Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 586698 (CVE-2016-1000030, CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2379, CVE-2016-2380, CVE-2016-4323) - <net-im/pidgin-2.11.0: multiple vulnerabilities
Summary: <net-im/pidgin-2.11.0: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2016-1000030, CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2379, CVE-2016-2380, CVE-2016-4323
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-22 11:00 UTC by Agostino Sarubbo
Modified: 2017-01-17 03:35 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-06-22 11:00:03 UTC
2.11.0 fixes multiple vuln, see http://www.pidgin.im/news/security/
Comment 1 Lars Wendler (Polynomial-C) gentoo-dev 2016-06-25 14:36:36 UTC
commit 731600c1dc09d55aee8f5549dc1d2406f3c754f0
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Sat Jun 25 16:35:45 2016

    net-im/pidgin: Security bump (bug #586698).
    
    Package-Manager: portage-2.3.0
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>


I'm still on vacation with very limited internet access. Feel free to call for stabilization at anytime.
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-06-26 00:29:33 UTC
@arches, please stabilize:

=net-im/pidgin-2.11.0
Comment 3 Agostino Sarubbo gentoo-dev 2016-06-27 08:25:15 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-06-27 08:52:15 UTC
x86 stable
Comment 5 Tobias Klausmann gentoo-dev 2016-06-30 13:00:14 UTC
Stable on alpha.
Comment 6 Jeroen Roovers gentoo-dev 2016-07-03 19:26:03 UTC
Stable for HPPA.
Comment 7 Jeroen Roovers gentoo-dev 2016-07-06 06:53:29 UTC
Stable for PPC64.
Comment 8 Agostino Sarubbo gentoo-dev 2016-07-08 08:19:47 UTC
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-07-08 08:44:03 UTC
sparc stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-07-08 13:30:19 UTC
ia64 stable
Comment 11 Markus Meier gentoo-dev 2016-07-08 14:28:21 UTC
arm stable, all arches done.
Comment 12 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-07-24 11:30:42 UTC
@maintainer(s), please cleanup the vulnerable versions.
Comment 13 Lars Wendler (Polynomial-C) gentoo-dev 2016-07-29 13:01:45 UTC
Cleanup done.
Comment 14 Thomas Deutschmann gentoo-dev Security 2017-01-16 06:14:10 UTC
New GLSA request filed.
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2017-01-17 03:35:45 UTC
This issue was resolved and addressed in
 GLSA 201701-38 at https://security.gentoo.org/glsa/201701-38
by GLSA coordinator Aaron Bauman (b-man).