CVE-2014-3775
Published: 20 May 2014
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
Priority
Status
Package | Release | Status |
---|---|---|
libgadu Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1:1.12.0~rc3-1)
|
bionic |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
cosmic |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
disco |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
lucid |
Ignored
(end of life)
|
|
precise |
Released
(1:1.11.1-1ubuntu0.2)
|
|
saucy |
Released
(1:1.11.2-1ubuntu1.2)
|
|
trusty |
Does not exist
(trusty was needed)
|
|
upstream |
Released
(1:1.12.0~rc3-1)
|
|
utopic |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
vivid |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
wily |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
xenial |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
yakkety |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
zesty |
Not vulnerable
(1:1.12.0~rc3-1)
|
|
Patches: upstream: https://github.com/wojtekka/libgadu/commit/f45ff34dfe2edab54d6fa185e8b87246ab100bd4 upstream: https://github.com/wojtekka/libgadu/commit/0db17ad635b07566d4e53a773919c16472341966 |
||
pidgin Launchpad, Ubuntu, Debian |
artful |
Released
(1:2.10.9-0ubuntu4)
|
bionic |
Released
(1:2.10.9-0ubuntu4)
|
|
cosmic |
Released
(1:2.10.9-0ubuntu4)
|
|
disco |
Released
(1:2.10.9-0ubuntu4)
|
|
lucid |
Ignored
(end of life)
|
|
precise |
Released
(1:2.10.3-0ubuntu1.5)
|
|
saucy |
Released
(1:2.10.7-0ubuntu4.1.13.10.2)
|
|
trusty |
Released
(1:2.10.9-0ubuntu3.1)
|
|
upstream |
Needed
|
|
utopic |
Released
(1:2.10.9-0ubuntu4)
|
|
vivid |
Released
(1:2.10.9-0ubuntu4)
|
|
wily |
Released
(1:2.10.9-0ubuntu4)
|
|
xenial |
Released
(1:2.10.9-0ubuntu4)
|
|
yakkety |
Released
(1:2.10.9-0ubuntu4)
|
|
zesty |
Released
(1:2.10.9-0ubuntu4)
|
|
Patches: upstream: https://hg.pidgin.im/pidgin/main/rev/fd11790cc4d6 |