The latest open source version of Pidgin 2.10.1 IM client patches four DoS flaws. The maintenance and security update addresses a total of four denial-of-service (DoS) vulnerabilities that could be exploited by an attacker to cause the application to be terminated. According to the developers, three of the issues were caused by incoming strings not being validated as UTF-8, while the fourth was due to a bug in the XMPP protocol plug-in that made it fail if certain required fields were missing in an incoming message," the article states. More details about the release can be found in the change log.
View all comments