Vulnerability-Lookup

CVE-2008-2927 (GCVE-0-2008-2927)

Vulnerability from cvelistv5 – Published: 2008-07-07 23:00 – Updated: 2024-08-07 09:21

Summary

Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

GSD-2008-2927

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-2927

Aliases

CVE-2008-2927

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2927",
    "description": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.",
    "id": "GSD-2008-2927",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-2927.html",
      "https://www.debian.org/security/2008/dsa-1610",
      "https://access.redhat.com/errata/RHSA-2008:0584",
      "https://linux.oracle.com/cve/CVE-2008-2927.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2927"
      ],
      "details": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.",
      "id": "GSD-2008-2927",
      "modified": "2023-12-13T01:23:01.252071Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-2927",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/32859",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32859"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-675-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-675-1"
          },
          {
            "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c",
            "refsource": "MISC",
            "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
          },
          {
            "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c",
            "refsource": "MISC",
            "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
          },
          {
            "name": "http://secunia.com/advisories/30971",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/30971"
          },
          {
            "name": "http://secunia.com/advisories/31016",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31016"
          },
          {
            "name": "http://secunia.com/advisories/31105",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31105"
          },
          {
            "name": "http://secunia.com/advisories/31387",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31387"
          },
          {
            "name": "http://secunia.com/advisories/31642",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31642"
          },
          {
            "name": "http://secunia.com/advisories/32861",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32861"
          },
          {
            "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246",
            "refsource": "MISC",
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1610",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1610"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2008/07/03/6",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2008/07/04/1",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1"
          },
          {
            "name": "http://www.pidgin.im/news/security/?id=25",
            "refsource": "MISC",
            "url": "http://www.pidgin.im/news/security/?id=25"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0584.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/493682",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/493682"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/495165/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/495818/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/29956",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/29956"
          },
          {
            "name": "http://www.securitytracker.com/id?1020451",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1020451"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-675-2",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-675-2"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/2032/references",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/2032/references"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-054",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-2647",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-2647"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=453764",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.4.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.2.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adium:adium:1.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-2927"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20080703 Re: Re: CVE Request (pidgin)",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1"
            },
            {
              "name": "[oss-security] 20080704 Re: Re: CVE Request (pidgin)",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6"
            },
            {
              "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
            },
            {
              "name": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=453764",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
            },
            {
              "name": "MDVSA-2008:143",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
            },
            {
              "name": "31387",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31387"
            },
            {
              "name": "DSA-1610",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1610"
            },
            {
              "name": "31016",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31016"
            },
            {
              "name": "20080625 Pidgin 2.4.1 Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/493682"
            },
            {
              "name": "31105",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31105"
            },
            {
              "name": "30971",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/30971"
            },
            {
              "name": "http://www.pidgin.im/news/security/?id=25",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.pidgin.im/news/security/?id=25"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-054",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
            },
            {
              "name": "RHSA-2008:0584",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-2647",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-2647"
            },
            {
              "name": "29956",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/29956"
            },
            {
              "name": "31642",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/31642"
            },
            {
              "name": "1020451",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020451"
            },
            {
              "name": "MDVSA-2009:127",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
            },
            {
              "name": "ADV-2008-2032",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2032/references"
            },
            {
              "name": "32861",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32861"
            },
            {
              "name": "32859",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32859"
            },
            {
              "name": "USN-675-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-675-1"
            },
            {
              "name": "USN-675-2",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-675-2"
            },
            {
              "name": "adium-msnprotocol-code-execution(44774)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
            },
            {
              "name": "oval:org.mitre.oval:def:17972",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
            },
            {
              "name": "oval:org.mitre.oval:def:11695",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
            },
            {
              "name": "20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
            },
            {
              "name": "20080806 rPSA-2008-0246-1 gaim",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T02:19Z",
      "publishedDate": "2008-07-07T23:41Z"
    }
  }
}

OPENSUSE-SU-2024:11172-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

finch-2.14.7-1.1 on GA media

Notes

Title of the patch

finch-2.14.7-1.1 on GA media

Description of the patch

These are all security issues fixed in the finch-2.14.7-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-11172

