Description
The pidgin Instant Messenger has been updated to fix various security
issues:
* CVE-2014-0020: Remotely triggerable crash in IRC argument parsing
* CVE-2013-6490: Buffer overflow in SIMPLE header parsing
* CVE-2013-6489: Buffer overflow in MXit emoticon parsing
* CVE-2013-6487: Buffer overflow in Gadu-Gadu HTTP parsing
* CVE-2013-6486: Pidgin uses clickable links to untrusted executables
* CVE-2013-6485: Buffer overflow parsing chunked HTTP responses
* CVE-2013-6484: Crash reading response from STUN server
* CVE-2013-6483: XMPP doesn't verify 'from' on some iq replies
* CVE-2013-6482: NULL pointer dereference parsing SOAP data in MSN
* CVE-2013-6482: NULL pointer dereference parsing OIM data in MSN
* CVE-2013-6482: NULL pointer dereference parsing headers in MSN
* CVE-2013-6481: Remote crash reading Yahoo! P2P message
* CVE-2013-6479: Remote crash parsing HTTP responses
* CVE-2013-6478: Crash when hovering pointer over a long URL * CVE-2013-6477: Crash handling bad XMPP timestamp * CVE-2012-6152: Yahoo! remote crash from incorrect character encoding