Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 586698 (CVE-2016-1000030, CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2379, CVE-2016-2380, CVE-2016-4323)

Summary: <net-im/pidgin-2.11.0: multiple vulnerabilities
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: polynomial-c
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2016-06-22 11:00:03 UTC
2.11.0 fixes multiple vuln, see
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-06-25 14:36:36 UTC
commit 731600c1dc09d55aee8f5549dc1d2406f3c754f0
Author: Lars Wendler <>
Date:   Sat Jun 25 16:35:45 2016

    net-im/pidgin: Security bump (bug #586698).
    Package-Manager: portage-2.3.0
    Signed-off-by: Lars Wendler <>

I'm still on vacation with very limited internet access. Feel free to call for stabilization at anytime.
Comment 2 Aaron Bauman (RETIRED) gentoo-dev 2016-06-26 00:29:33 UTC
@arches, please stabilize:

Comment 3 Agostino Sarubbo gentoo-dev 2016-06-27 08:25:15 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-06-27 08:52:15 UTC
x86 stable
Comment 5 Tobias Klausmann (RETIRED) gentoo-dev 2016-06-30 13:00:14 UTC
Stable on alpha.
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2016-07-03 19:26:03 UTC
Stable for HPPA.
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2016-07-06 06:53:29 UTC
Stable for PPC64.
Comment 8 Agostino Sarubbo gentoo-dev 2016-07-08 08:19:47 UTC
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-07-08 08:44:03 UTC
sparc stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-07-08 13:30:19 UTC
ia64 stable
Comment 11 Markus Meier gentoo-dev 2016-07-08 14:28:21 UTC
arm stable, all arches done.
Comment 12 Aaron Bauman (RETIRED) gentoo-dev 2016-07-24 11:30:42 UTC
@maintainer(s), please cleanup the vulnerable versions.
Comment 13 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2016-07-29 13:01:45 UTC
Cleanup done.
Comment 14 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-16 06:14:10 UTC
New GLSA request filed.
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2017-01-17 03:35:45 UTC
This issue was resolved and addressed in
 GLSA 201701-38 at
by GLSA coordinator Aaron Bauman (b-man).