Foresight: pidgin
Posted by Bill Keys   
Previous versions of pidgin are vulnerable to a denial-of-service when pidgin has been configured to use HTML logging. Logging is not enabled by default, so the default install of Foresight Linux is not vulnerable to this issue.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Foresight Linux Essential Advisory: 2007-0067-1
Published: 2007-11-11

Rating: Minor

Updated Versions:
   pidgin=/foresight.rpath.org@fl:1-devel//1/2.2.2-1-1
   group-dist=/foresight.rpath.org@fl:1-devel//1/1.4.1-0.2-3

References:
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4999
   http://www.pidgin.im/news/security/?id=24

Description:
   Previous versions of pidgin are vulnerable to a denial-of-service when
   pidgin has been configured to use HTML logging. Logging is not enabled by
   default, so the default install of Foresight Linux is not vulnerable to
   this issue.

- ---

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iQIVAwUBRzfdX9fwEn07iAtZAQKuWxAAwT3oV9yX5ux93HpFgVDjQI6KJ3g2sFJ/
NiLGdQHbnxEqtry/T0vgalw8Rsh/HNcd8jEAEBxe+wHZKjY0CiaTDmA5/76UItWq
hov1gc+0KNeWF0aUn/3qDfvrSFzpaa9s/1WM4yEsQNAKSz5X78m5QS0QnEBI+4lA
HTPbKjQp/tsEpZxt3/1JFIEZwlKDgyJoq/JyH2JE0l+kYVFQ4hXeRWwJbGFx1jTJ
iwLOzgBxpJ8pn+iZJtaHif/CO1JsdVZ6n5T6k+n/r9kc3Hs5yqLaUeLaREQyUi+P
U5Y6tu27OU0CJ7SZITMtsqRbIibzvVQuQvZQvIYruyIjeukGeaTgcOj0QzycF5Wl
jqby6cf1fwdHLXXxdkyYiK+2eklrBLJG0Sbxlt4l9v3eL8lUAlSHTfHSwn4sKxg9
OYBgixcrU0zxcKDlai/EiXmHElorXtCaIYlDaIeunK5uF/VyBOgMhUvlMmkXHWY9
I+a8kn6ita/ulDUKJBaCmgm36MsS9ChfCSMErZQTxNbTFhPUS1jOj8rErE4hgGgo
AHXDzlbeB1YhpsuKlIAelZFOjCNaaNy4H52tQlK+m7WUdXbwz34JrL6GB2GuR4ir
2+0kjjLszBki0sosjl3/yuE0uKpB1Xch4yr/KjhmqtMvnRAEElWe8QMc8t1kVeoi
aOljymBtaXU=
=bzoP
-----END PGP SIGNATURE-----