Tri nepravilnosti u paketu Pidgin

Uočena su tri sigurnosna propusta u radu programskog paketa Pidgin. Udaljenim napadačima omogućuju rušenje aplikacije (DoS napad).

Paket:	pidgin 2.x
Operacijski sustavi:	CentOS
Kritičnost:	6.5
Problem:	neodgovarajuća provjera ulaznih podataka, pogreška u programskoj komponenti, preljev međuspremnika
Iskorištavanje:	udaljeno
Posljedica:	uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-1178, CVE-2012-2318, CVE-2012-3374
Izvorni ID preporuke:	2012:1102
Izvor:	CentOS

Problem:
Propusti su posljedica pogrešaka u dodatku za MSN protokol te prepisivanja spremnika u dodatku za MXit protokol.
Posljedica:
Napadači ih mogu iskoristiti za izvođenje DoS (eng. Denial of Service) napada.
Rješenje:
Svim se korisnicima savjetuje primjena nadogradnje.

Izvorni tekst preporuke

CentOS Errata and Security Advisory 2012:1102 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1102.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
5b595bb9e6d5741172cd47e6de5faa275c73f58d4a71bd68127db404b45c6493 
finch-2.7.9-5.el6.2.i686.rpm
63add8af6a7486c183f6f5f68519f9358d1556586d1a70bd16afe9763aa2eecd 
finch-devel-2.7.9-5.el6.2.i686.rpm
d9e83db5383761bf5423868947f04424db571114fbd7744c560d60634366bd7c 
libpurple-2.7.9-5.el6.2.i686.rpm
dfee92664d3199ef81601d3bf59dd782216aca263239f2459075995dc6884754 
libpurple-devel-2.7.9-5.el6.2.i686.rpm
7114e4184734ff0185a93ab2c9f29f66310f7faa5fcce50cfa4a94239ab88990 
libpurple-perl-2.7.9-5.el6.2.i686.rpm
6c374b192583700402504e8e095410b06a583feebc523a74b74775347cb67b20 
libpurple-tcl-2.7.9-5.el6.2.i686.rpm
70dd63f69165e570903e38f02cf58233f8da1237c00ce75191c33d7d62462762 
pidgin-2.7.9-5.el6.2.i686.rpm
09ddbe127c9ee03c734b0bc91edb574c485ad08f910a77f98684f02a38b8db58 
pidgin-devel-2.7.9-5.el6.2.i686.rpm
239b19a9b24f4105a35b6de2c9e01f379a097d6e36737cd5d20e16c871744a07 
pidgin-docs-2.7.9-5.el6.2.i686.rpm
5f470c7816db5fe5dfc75fd4fb7be958d18a4a612ec5a369b1ace88b16b0b311 
pidgin-perl-2.7.9-5.el6.2.i686.rpm

x86_64:
5b595bb9e6d5741172cd47e6de5faa275c73f58d4a71bd68127db404b45c6493 
finch-2.7.9-5.el6.2.i686.rpm
e276e33451fa5e6427c0766f4658f2ff42d69f790f7c50690ec283bdce6ec579 
finch-2.7.9-5.el6.2.x86_64.rpm
63add8af6a7486c183f6f5f68519f9358d1556586d1a70bd16afe9763aa2eecd 
finch-devel-2.7.9-5.el6.2.i686.rpm
02d46001fbaa11eababfdfa96ec8456c9a4b0230486c1a3a25454fe32fd835b8 
finch-devel-2.7.9-5.el6.2.x86_64.rpm
d9e83db5383761bf5423868947f04424db571114fbd7744c560d60634366bd7c 
libpurple-2.7.9-5.el6.2.i686.rpm
913a5868d8886213eddf0f4ad1c3de82934e47bb72803dd26271507075411979 
libpurple-2.7.9-5.el6.2.x86_64.rpm
dfee92664d3199ef81601d3bf59dd782216aca263239f2459075995dc6884754 
libpurple-devel-2.7.9-5.el6.2.i686.rpm
855df431b7d4909c9b75bef3def5b7dff2508e73710b5712f193bfc57ff81f90 
libpurple-devel-2.7.9-5.el6.2.x86_64.rpm
456637d7745868c1841fdde8d8f919ddae75907f83bce8873a4ceaf60f79d54c 
libpurple-perl-2.7.9-5.el6.2.x86_64.rpm
f779f8ffd0139b5bb12a843f6ab70fa34ad4be599140748cfac8f3a5a00fa5d1 
libpurple-tcl-2.7.9-5.el6.2.x86_64.rpm
afd259b13664bf5a2d105907f3dffdf52afec5a42aa27bb4ebcc8603a12e5aa3 
pidgin-2.7.9-5.el6.2.x86_64.rpm
09ddbe127c9ee03c734b0bc91edb574c485ad08f910a77f98684f02a38b8db58 
pidgin-devel-2.7.9-5.el6.2.i686.rpm
8bacedb333631716186006c373438843423dd9fbbb7e98a35b6fd91ff23dfc4e 
pidgin-devel-2.7.9-5.el6.2.x86_64.rpm
405a23c1d88dd859325296140c44838ef686a1e066a7423c9ae9751fc0b83280 
pidgin-docs-2.7.9-5.el6.2.x86_64.rpm
b097233a1698755889e31dbca0af9f4439164729b8a3b4de5f8278aabce0bf0a 
pidgin-perl-2.7.9-5.el6.2.x86_64.rpm

Source:
725a7dd75d0befd90615f9c917a2fcb4550eae34aaef56a0c83eecad889b2eb5 
pidgin-2.7.9-5.el6.2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce



CentOS Errata and Security Advisory 2012:1102 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1102.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
8908908678462c28bc03c3915620946db378b4a1f3fe93a21c52e442cae90c69 
finch-2.6.6-11.el5.4.i386.rpm
c6587668fe8ea1222184d2ca9d8ad4214150a2700297efe5657630f97b4f8184 
finch-devel-2.6.6-11.el5.4.i386.rpm
f475dc5dd1fad54bf7b0bd4a5c44099ab813ea20b198ecdda7a4c657e2d26d58 
libpurple-2.6.6-11.el5.4.i386.rpm
ec8715feb4a1ae7db0cf3117caa0f6b35e13cef91c30e597170517939e52e108 
libpurple-devel-2.6.6-11.el5.4.i386.rpm
d12e73335aa5c14bc0e1faf27511fb9b4c22a41f024180db8880800941e74ddd 
libpurple-perl-2.6.6-11.el5.4.i386.rpm
c27bb1f6da30f4fe09a9f71c1cb72799a7e2f350d1e684d7dbbb1de0f974d1c3 
libpurple-tcl-2.6.6-11.el5.4.i386.rpm
77b67caa2d887bf7240006928ae0e02e6d656a6233ceca778d2aca7a8cdb44c0 
pidgin-2.6.6-11.el5.4.i386.rpm
78626e2510297051788d1dd3813181351cf9a8d554bff703a6210b69feef9135 
pidgin-devel-2.6.6-11.el5.4.i386.rpm
2dacc069567913571d78e30faa3c23612d647486d75c9203fc0e88c4ab016ea9 
pidgin-perl-2.6.6-11.el5.4.i386.rpm

x86_64:
8908908678462c28bc03c3915620946db378b4a1f3fe93a21c52e442cae90c69 
finch-2.6.6-11.el5.4.i386.rpm
9c9624d412fe0b2ebfd528409f7861a909cb1330316b798171448edd0de3a8e5 
finch-2.6.6-11.el5.4.x86_64.rpm
c6587668fe8ea1222184d2ca9d8ad4214150a2700297efe5657630f97b4f8184 
finch-devel-2.6.6-11.el5.4.i386.rpm
475dd556a8fe35da3761836b788f5b50d19f0287c8720cb9b8164517d95f4f98 
finch-devel-2.6.6-11.el5.4.x86_64.rpm
f475dc5dd1fad54bf7b0bd4a5c44099ab813ea20b198ecdda7a4c657e2d26d58 
libpurple-2.6.6-11.el5.4.i386.rpm
e47fca7540f473e4d71353979bfd4e454c2acf2d148095327e4a88f03ae57d56 
libpurple-2.6.6-11.el5.4.x86_64.rpm
ec8715feb4a1ae7db0cf3117caa0f6b35e13cef91c30e597170517939e52e108 
libpurple-devel-2.6.6-11.el5.4.i386.rpm
4ee7a09fe1a811f963c6617a304602d9498c2c86fdb5b337fe53c7300873e77e 
libpurple-devel-2.6.6-11.el5.4.x86_64.rpm
2ff4c9619bb149f2f8778a196148f5794dcfa750539431c10605c2dc8537007e 
libpurple-perl-2.6.6-11.el5.4.x86_64.rpm
b41b045ef30a7793eb9452d31796779fcdaad3f8e235b8b03629b98953e755f8 
libpurple-tcl-2.6.6-11.el5.4.x86_64.rpm
77b67caa2d887bf7240006928ae0e02e6d656a6233ceca778d2aca7a8cdb44c0 
pidgin-2.6.6-11.el5.4.i386.rpm
a7fe43fddcb7563e1055c2e20534bde3427f724e1c5097d55a28bec08862c666 
pidgin-2.6.6-11.el5.4.x86_64.rpm
78626e2510297051788d1dd3813181351cf9a8d554bff703a6210b69feef9135 
pidgin-devel-2.6.6-11.el5.4.i386.rpm
5c628b0af6fd5d4e82176897ef06cf020d81c3b018c231a43f72e36b63131ac3 
pidgin-devel-2.6.6-11.el5.4.x86_64.rpm
0555309476ac2e8940bd4f4a89a9f320492aaaa601c35fea1df9eae111034a37 
pidgin-perl-2.6.6-11.el5.4.x86_64.rpm

Source:
08659ccf29efb706dc14e09dc8571bb81f7412646c162f34b4e43aeed695eb2c 
pidgin-2.6.6-11.el5.4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce

Tri nepravilnosti u paketu Pidgin

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Tri nepravilnosti u paketu Pidgin

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti