Skip to navigation

Security Advisory Important: pidgin security update

Advisory: RHSA-2009:1060-1
Type: Security Advisory
Severity: Important
Issued on: 2009-05-22
Last updated on: 2009-05-22
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-1373
CVE-2009-1374
CVE-2009-1375
CVE-2009-1376

Details

Updated pidgin packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously.

A buffer overflow flaw was found in the way Pidgin initiates file transfers
when using the Extensible Messaging and Presence Protocol (XMPP). If a
Pidgin client initiates a file transfer, and the remote target sends a
malformed response, it could cause Pidgin to crash or, potentially, execute
arbitrary code with the permissions of the user running Pidgin. This flaw
only affects accounts using XMPP, such as Jabber and Google Talk.
(CVE-2009-1373)

A denial of service flaw was found in Pidgin's QQ protocol decryption
handler. When the QQ protocol decrypts packet information, heap data can be
overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)

A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.
If the buffer is full when more data arrives, the data stored in this
buffer becomes corrupted. This corrupted data could result in confusing or
misleading data being presented to the user, or possibly crash Pidgin.
(CVE-2009-1375)

It was discovered that on 32-bit platforms, the Red Hat Security Advisory
RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw
affecting Pidgin's MSN protocol handler. If a Pidgin client receives a
specially-crafted MSN message, it may be possible to execute arbitrary code
with the permissions of the user running Pidgin. (CVE-2009-1376)

Note: By default, when using an MSN account, only users on your buddy list
can send you messages. This prevents arbitrary MSN users from exploiting
this flaw.

All Pidgin users should upgrade to these updated packages, which contain
backported patches to resolve these issues. Pidgin must be restarted for
this update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
pidgin-2.5.5-3.el5.src.rpm
File outdated by:  RHSA-2014:0139
    MD5: 1456eb8737036c061ee94532223a1224
 
IA-32:
finch-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: e6684e7d129930ee98881948b018c0b5
libpurple-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 31f9596b2d090109201c4c3181b5c965
pidgin-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: fa21a956a9850d14ef70bfddd3b27a33
 
x86_64:
finch-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: e6684e7d129930ee98881948b018c0b5
finch-devel-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: ba2a78d281ebb7bd78ce58856aeb3763
libpurple-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 31f9596b2d090109201c4c3181b5c965
libpurple-devel-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: 09d38055310871433d0be8fe604da34d
pidgin-devel-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: fa21a956a9850d14ef70bfddd3b27a33
pidgin-devel-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: a2fefea9939a9d82659dded515b4698d
 
Red Hat Desktop (v. 4)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9aef589d8345ce9911a555fdde938cad
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9aef589d8345ce9911a555fdde938cad
 
IA-64:
finch-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c3f53b5a9dbfeffe1279780894590cb9
finch-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c45752ba2a8c1d0a041628564ee64956
libpurple-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 60186f37beea6a40b9113056248e8c5a
libpurple-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 5d95d25a10b66210676b3121ba407425
libpurple-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 536daf9b2103b7f91726e5c7156a8c0e
libpurple-tcl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 87235a285299cf70942dd5a8ce5b8341
pidgin-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 34728540d93c0bcf86338fe60faec283
pidgin-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 1e9fda46b12bb91ea05b6576c4bafddd
pidgin-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 43fd2af5ff580013a1309c5516d8af85
 
PPC:
finch-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9f072206d02ac7e0252441bf0914de2f
finch-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 1afa51e0bc100132544dabafcdacead0
libpurple-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9105b179ab3106fc26e072decb86afff
libpurple-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 48460be9cc228669dff201120bf0e633
libpurple-perl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 40f274a08631745e779c5490405c02af
libpurple-tcl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 7aa1dca8fe1871d4e1264686818326cd
pidgin-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 6fedb2ade792c2a193f30686b4c990c1
pidgin-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 61664674617b4ccb2b137e0f65660043
pidgin-perl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2011:1820
    MD5: 23809ecbc239b05a2ef3ddff0225e0bc
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
Red Hat Enterprise Linux AS (v. 4.8.z)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 9aef589d8345ce9911a555fdde938cad
 
IA-64:
finch-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: c3f53b5a9dbfeffe1279780894590cb9
finch-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: c45752ba2a8c1d0a041628564ee64956
libpurple-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 60186f37beea6a40b9113056248e8c5a
libpurple-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 5d95d25a10b66210676b3121ba407425
libpurple-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 536daf9b2103b7f91726e5c7156a8c0e
libpurple-tcl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 87235a285299cf70942dd5a8ce5b8341
pidgin-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 34728540d93c0bcf86338fe60faec283
pidgin-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 1e9fda46b12bb91ea05b6576c4bafddd
pidgin-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 43fd2af5ff580013a1309c5516d8af85
 
PPC:
finch-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 9f072206d02ac7e0252441bf0914de2f
finch-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 1afa51e0bc100132544dabafcdacead0
libpurple-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 9105b179ab3106fc26e072decb86afff
libpurple-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 48460be9cc228669dff201120bf0e633
libpurple-perl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 40f274a08631745e779c5490405c02af
libpurple-tcl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 7aa1dca8fe1871d4e1264686818326cd
pidgin-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 6fedb2ade792c2a193f30686b4c990c1
pidgin-devel-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 61664674617b4ccb2b137e0f65660043
pidgin-perl-2.5.5-2.el4.ppc.rpm
File outdated by:  RHSA-2010:0788
    MD5: 23809ecbc239b05a2ef3ddff0225e0bc
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
pidgin-2.5.5-3.el5.src.rpm
File outdated by:  RHSA-2014:0139
    MD5: 1456eb8737036c061ee94532223a1224
 
IA-32:
finch-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 9e52d569b407d3dd61c8a9c6060df189
libpurple-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 92c942126a7ff17ef71aca2eb63d0e84
libpurple-perl-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 3eb973cc37da0ef1ea2dc58c5962f499
libpurple-tcl-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: c5933cb7710111c27a291feae04d7ae9
pidgin-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: f25c9b11512d34731e2fd857534d3f01
pidgin-perl-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: a8f694145ff60f751a47b10da4d24099
 
x86_64:
finch-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 9e52d569b407d3dd61c8a9c6060df189
finch-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: 2b688b59546fed9216ed495753f37659
libpurple-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: 92c942126a7ff17ef71aca2eb63d0e84
libpurple-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: 72e2e9d6b6677dec1343deff5e19afe9
libpurple-perl-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: 430b8f68cb3399db3d390fc2c29c04d4
libpurple-tcl-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: 910a93a46ebc9c8d019e3893e138b44c
pidgin-2.5.5-3.el5.i386.rpm
File outdated by:  RHSA-2014:0139
    MD5: f25c9b11512d34731e2fd857534d3f01
pidgin-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: b3490ea20692918a32c3af634afcf6f2
pidgin-perl-2.5.5-3.el5.x86_64.rpm
File outdated by:  RHSA-2014:0139
    MD5: f2e0e049e87f6781aa1d2dfd92315867
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9aef589d8345ce9911a555fdde938cad
 
IA-64:
finch-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c3f53b5a9dbfeffe1279780894590cb9
finch-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c45752ba2a8c1d0a041628564ee64956
libpurple-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 60186f37beea6a40b9113056248e8c5a
libpurple-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 5d95d25a10b66210676b3121ba407425
libpurple-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 536daf9b2103b7f91726e5c7156a8c0e
libpurple-tcl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 87235a285299cf70942dd5a8ce5b8341
pidgin-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 34728540d93c0bcf86338fe60faec283
pidgin-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 1e9fda46b12bb91ea05b6576c4bafddd
pidgin-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 43fd2af5ff580013a1309c5516d8af85
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
Red Hat Enterprise Linux ES (v. 4.8.z)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2010:0788
    MD5: 9aef589d8345ce9911a555fdde938cad
 
IA-64:
finch-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: c3f53b5a9dbfeffe1279780894590cb9
finch-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: c45752ba2a8c1d0a041628564ee64956
libpurple-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 60186f37beea6a40b9113056248e8c5a
libpurple-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 5d95d25a10b66210676b3121ba407425
libpurple-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 536daf9b2103b7f91726e5c7156a8c0e
libpurple-tcl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 87235a285299cf70942dd5a8ce5b8341
pidgin-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 34728540d93c0bcf86338fe60faec283
pidgin-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 1e9fda46b12bb91ea05b6576c4bafddd
pidgin-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 43fd2af5ff580013a1309c5516d8af85
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2010:0788
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
pidgin-2.5.5-2.el4.src.rpm
File outdated by:  RHSA-2011:1820
    MD5: d51ebf680cfad422739526cdba2edf79
 
IA-32:
finch-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 7edbf3f12577a7fa6624e7064ff5b2ff
finch-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: dbb217b8aa5ab142d3651b65a4680ae0
libpurple-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 646989e2a3151ca4987e6b66a0c3c27d
libpurple-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 466d658fc59c1bc5c222e150d6b2ae57
libpurple-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 802499247ab0eadee788196cb87eed4e
libpurple-tcl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 676418301f7448b438381984f574e990
pidgin-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 4cdbea892c05ddb589754ae207300887
pidgin-devel-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: c068b58f348be53ba5b7a0b9d6d02481
pidgin-perl-2.5.5-2.el4.i386.rpm
File outdated by:  RHSA-2011:1820
    MD5: 9aef589d8345ce9911a555fdde938cad
 
IA-64:
finch-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c3f53b5a9dbfeffe1279780894590cb9
finch-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: c45752ba2a8c1d0a041628564ee64956
libpurple-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 60186f37beea6a40b9113056248e8c5a
libpurple-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 5d95d25a10b66210676b3121ba407425
libpurple-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 536daf9b2103b7f91726e5c7156a8c0e
libpurple-tcl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 87235a285299cf70942dd5a8ce5b8341
pidgin-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 34728540d93c0bcf86338fe60faec283
pidgin-devel-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 1e9fda46b12bb91ea05b6576c4bafddd
pidgin-perl-2.5.5-2.el4.ia64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 43fd2af5ff580013a1309c5516d8af85
 
x86_64:
finch-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 6f20c678140441e3db8dfdc183814074
finch-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 8adadb9a8e702af0ac9cbcc76ab1755c
libpurple-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: af306ce26a485df09f13c3c2ee18d12c
libpurple-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 715c26ad6436677930e8b33ebf8ad31c
libpurple-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: f431d6485d169bde86c95b9007a0ffce
libpurple-tcl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 001d47226470700e535e5a503e423fb4
pidgin-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 10feaeabef58031feeb3cdcec9bf7a2f
pidgin-devel-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: e602dd52f5ea83f0fc36a41ac6ab04f6
pidgin-perl-2.5.5-2.el4.x86_64.rpm
File outdated by:  RHSA-2011:1820
    MD5: 25615f0c2dd9b9a1bb240e2f82f80c24
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

500488 - CVE-2009-1373 pidgin file transfer buffer overflow
500490 - CVE-2009-1374 pidgin DoS when decrypting qq packets
500491 - CVE-2009-1375 pidgin PurpleCircBuffer corruption
500493 - CVE-2009-1376 pidgin incomplete fix for CVE-2008-2927


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/