Security update for pidgin-otr

Announcement ID:	SUSE-SU-2016:0912-1
Rating:	important
References:	bsc#970498
Cross-References:	CVE-2015-8833
CVSS scores:
Affected Products:	SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1

An update that solves one vulnerability can now be installed.

Description:

This update for pidgin-otr fixes the following issues:

CVE-2015-8833: A heap based use-after-free issue was fixed in pidgin-otr that could lead to crashes or potential code execution.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Desktop 12 SP1
zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-523=1
SUSE Linux Enterprise Desktop 12
zypper in -t patch SUSE-SLE-DESKTOP-12-2016-523=1
SUSE Linux Enterprise Workstation Extension 12 SP1
zypper in -t patch SUSE-SLE-WE-12-SP1-2016-523=1
SUSE Linux Enterprise Workstation Extension 12
zypper in -t patch SUSE-SLE-WE-12-2016-523=1

Package List:

SUSE Linux Enterprise Desktop 12 SP1 (x86_64)
- pidgin-otr-debugsource-4.0.0-8.1
- pidgin-otr-debuginfo-4.0.0-8.1
- pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Desktop 12 (x86_64)
- pidgin-otr-debugsource-4.0.0-8.1
- pidgin-otr-debuginfo-4.0.0-8.1
- pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12 SP1 (x86_64)
- pidgin-otr-debugsource-4.0.0-8.1
- pidgin-otr-debuginfo-4.0.0-8.1
- pidgin-otr-4.0.0-8.1
SUSE Linux Enterprise Workstation Extension 12 (x86_64)
- pidgin-otr-debugsource-4.0.0-8.1
- pidgin-otr-debuginfo-4.0.0-8.1
- pidgin-otr-4.0.0-8.1

Security update for pidgin-otr

Description:

Patch Instructions:

Package List:

References: