Описание
Security update for pidgin-otr
This update for pidgin-otr fixes the following issues:
- CVE-2015-8833: A heap based use-after-free issue was fixed in pidgin-otr that could lead to crashes or potential code execution.
Список пакетов
SUSE Linux Enterprise Desktop 12
pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Desktop 12 SP1
pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12
pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12 SP1
pidgin-otr-4.0.0-8.1
Ссылки
- Link for SUSE-SU-2016:0912-1
- E-Mail link for SUSE-SU-2016:0912-1
- SUSE Security Ratings
- SUSE Bug 970498
- SUSE CVE CVE-2015-8833 page
Описание
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote attackers to execute arbitrary code via vectors related to the "Authenticate buddy" menu item.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Desktop 12:pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12 SP1:pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12:pidgin-otr-4.0.0-8.1
Ссылки
- CVE-2015-8833
- SUSE Bug 970498