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "finch-2.14.7-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the finch-2.14.7-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11172",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11172-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-2927 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-2927/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-2955 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-2955/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2008-3532 page",
        "url": "https://www.suse.com/security/cve/CVE-2008-3532/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2640 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2640/"
      }
    ],
    "title": "finch-2.14.7-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11172-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "finch-2.14.7-1.1.aarch64",
                "product": {
                  "name": "finch-2.14.7-1.1.aarch64",
                  "product_id": "finch-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-2.14.7-1.1.aarch64",
                "product": {
                  "name": "finch-devel-2.14.7-1.1.aarch64",
                  "product_id": "finch-devel-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-branding-upstream-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-branding-upstream-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-branding-upstream-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-devel-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-devel-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-lang-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-lang-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-lang-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-plugin-sametime-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-plugin-sametime-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-plugin-sametime-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-2.14.7-1.1.aarch64",
                "product": {
                  "name": "libpurple-tcl-2.14.7-1.1.aarch64",
                  "product_id": "libpurple-tcl-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-2.14.7-1.1.aarch64",
                "product": {
                  "name": "pidgin-2.14.7-1.1.aarch64",
                  "product_id": "pidgin-2.14.7-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-devel-2.14.7-1.1.aarch64",
                "product": {
                  "name": "pidgin-devel-2.14.7-1.1.aarch64",
                  "product_id": "pidgin-devel-2.14.7-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "finch-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "finch-2.14.7-1.1.ppc64le",
                  "product_id": "finch-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "finch-devel-2.14.7-1.1.ppc64le",
                  "product_id": "finch-devel-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-branding-upstream-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-branding-upstream-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-branding-upstream-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-devel-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-devel-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-lang-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-lang-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-lang-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-plugin-sametime-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "libpurple-tcl-2.14.7-1.1.ppc64le",
                  "product_id": "libpurple-tcl-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "pidgin-2.14.7-1.1.ppc64le",
                  "product_id": "pidgin-2.14.7-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-devel-2.14.7-1.1.ppc64le",
                "product": {
                  "name": "pidgin-devel-2.14.7-1.1.ppc64le",
                  "product_id": "pidgin-devel-2.14.7-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "finch-2.14.7-1.1.s390x",
                "product": {
                  "name": "finch-2.14.7-1.1.s390x",
                  "product_id": "finch-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-2.14.7-1.1.s390x",
                "product": {
                  "name": "finch-devel-2.14.7-1.1.s390x",
                  "product_id": "finch-devel-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-2.14.7-1.1.s390x",
                  "product_id": "libpurple-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-branding-upstream-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-branding-upstream-2.14.7-1.1.s390x",
                  "product_id": "libpurple-branding-upstream-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-devel-2.14.7-1.1.s390x",
                  "product_id": "libpurple-devel-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-lang-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-lang-2.14.7-1.1.s390x",
                  "product_id": "libpurple-lang-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-plugin-sametime-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-plugin-sametime-2.14.7-1.1.s390x",
                  "product_id": "libpurple-plugin-sametime-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-2.14.7-1.1.s390x",
                "product": {
                  "name": "libpurple-tcl-2.14.7-1.1.s390x",
                  "product_id": "libpurple-tcl-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-2.14.7-1.1.s390x",
                "product": {
                  "name": "pidgin-2.14.7-1.1.s390x",
                  "product_id": "pidgin-2.14.7-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-devel-2.14.7-1.1.s390x",
                "product": {
                  "name": "pidgin-devel-2.14.7-1.1.s390x",
                  "product_id": "pidgin-devel-2.14.7-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "finch-2.14.7-1.1.x86_64",
                "product": {
                  "name": "finch-2.14.7-1.1.x86_64",
                  "product_id": "finch-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-2.14.7-1.1.x86_64",
                "product": {
                  "name": "finch-devel-2.14.7-1.1.x86_64",
                  "product_id": "finch-devel-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-branding-upstream-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-branding-upstream-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-branding-upstream-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-devel-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-devel-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-lang-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-lang-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-lang-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-plugin-sametime-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-plugin-sametime-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-plugin-sametime-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-2.14.7-1.1.x86_64",
                "product": {
                  "name": "libpurple-tcl-2.14.7-1.1.x86_64",
                  "product_id": "libpurple-tcl-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-2.14.7-1.1.x86_64",
                "product": {
                  "name": "pidgin-2.14.7-1.1.x86_64",
                  "product_id": "pidgin-2.14.7-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-devel-2.14.7-1.1.x86_64",
                "product": {
                  "name": "pidgin-devel-2.14.7-1.1.x86_64",
                  "product_id": "pidgin-devel-2.14.7-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64"
        },
        "product_reference": "finch-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le"
        },
        "product_reference": "finch-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x"
        },
        "product_reference": "finch-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64"
        },
        "product_reference": "finch-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64"
        },
        "product_reference": "finch-devel-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le"
        },
        "product_reference": "finch-devel-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x"
        },
        "product_reference": "finch-devel-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64"
        },
        "product_reference": "finch-devel-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-branding-upstream-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-branding-upstream-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-branding-upstream-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-branding-upstream-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-branding-upstream-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-branding-upstream-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-branding-upstream-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-branding-upstream-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-devel-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-devel-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-devel-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-devel-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-lang-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-lang-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-lang-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-lang-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-lang-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-lang-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-lang-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-lang-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-plugin-sametime-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-plugin-sametime-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-plugin-sametime-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-plugin-sametime-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-plugin-sametime-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-plugin-sametime-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-plugin-sametime-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64"
        },
        "product_reference": "libpurple-tcl-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le"
        },
        "product_reference": "libpurple-tcl-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x"
        },
        "product_reference": "libpurple-tcl-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64"
        },
        "product_reference": "libpurple-tcl-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64"
        },
        "product_reference": "pidgin-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le"
        },
        "product_reference": "pidgin-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x"
        },
        "product_reference": "pidgin-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64"
        },
        "product_reference": "pidgin-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-2.14.7-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64"
        },
        "product_reference": "pidgin-devel-2.14.7-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-2.14.7-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le"
        },
        "product_reference": "pidgin-devel-2.14.7-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-2.14.7-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x"
        },
        "product_reference": "pidgin-devel-2.14.7-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-2.14.7-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
        },
        "product_reference": "pidgin-devel-2.14.7-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-2927",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-2927"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-2927",
          "url": "https://www.suse.com/security/cve/CVE-2008-2927"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 406416 for CVE-2008-2927",
          "url": "https://bugzilla.suse.com/406416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 503447 for CVE-2008-2927",
          "url": "https://bugzilla.suse.com/503447"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 527100 for CVE-2008-2927",
          "url": "https://bugzilla.suse.com/527100"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2008-2927"
    },
    {
      "cve": "CVE-2008-2955",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-2955"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-2955",
          "url": "https://www.suse.com/security/cve/CVE-2008-2955"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 404163 for CVE-2008-2955",
          "url": "https://bugzilla.suse.com/404163"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 406416 for CVE-2008-2955",
          "url": "https://bugzilla.suse.com/406416"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 503447 for CVE-2008-2955",
          "url": "https://bugzilla.suse.com/503447"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-2955"
    },
    {
      "cve": "CVE-2008-3532",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2008-3532"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2008-3532",
          "url": "https://www.suse.com/security/cve/CVE-2008-3532"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 415679 for CVE-2008-3532",
          "url": "https://bugzilla.suse.com/415679"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2008-3532"
    },
    {
      "cve": "CVE-2017-2640",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2640"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
          "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2640",
          "url": "https://www.suse.com/security/cve/CVE-2017-2640"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028835 for CVE-2017-2640",
          "url": "https://bugzilla.suse.com/1028835"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:finch-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:finch-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-branding-upstream-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-devel-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-lang-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-plugin-sametime-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:libpurple-tcl-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-2.14.7-1.1.x86_64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.aarch64",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.ppc64le",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.s390x",
            "openSUSE Tumbleweed:pidgin-devel-2.14.7-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-2640"
    }
  ]
}

FKIE_CVE-2008-2927

Vulnerability from fkie_nvd - Published: 2008-07-07 23:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c
secalert@redhat.com	http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c
secalert@redhat.com	http://secunia.com/advisories/30971	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31016	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31105	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31387	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/31642	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/32859
secalert@redhat.com	http://secunia.com/advisories/32861
secalert@redhat.com	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1610
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:143
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2009:127
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2008/07/03/6
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2008/07/04/1
secalert@redhat.com	http://www.pidgin.im/news/security/?id=25
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0584.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/493682
secalert@redhat.com	http://www.securityfocus.com/archive/1/495165/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/495818/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/29956
secalert@redhat.com	http://www.securitytracker.com/id?1020451
secalert@redhat.com	http://www.ubuntu.com/usn/USN-675-1
secalert@redhat.com	http://www.ubuntu.com/usn/USN-675-2
secalert@redhat.com	http://www.vupen.com/english/advisories/2008/2032/references	Vendor Advisory
secalert@redhat.com	http://www.zerodayinitiative.com/advisories/ZDI-08-054
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=453764
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/44774
secalert@redhat.com	https://issues.rpath.com/browse/RPL-2647
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972
af854a3a-2127-422b-91ae-364da2661108	http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c
af854a3a-2127-422b-91ae-364da2661108	http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30971	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31016	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31105	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31387	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31642	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32859
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32861
af854a3a-2127-422b-91ae-364da2661108	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1610
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:143
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:127
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2008/07/03/6
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2008/07/04/1
af854a3a-2127-422b-91ae-364da2661108	http://www.pidgin.im/news/security/?id=25
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0584.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/493682
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495165/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/495818/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29956
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020451
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-675-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-675-2
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2032/references	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-08-054
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=453764
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44774
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-2647
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972

Impacted products

Vendor	Product	Version
pidgin	pidgin	*
pidgin	pidgin	2.0.0
pidgin	pidgin	2.0.1
pidgin	pidgin	2.0.2
pidgin	pidgin	2.1.0
pidgin	pidgin	2.1.1
pidgin	pidgin	2.2.0
pidgin	pidgin	2.2.1
pidgin	pidgin	2.2.2
pidgin	pidgin	2.3.0
pidgin	pidgin	2.3.1
pidgin	pidgin	2.4.0
pidgin	pidgin	2.4.1
adium	adium	*
adium	adium	1.0
adium	adium	1.0.1
adium	adium	1.0.2
adium	adium	1.0.3
adium	adium	1.0.4
adium	adium	1.0.5
adium	adium	1.1
adium	adium	1.1.1
adium	adium	1.1.2
adium	adium	1.1.3
adium	adium	1.1.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E488E097-EF23-40A0-AF31-489F318D1405",
              "versionEndIncluding": "2.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBC2EBF3-73A7-4542-8E9C-47A4241A224C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF62072D-4956-4FE6-931E-E6EE9C49F3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6499D8D5-0801-498C-BD4D-508506918CEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CC76CD-FF35-4B3A-9F1E-4E5A65963057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F694A1FC-2F10-48F9-8E8D-C88A8E7397AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D22A117-78BE-4BAC-8A2A-6C00C9E3A4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59E216BC-29E4-4C31-9CF0-DE22C2E84968",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD203F7-B983-4FDD-9837-D68D4F388A4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB90B7CB-1A11-45A8-B0BC-9B2143D84A2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C8E3CBA-2B33-49EF-9105-8DDBB938F519",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "72AA3282-CA7D-438C-A07C-A63392333630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEEFF420-2868-422B-BD22-9A5749C2398F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adium:adium:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A4013B-81F3-4AB0-8AB9-0A473A2AAD45",
              "versionEndIncluding": "1.2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D44D7E-116F-488C-8566-F7EA78C847FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8857D0-14C2-49F6-AE8F-287792895776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56022448-6CEE-4DE9-BC5D-F3F401470257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9D4A6BA-AB30-4EFA-BF5E-9212CBF6B141",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33448B4-31F3-434F-96D4-934D65BF65FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED8C3F99-1E0C-4FDB-8E76-46CF6CBBA7B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B851E0-5D86-4D7F-A1AD-903ADA6A2C52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B6DEA45-1C3C-432E-9746-F1C548C8E8AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE2A0AA-BD45-4A8B-BB3C-D69BFDC7E363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6A1C31-EA56-406F-AE65-10F838E4292B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adium:adium:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7223E59A-FA39-4D8A-A48D-1ACCF0454703",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamiento de enteros en las funciones msn_slplink_process_msg en el manejador de protocolo MSN en los archivos (1) libpurple/protocols/msn/slplink.c y (2) libpurple/protocols/msnp9/slplink.c en Pidgin anterior a versi\u00f3n 2.4.3 y Adium anterior a versi\u00f3n 1.3, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un mensaje SLP malformado con un valor de desplazamiento dise\u00f1ado, una vulnerabilidad diferente de CVE-2008-2955."
    }
  ],
  "id": "CVE-2008-2927",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-07-07T23:41:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30971"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31016"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31105"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31642"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32859"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32861"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1610"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.pidgin.im/news/security/?id=25"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/493682"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/29956"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020451"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-675-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-675-2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2032/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2647"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32859"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1610"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.pidgin.im/news/security/?id=25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/493682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020451"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-675-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-675-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2032/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2008:0584

Vulnerability from csaf_redhat - Published: 2008-07-09 08:32 - Updated: 2025-11-21 17:33

Summary

Red Hat Security Advisory: pidgin security and bug fix update

Notes

Topic

Updated Pidgin packages that fix a security issue and address a bug are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

Pidgin is a multi-protocol Internet Messaging client. An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug: * when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the "The client version you are using is too old", and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated Pidgin packages that fix a security issue and address a bug are now\navailable for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Pidgin is a multi-protocol Internet Messaging client.\n\nAn integer overflow flaw was found in Pidgin\u0027s MSN protocol handler. If a\nuser received a malicious MSN message, it was possible to execute arbitrary\ncode with the permissions of the user running Pidgin. (CVE-2008-2927)\n\nNote: the default Pidgin privacy setting only allows messages from users in\nthe buddy list. This prevents arbitrary MSN users from exploiting this\nflaw.\n\nThis update also addresses the following bug:\n\n* when attempting to connect to the ICQ network, Pidgin would fail to\nconnect, present an alert saying the \"The client version you are using is\ntoo old\", and de-activate the ICQ account. This update restores Pidgin\u0027s\nability to connect to the ICQ network.\n\nAll Pidgin users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2008:0584",
        "url": "https://access.redhat.com/errata/RHSA-2008:0584"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "453634",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453634"
      },
      {
        "category": "external",
        "summary": "453764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
      },
      {
        "category": "external",
        "summary": "453773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453773"
      },
      {
        "category": "external",
        "summary": "453774",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453774"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0584.json"
      }
    ],
    "title": "Red Hat Security Advisory: pidgin security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:33:34+00:00",
      "generator": {
        "date": "2025-11-21T17:33:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2008:0584",
      "initial_release_date": "2008-07-09T08:32:00+00:00",
      "revision_history": [
        {
          "date": "2008-07-09T08:32:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2008-07-09T04:35:26+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:33:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
                  "product_id": "5Server-DPAS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_productivity:5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                  "product_id": "5Client-Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3",
                  "product_id": "3AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3",
                "product": {
                  "name": "Red Hat Desktop version 3",
                  "product_id": "3Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3",
                  "product_id": "3ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3",
                  "product_id": "3WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-devel@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-devel@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "finch-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "finch-devel-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/finch-devel@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-perl@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-perl@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-tcl@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "pidgin-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "pidgin-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "libpurple-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "libpurple-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "finch-0:2.3.1-2.el5_2.x86_64",
                "product": {
                  "name": "finch-0:2.3.1-2.el5_2.x86_64",
                  "product_id": "finch-0:2.3.1-2.el5_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/finch@2.3.1-2.el5_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.x86_64",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.x86_64",
                  "product_id": "pidgin-0:1.5.1-2.el3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el4.x86_64",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el4.x86_64",
                  "product_id": "pidgin-0:1.5.1-2.el4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el4?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-devel-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "pidgin-devel-0:2.3.1-2.el5_2.i386",
                  "product_id": "pidgin-devel-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-devel@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-devel-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "libpurple-devel-0:2.3.1-2.el5_2.i386",
                  "product_id": "libpurple-devel-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-devel@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
                  "product_id": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "finch-devel-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "finch-devel-0:2.3.1-2.el5_2.i386",
                  "product_id": "finch-devel-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/finch-devel@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "pidgin-0:2.3.1-2.el5_2.i386",
                  "product_id": "pidgin-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "libpurple-0:2.3.1-2.el5_2.i386",
                  "product_id": "libpurple-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "finch-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "finch-0:2.3.1-2.el5_2.i386",
                  "product_id": "finch-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/finch@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-perl-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "pidgin-perl-0:2.3.1-2.el5_2.i386",
                  "product_id": "pidgin-perl-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-perl@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-perl-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "libpurple-perl-0:2.3.1-2.el5_2.i386",
                  "product_id": "libpurple-perl-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-perl@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
                "product": {
                  "name": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
                  "product_id": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libpurple-tcl@2.3.1-2.el5_2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.i386",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.i386",
                  "product_id": "pidgin-0:1.5.1-2.el3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el4?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el4.i386",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el4.i386",
                  "product_id": "pidgin-0:1.5.1-2.el4.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el4?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-0:2.3.1-2.el5_2.src",
                "product": {
                  "name": "pidgin-0:2.3.1-2.el5_2.src",
