CVE-2009-1374

Publication date 26 May 2009

Last updated 24 July 2024

Ubuntu priority

Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
gaim	9.04 jaunty	Not in release
	8.10 intrepid	Not in release
	8.04 LTS hardy	Not in release
	7.10 gutsy	Not in release
	6.06 LTS dapper	Not affected
pidgin	9.04 jaunty	Fixed 1:2.5.5-1ubuntu8.1
	8.10 intrepid	Fixed 1:2.5.2-0ubuntu1.2
	8.04 LTS hardy	Fixed 1:2.4.1-1ubuntu2.4
	7.04 feisty	Not in release
	6.06 LTS dapper	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
pidgin	Upstream: http://developer.pidgin.im/viewmtn/revision/info/ad057b7532610edb11caffebfa98068b6239d787 Upstream: http://developer.pidgin.im/viewmtn/revision/info/2c9a1153bc1694e9656752a73526bd6b7461265b

CVE-2009-1374

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references