Bug 736161 - VUL-0: CVE-2011-4603: pidgin: SILC remote crash on channel messages
VUL-0: CVE-2011-4603: pidgin: SILC remote crash on channel messages
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-12-12 09:11 UTC by Matthias Weckbecker
Modified: 2015-02-19 00:31 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Weckbecker 2011-12-12 09:11:52 UTC
"When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash. This vulnerability is similar to CVE-2011-3594, but occurs in a different piece of code and was fixed at a later date.

Reference:
http://pidgin.im/news/security/?id=59
Patch: http://developer.pidgin.im/viewmtn/revision/info/afb9ede3de989f217f03d5670cca00e628bd11f1" -- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4603
Comment 1 Bernhard Wiedemann 2011-12-19 07:00:15 UTC
This is an autogenerated message for OBS integration:
This bug (736161) was mentioned in
https://build.opensuse.org/request/show/96984 11.3 / pidgin
Comment 2 Bernhard Wiedemann 2011-12-19 08:00:15 UTC
This is an autogenerated message for OBS integration:
This bug (736161) was mentioned in
https://build.opensuse.org/request/show/96988 11.4 / pidgin
Comment 3 Dong Mao Zhang 2011-12-26 06:39:29 UTC
sle11sp1 sr is #16993
sle10sp4 sr is #17000
Comment 4 Bernhard Wiedemann 2012-01-10 17:00:15 UTC
This is an autogenerated message for OBS integration:
This bug (736161) was mentioned in
https://build.opensuse.org/request/show/99665 Evergreen:11.2 / pidgin
Comment 5 Sebastian Krahmer 2012-01-16 15:19:34 UTC
done
Comment 6 Bernhard Wiedemann 2012-01-18 17:00:17 UTC
This is an autogenerated message for OBS integration:
This bug (736161) was mentioned in
https://build.opensuse.org/request/show/100593 Evergreen:11.2 / pidgin