------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-34            security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-02-25
  Severity: 3
      Type: Remote
------------------------------------------------------------------------

Summary
=======

Multiple vulnerabilities have been fixed in Pidgin, which can be used by
malicious people to cause denial of service. 


Description
===========

CVE-2010-0420 - "Finch XMPP MUC Crash": 

Discovered by Sadrul Habib Chowdhury last week.  In  an  XMPP  MUC,  if 
someone changes the nick to '
' (using '/nick 
' for example), 

then libpurple ends up having two users with username '\n' in the room, 
and finch crashes in this situation. We do not believe there is 

a possibility of remote code execution. I believe this commit fixes the 
problem, and there is a patch attached 

to     add an      extra      safety      check      to      Finch:     
http://developer.pidgin.im/viewmtn/revision/info/0085c32abf29d034d30feef1ffb1d483e316a9a8 



CVE-2010-0423 - "Smiley Denial of Service": 

Pidgin becomes unresponsive and consumes lots of CPU when receiving  an 
IM containing many smileys. This is a remote denial of service 

attack, but is not exploitable in any other way. It was reported to  us 
by Andrea Barisani of ocert. I did revise the previous patch 



Affected packages:

  Pardus 2009:
    pidgin, all before 2.6.6-38-12


Resolution
==========

There are update(s) for pidgin. You can update them via Package Manager 
or with a single command from console: 

    pisi up pidgin

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=12323
  * http://developer.pidgin.im/wiki/ChangeLog
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0420
  * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0423