Mercurial > pidgin3 / file diff

diff: ChangeLog

ChangeLog

branch
release-2.x.y
changeset 35255
635339ce6bf7
parent 35252
852014ae74a0
child 35260
7b080f86fcbc
--- a/ChangeLog	Sat Jan 18 10:22:41 2014 -0800
+++ b/ChangeLog	Sat Jan 18 10:25:39 2014 -0800
@@ -56,6 +56,9 @@
 	  functions are available using official Gadu-Gadu website.
 
 	IRC:
+	* Fix bug where a malicious server or man-in-the-middle could trigger
+	  a crash by not sending enough arguments with various messages.
+	  (Discovered by Daniel Atallah) (CVE-2014-0020)
 	* Fix bug where initial IRC status would not be set correctly.
 	* Fix bug where IRC wasn't available when libpurple was compiled with
 	  Cyrus SASL support. (#15517)

Mercurial Repository: pidgin3

mercurial