                  "product_id": "pidgin-0:2.3.1-2.el5_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@2.3.1-2.el5_2?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.src",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.src",
                  "product_id": "pidgin-0:1.5.1-2.el3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el4.src",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el4.src",
                  "product_id": "pidgin-0:1.5.1-2.el4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el4?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.ia64",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.ia64",
                  "product_id": "pidgin-0:1.5.1-2.el3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el4?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el4.ia64",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el4.ia64",
                  "product_id": "pidgin-0:1.5.1-2.el4.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el4?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.ppc",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.ppc",
                  "product_id": "pidgin-0:1.5.1-2.el3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el4?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el4.ppc",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el4.ppc",
                  "product_id": "pidgin-0:1.5.1-2.el4.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el4?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.s390x",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.s390x",
                  "product_id": "pidgin-0:1.5.1-2.el3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "pidgin-0:1.5.1-2.el3.s390",
                "product": {
                  "name": "pidgin-0:1.5.1-2.el3.s390",
                  "product_id": "pidgin-0:1.5.1-2.el3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin@1.5.1-2.el3?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
                "product": {
                  "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
                  "product_id": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/pidgin-debuginfo@1.5.1-2.el3?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.src as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.src",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.src as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.src",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.src as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.src",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:pidgin-debuginfo-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.src as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.src",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390x"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-0:1.5.1-2.el4.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-debuginfo-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-0:1.5.1-2.el4.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-0:1.5.1-2.el4.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-debuginfo-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:pidgin-debuginfo-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-0:1.5.1-2.el4.src"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-debuginfo-0:1.5.1-2.el4.i386"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ia64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ppc"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:finch-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:finch-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.src"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.src",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:finch-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:finch-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:finch-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:finch-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-tcl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:libpurple-tcl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-0:2.3.1-2.el5_2.src"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:finch-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:finch-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "finch-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "finch-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.src as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.src"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.src",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-devel-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-devel-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.i386 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.i386"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.i386",
        "relates_to_product_reference": "5Server-DPAS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "pidgin-perl-0:2.3.1-2.el5_2.x86_64 as a component of Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server)",
          "product_id": "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
        },
        "product_reference": "pidgin-perl-0:2.3.1-2.el5_2.x86_64",
        "relates_to_product_reference": "5Server-DPAS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-2927",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2008-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "453764"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "pidgin MSN integer overflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS:pidgin-0:1.5.1-2.el3.i386",
          "3AS:pidgin-0:1.5.1-2.el3.ia64",
          "3AS:pidgin-0:1.5.1-2.el3.ppc",
          "3AS:pidgin-0:1.5.1-2.el3.s390",
          "3AS:pidgin-0:1.5.1-2.el3.s390x",
          "3AS:pidgin-0:1.5.1-2.el3.src",
          "3AS:pidgin-0:1.5.1-2.el3.x86_64",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
          "3AS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
          "3Desktop:pidgin-0:1.5.1-2.el3.i386",
          "3Desktop:pidgin-0:1.5.1-2.el3.ia64",
          "3Desktop:pidgin-0:1.5.1-2.el3.ppc",
          "3Desktop:pidgin-0:1.5.1-2.el3.s390",
          "3Desktop:pidgin-0:1.5.1-2.el3.s390x",
          "3Desktop:pidgin-0:1.5.1-2.el3.src",
          "3Desktop:pidgin-0:1.5.1-2.el3.x86_64",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.i386",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
          "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
          "3ES:pidgin-0:1.5.1-2.el3.i386",
          "3ES:pidgin-0:1.5.1-2.el3.ia64",
          "3ES:pidgin-0:1.5.1-2.el3.ppc",
          "3ES:pidgin-0:1.5.1-2.el3.s390",
          "3ES:pidgin-0:1.5.1-2.el3.s390x",
          "3ES:pidgin-0:1.5.1-2.el3.src",
          "3ES:pidgin-0:1.5.1-2.el3.x86_64",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.i386",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
          "3ES:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
          "3WS:pidgin-0:1.5.1-2.el3.i386",
          "3WS:pidgin-0:1.5.1-2.el3.ia64",
          "3WS:pidgin-0:1.5.1-2.el3.ppc",
          "3WS:pidgin-0:1.5.1-2.el3.s390",
          "3WS:pidgin-0:1.5.1-2.el3.s390x",
          "3WS:pidgin-0:1.5.1-2.el3.src",
          "3WS:pidgin-0:1.5.1-2.el3.x86_64",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
          "3WS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
          "4AS:pidgin-0:1.5.1-2.el4.i386",
          "4AS:pidgin-0:1.5.1-2.el4.ia64",
          "4AS:pidgin-0:1.5.1-2.el4.ppc",
          "4AS:pidgin-0:1.5.1-2.el4.src",
