
"category": "general",
"text": "gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6486",
"url": "https://www.suse.com/security/cve/CVE-2013-6486"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6486",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2013-6486"
},
{
"cve": "CVE-2013-6487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6487"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6487",
"url": "https://www.suse.com/security/cve/CVE-2013-6487"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2013-6487",
"url": "https://bugzilla.suse.com/861019"
},
{
"category": "external",
"summary": "SUSE Bug 878540 for CVE-2013-6487",
"url": "https://bugzilla.suse.com/878540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-6487"
},
{
"cve": "CVE-2014-0020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0020"
}
],
"notes": [
{
"category": "general",
"text": "The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0020",
"url": "https://www.suse.com/security/cve/CVE-2014-0020"
},
{
"category": "external",
"summary": "SUSE Bug 861019 for CVE-2014-0020",
"url": "https://bugzilla.suse.com/861019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-0020"
},
{
"cve": "CVE-2014-3694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3694"
}
],
"notes": [
{
"category": "general",
"text": "The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3694",
"url": "https://www.suse.com/security/cve/CVE-2014-3694"
},
{
"category": "external",
"summary": "SUSE Bug 902495 for CVE-2014-3694",
"url": "https://bugzilla.suse.com/902495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3694"
},
{
"cve": "CVE-2014-3695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3695"
}
],
"notes": [
{
"category": "general",
"text": "markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3695",
"url": "https://www.suse.com/security/cve/CVE-2014-3695"
},
{
"category": "external",
"summary": "SUSE Bug 902409 for CVE-2014-3695",
"url": "https://bugzilla.suse.com/902409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3695"
},
{
"cve": "CVE-2014-3696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3696"
}
],
"notes": [
{
"category": "general",
"text": "nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3696",
"url": "https://www.suse.com/security/cve/CVE-2014-3696"
},
{
"category": "external",
"summary": "SUSE Bug 902410 for CVE-2014-3696",
"url": "https://bugzilla.suse.com/902410"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3696"
},
{
"cve": "CVE-2014-3697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3697"
}
],
"notes": [
{
"category": "general",
"text": "Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar archive of a smiley theme.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3697",
"url": "https://www.suse.com/security/cve/CVE-2014-3697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3697"
},
{
"cve": "CVE-2014-3698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-3698"
}
],
"notes": [
{
"category": "general",
"text": "The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-3698",
"url": "https://www.suse.com/security/cve/CVE-2014-3698"
},
{
"category": "external",
"summary": "SUSE Bug 902408 for CVE-2014-3698",
"url": "https://bugzilla.suse.com/902408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:finch-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:finch-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-branding-upstream-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-devel-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-lang-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-plugin-sametime-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:libpurple-tcl-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-2.11.0-4.1.x86_64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.aarch64",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.ppc64le",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.s390x",
"openSUSE Tumbleweed:pidgin-devel-2.11.0-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-3698"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…