The Slackware Linux Project: Mailing List Info

Mailing List Info

News
Security Advisories
FAQ
Book
General Info
Get Slack
Install Help
Configuration
Packages
ChangeLogs
Propaganda
Ports
Other Sites
Support
Contact

Mailing Lists
Archives

About

From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] pidgin (SSA:2010-069-01)
Date: Wed, 10 Mar 2010 18:17:44 -0800 (PST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  pidgin (SSA:2010-069-01)

New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0,
and -current to fix denial of service issues.

More details about the issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423


Here are the details from the Slackware 13.0 ChangeLog:
+--------------------------+
patches/packages/pidgin-2.6.6-i486-1_slack13.0.txz:  Upgraded.
  This fixes a few denial-of-service flaws as well as other bugs.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0277
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/pidgin-2.6.6-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/pidgin-2.6.6-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/pidgin-2.6.6-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/pidgin-2.6.6-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/pidgin-2.6.6-x86_64-1_slack13.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/pidgin-2.6.6-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/pidgin-2.6.6-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 12.0 package:
ab0bdf3a3de12e14973e603f812cb0de  pidgin-2.6.6-i486-1_slack12.0.tgz

Slackware 12.1 package:
f84d789da03ce5e6481c9e04481913a6  pidgin-2.6.6-i486-1_slack12.1.tgz

Slackware 12.2 package:
788ed01f917aa0bfca365e9f77a3490e  pidgin-2.6.6-i486-1_slack12.2.tgz

Slackware 13.0 package:
c8456f8e3c9fb456afcb49871c557e9f  pidgin-2.6.6-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
80baaeb8cb042fab6c9764b491c3ebd1  pidgin-2.6.6-x86_64-1_slack13.0.txz

Slackware -current package:
5ddf6032d36ba29d5ae14ecaedbab88f  pidgin-2.6.6-i486-1.txz

Slackware x86_64 -current package:
451919ccd63ef9aa4245dbe1afb27587  pidgin-2.6.6-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg pidgin-2.6.6-i486-1_slack13.0.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkuYIGkACgkQakRjwEAQIjNVqACfdPpn0AJG6J7xEkpa2wiaePQ8
bO0AnRRMOj7sUHfbwSrzo67pAtJdPkWq
=c6/f
-----END PGP SIGNATURE-----

Slackware™ is a trademark of Patrick Volkerding.