          "4AS:pidgin-0:1.5.1-2.el4.x86_64",
          "4AS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
          "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
          "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
          "4AS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
          "4Desktop:pidgin-0:1.5.1-2.el4.i386",
          "4Desktop:pidgin-0:1.5.1-2.el4.ia64",
          "4Desktop:pidgin-0:1.5.1-2.el4.ppc",
          "4Desktop:pidgin-0:1.5.1-2.el4.src",
          "4Desktop:pidgin-0:1.5.1-2.el4.x86_64",
          "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.i386",
          "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
          "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
          "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
          "4ES:pidgin-0:1.5.1-2.el4.i386",
          "4ES:pidgin-0:1.5.1-2.el4.ia64",
          "4ES:pidgin-0:1.5.1-2.el4.ppc",
          "4ES:pidgin-0:1.5.1-2.el4.src",
          "4ES:pidgin-0:1.5.1-2.el4.x86_64",
          "4ES:pidgin-debuginfo-0:1.5.1-2.el4.i386",
          "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
          "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
          "4ES:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
          "4WS:pidgin-0:1.5.1-2.el4.i386",
          "4WS:pidgin-0:1.5.1-2.el4.ia64",
          "4WS:pidgin-0:1.5.1-2.el4.ppc",
          "4WS:pidgin-0:1.5.1-2.el4.src",
          "4WS:pidgin-0:1.5.1-2.el4.x86_64",
          "4WS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
          "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
          "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
          "4WS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
          "5Client-Workstation:finch-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:finch-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.src",
          "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.i386",
          "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
          "5Client:finch-0:2.3.1-2.el5_2.i386",
          "5Client:finch-0:2.3.1-2.el5_2.x86_64",
          "5Client:finch-devel-0:2.3.1-2.el5_2.i386",
          "5Client:finch-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client:libpurple-0:2.3.1-2.el5_2.i386",
          "5Client:libpurple-0:2.3.1-2.el5_2.x86_64",
          "5Client:libpurple-devel-0:2.3.1-2.el5_2.i386",
          "5Client:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client:libpurple-perl-0:2.3.1-2.el5_2.i386",
          "5Client:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
          "5Client:libpurple-tcl-0:2.3.1-2.el5_2.i386",
          "5Client:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
          "5Client:pidgin-0:2.3.1-2.el5_2.i386",
          "5Client:pidgin-0:2.3.1-2.el5_2.src",
          "5Client:pidgin-0:2.3.1-2.el5_2.x86_64",
          "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
          "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
          "5Client:pidgin-devel-0:2.3.1-2.el5_2.i386",
          "5Client:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
          "5Client:pidgin-perl-0:2.3.1-2.el5_2.i386",
          "5Client:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:finch-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:finch-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.src",
          "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
          "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.i386",
          "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-2927"
        },
        {
          "category": "external",
          "summary": "RHBZ#453764",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-2927",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-2927"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-2927",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2927"
        }
      ],
      "release_date": "2008-07-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2008-07-09T08:32:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
          "product_ids": [
            "3AS:pidgin-0:1.5.1-2.el3.i386",
            "3AS:pidgin-0:1.5.1-2.el3.ia64",
            "3AS:pidgin-0:1.5.1-2.el3.ppc",
            "3AS:pidgin-0:1.5.1-2.el3.s390",
            "3AS:pidgin-0:1.5.1-2.el3.s390x",
            "3AS:pidgin-0:1.5.1-2.el3.src",
            "3AS:pidgin-0:1.5.1-2.el3.x86_64",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3Desktop:pidgin-0:1.5.1-2.el3.i386",
            "3Desktop:pidgin-0:1.5.1-2.el3.ia64",
            "3Desktop:pidgin-0:1.5.1-2.el3.ppc",
            "3Desktop:pidgin-0:1.5.1-2.el3.s390",
            "3Desktop:pidgin-0:1.5.1-2.el3.s390x",
            "3Desktop:pidgin-0:1.5.1-2.el3.src",
            "3Desktop:pidgin-0:1.5.1-2.el3.x86_64",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3ES:pidgin-0:1.5.1-2.el3.i386",
            "3ES:pidgin-0:1.5.1-2.el3.ia64",
            "3ES:pidgin-0:1.5.1-2.el3.ppc",
            "3ES:pidgin-0:1.5.1-2.el3.s390",
            "3ES:pidgin-0:1.5.1-2.el3.s390x",
            "3ES:pidgin-0:1.5.1-2.el3.src",
            "3ES:pidgin-0:1.5.1-2.el3.x86_64",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3WS:pidgin-0:1.5.1-2.el3.i386",
            "3WS:pidgin-0:1.5.1-2.el3.ia64",
            "3WS:pidgin-0:1.5.1-2.el3.ppc",
            "3WS:pidgin-0:1.5.1-2.el3.s390",
            "3WS:pidgin-0:1.5.1-2.el3.s390x",
            "3WS:pidgin-0:1.5.1-2.el3.src",
            "3WS:pidgin-0:1.5.1-2.el3.x86_64",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "4AS:pidgin-0:1.5.1-2.el4.i386",
            "4AS:pidgin-0:1.5.1-2.el4.ia64",
            "4AS:pidgin-0:1.5.1-2.el4.ppc",
            "4AS:pidgin-0:1.5.1-2.el4.src",
            "4AS:pidgin-0:1.5.1-2.el4.x86_64",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4Desktop:pidgin-0:1.5.1-2.el4.i386",
            "4Desktop:pidgin-0:1.5.1-2.el4.ia64",
            "4Desktop:pidgin-0:1.5.1-2.el4.ppc",
            "4Desktop:pidgin-0:1.5.1-2.el4.src",
            "4Desktop:pidgin-0:1.5.1-2.el4.x86_64",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4ES:pidgin-0:1.5.1-2.el4.i386",
            "4ES:pidgin-0:1.5.1-2.el4.ia64",
            "4ES:pidgin-0:1.5.1-2.el4.ppc",
            "4ES:pidgin-0:1.5.1-2.el4.src",
            "4ES:pidgin-0:1.5.1-2.el4.x86_64",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4WS:pidgin-0:1.5.1-2.el4.i386",
            "4WS:pidgin-0:1.5.1-2.el4.ia64",
            "4WS:pidgin-0:1.5.1-2.el4.ppc",
            "4WS:pidgin-0:1.5.1-2.el4.src",
            "4WS:pidgin-0:1.5.1-2.el4.x86_64",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "5Client-Workstation:finch-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:finch-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.src",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client:finch-0:2.3.1-2.el5_2.i386",
            "5Client:finch-0:2.3.1-2.el5_2.x86_64",
            "5Client:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Client:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-0:2.3.1-2.el5_2.src",
            "5Client:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:finch-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:finch-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.src",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2008:0584"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "3AS:pidgin-0:1.5.1-2.el3.i386",
