Summary
The remote host is missing an update to pidgin
announced via advisory FEDORA-2009-8791.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update pidgin' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8791
Insight
Update Information:
pidgin upgrade to 2.6.0 for the CVE-2009-2694, insufficient input validation in msn_slplink_process_msg() and numerous other bug fixes. Fedora 10 does not support voice and video with pidgin-2.6.0. Upgrade to Fedora 11 for this capability.
ChangeLog:
* Tue Aug 18 2009 Warren Togami 2.6.0-1
- CVE-2009-2694
- Voice and Video support via farsight2 (Fedora 11+) - Numerous other bug fixes
* Thu Aug 6 2009 Warren Togami 2.6.0-0.11.20090812 - new snapshot at the request of maiku
* Thu Aug 6 2009 Warren Togami 2.6.0-0.10.20090806 - new snapshot - theoretically better sound quality in voice chat * Tue Aug 4 2009 Warren Togami 2.6.0-0.9.20090804 - new snapshot
Severity
Classification
-
CVE CVE-2009-2694 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities