Repository 32bit  Forum
Repository 64bit  Wiki

Menu

Home
Associazione Slacky
Info Repository
Repository 13.1 - 32
Repository 13.1 - 64
Repository 13.0 - 32
Other Repository
Gnome Slacky
Mirror
Slapt-Get Slackyd Swaret
Forum
Canale IRC
Security Advisories
Documentazione
Repository amici
Contact me
GPG key
Cerca
Collabora
Info RSS
Il nostro mondo
Le spese di Slacky.eu
Download Slackware

Security Advisories

(SSA) pidgin Print E-mail
Monday, 25 January 2010 
[slackware-security]  pidgin (SSA:2010-024-03)

New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0,
and -current to fix a security issue.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013


Here are the details from the Slackware 13.0 ChangeLog:
+--------------------------+
patches/packages/pidgin-2.6.5-i486-1_slack13.0.txz :  Upgraded.
  This fixes a directory traversal vulnerability in Pidgin's MSN protocol
  handling that may allow attackers to download arbitrary files.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0013
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project!   :-) 

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.0:
pidgin-2.6.5-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
pidgin-2.6.5-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
pidgin-2.6.5-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
pidgin-2.6.5-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
pidgin-2.6.5-x86_64-1_slack13.0.txz

Updated package for Slackware -current:
pidgin-2.6.5-i486-1.txz

Updated package for Slackware x86_64 -current:
pidgin-2.6.5-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 12.0 package:
1d779642ef1728ee115d0159803ffce7  pidgin-2.6.5-i486-1_slack12.0.tgz

Slackware 12.1 package:
24e6a95472e15299f16ad137ca92c568  pidgin-2.6.5-i486-1_slack12.1.tgz

Slackware 12.2 package:
d5186bf297d9647f08e4ff8b8d3496e5  pidgin-2.6.5-i486-1_slack12.2.tgz

Slackware 13.0 package:
b73f234503067324f5a16bc1686d0192  pidgin-2.6.5-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
6ae919fbbfc06731d4b83a9ff65f88a8  pidgin-2.6.5-x86_64-1_slack13.0.txz

Slackware -current package:
da2ea9b466c31521cf3857fc6998cb4c  pidgin-2.6.5-i486-1.txz

Slackware x86_64 -current package:
362a93381a225db704749b4249013731  pidgin-2.6.5-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg pidgin-2.6.5-i486-1_slack13.0.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key

 This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
 
< Prev   Next >
[ Back ]

Repository 32 - 13.1

Repository 64 - 13.1

We have 19 guests online

Latest Topics

Official Mirror

Darkstar (193.136.198.175), the portuguese open source software mirror, an Intel Core 2 Duo E6700 @ 2.66GHz with 4GiB RAM and 1.5TiB HDD (5x320GB RAID-5), powered by Slackware Linux and running vsftpd, Apache and rsync. This server is maintained by Secção DigitalAEIST in IST, Lisbon, Portugal, and is publicly available through FTP, HTTP and RSYNC protocols at 1Gbit/s.