            "3AS:pidgin-0:1.5.1-2.el3.ia64",
            "3AS:pidgin-0:1.5.1-2.el3.ppc",
            "3AS:pidgin-0:1.5.1-2.el3.s390",
            "3AS:pidgin-0:1.5.1-2.el3.s390x",
            "3AS:pidgin-0:1.5.1-2.el3.src",
            "3AS:pidgin-0:1.5.1-2.el3.x86_64",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3AS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3Desktop:pidgin-0:1.5.1-2.el3.i386",
            "3Desktop:pidgin-0:1.5.1-2.el3.ia64",
            "3Desktop:pidgin-0:1.5.1-2.el3.ppc",
            "3Desktop:pidgin-0:1.5.1-2.el3.s390",
            "3Desktop:pidgin-0:1.5.1-2.el3.s390x",
            "3Desktop:pidgin-0:1.5.1-2.el3.src",
            "3Desktop:pidgin-0:1.5.1-2.el3.x86_64",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3Desktop:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3ES:pidgin-0:1.5.1-2.el3.i386",
            "3ES:pidgin-0:1.5.1-2.el3.ia64",
            "3ES:pidgin-0:1.5.1-2.el3.ppc",
            "3ES:pidgin-0:1.5.1-2.el3.s390",
            "3ES:pidgin-0:1.5.1-2.el3.s390x",
            "3ES:pidgin-0:1.5.1-2.el3.src",
            "3ES:pidgin-0:1.5.1-2.el3.x86_64",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3ES:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "3WS:pidgin-0:1.5.1-2.el3.i386",
            "3WS:pidgin-0:1.5.1-2.el3.ia64",
            "3WS:pidgin-0:1.5.1-2.el3.ppc",
            "3WS:pidgin-0:1.5.1-2.el3.s390",
            "3WS:pidgin-0:1.5.1-2.el3.s390x",
            "3WS:pidgin-0:1.5.1-2.el3.src",
            "3WS:pidgin-0:1.5.1-2.el3.x86_64",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.i386",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ia64",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.ppc",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.s390x",
            "3WS:pidgin-debuginfo-0:1.5.1-2.el3.x86_64",
            "4AS:pidgin-0:1.5.1-2.el4.i386",
            "4AS:pidgin-0:1.5.1-2.el4.ia64",
            "4AS:pidgin-0:1.5.1-2.el4.ppc",
            "4AS:pidgin-0:1.5.1-2.el4.src",
            "4AS:pidgin-0:1.5.1-2.el4.x86_64",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4AS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4Desktop:pidgin-0:1.5.1-2.el4.i386",
            "4Desktop:pidgin-0:1.5.1-2.el4.ia64",
            "4Desktop:pidgin-0:1.5.1-2.el4.ppc",
            "4Desktop:pidgin-0:1.5.1-2.el4.src",
            "4Desktop:pidgin-0:1.5.1-2.el4.x86_64",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4Desktop:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4ES:pidgin-0:1.5.1-2.el4.i386",
            "4ES:pidgin-0:1.5.1-2.el4.ia64",
            "4ES:pidgin-0:1.5.1-2.el4.ppc",
            "4ES:pidgin-0:1.5.1-2.el4.src",
            "4ES:pidgin-0:1.5.1-2.el4.x86_64",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4ES:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "4WS:pidgin-0:1.5.1-2.el4.i386",
            "4WS:pidgin-0:1.5.1-2.el4.ia64",
            "4WS:pidgin-0:1.5.1-2.el4.ppc",
            "4WS:pidgin-0:1.5.1-2.el4.src",
            "4WS:pidgin-0:1.5.1-2.el4.x86_64",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.i386",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ia64",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.ppc",
            "4WS:pidgin-debuginfo-0:1.5.1-2.el4.x86_64",
            "5Client-Workstation:finch-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:finch-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.src",
            "5Client-Workstation:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Client-Workstation:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client:finch-0:2.3.1-2.el5_2.i386",
            "5Client:finch-0:2.3.1-2.el5_2.x86_64",
            "5Client:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Client:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Client:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Client:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-0:2.3.1-2.el5_2.src",
            "5Client:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Client:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Client:pidgin-perl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:finch-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:finch-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:finch-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-perl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:libpurple-tcl-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.src",
            "5Server-DPAS:pidgin-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-debuginfo-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-devel-0:2.3.1-2.el5_2.x86_64",
            "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.i386",
            "5Server-DPAS:pidgin-perl-0:2.3.1-2.el5_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "pidgin MSN integer overflow"
    }
  ]
}

GHSA-XGWJ-QM2P-HCPC

Vulnerability from github – Published: 2022-05-01 23:54 – Updated: 2022-05-01 23:54

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2927"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-07-07T23:41:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.",
  "id": "GHSA-xgwj-qm2p-hcpc",
  "modified": "2022-05-01T23:54:57Z",
  "published": "2022-05-01T23:54:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2927"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2008:0584"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2008-2927"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453764"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44774"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-2647"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972"
    },
    {
      "type": "WEB",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c"
    },
    {
      "type": "WEB",
      "url": "http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30971"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31016"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31105"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31387"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31642"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32859"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32861"
    },
    {
      "type": "WEB",
      "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1610"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:143"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:127"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/03/6"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2008/07/04/1"
    },
    {
      "type": "WEB",
      "url": "http://www.pidgin.im/news/security/?id=25"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0584.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/493682"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495165/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/495818/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29956"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020451"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-675-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-675-2"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/2032/references"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-054"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2927 (GCVE-0-2008-2927)

GSD-2008-2927

OPENSUSE-SU-2024:11172-1

FKIE_CVE-2008-2927

RHSA-2008:0584

GHSA-XGWJ-QM2P-HCPC

Tags

Sightings

Nomenclature