changeset 31342:f9cd24db04dd

ChangeLog the security fix and credit Marius. Although he didn't directly provide a patch, his suggestions and review were helpful in deriving the final fix for the problem.
author John Bailey <rekkanoryo@rekkanoryo.org>
date Fri, 11 Mar 2011 02:03:45 +0000
parents d88f3153170b
children 5c2c42cbb811
files COPYRIGHT ChangeLog
diffstat 2 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/COPYRIGHT	Fri Mar 11 02:00:15 2011 +0000
+++ b/COPYRIGHT	Fri Mar 11 02:03:45 2011 +0000
@@ -553,6 +553,7 @@
 Jorge VillaseƱor (Masca)
 Bjoern Voigt
 Peter Volkov
+Marius Wachtler
 Wan Hing Wah
 Philip Walford
 Nathan Walp
--- a/ChangeLog	Fri Mar 11 02:00:15 2011 +0000
+++ b/ChangeLog	Fri Mar 11 02:03:45 2011 +0000
@@ -37,6 +37,11 @@
 	  room (not currently supported by Pidgin and Finch).  (Thijs Alkemade)
 	  (#10986, #a14219)
 
+	Yahoo!/Yahoo! JAPAN:
+	* Fix CVE-2011-1091, denials of service caused by NULL pointer
+	  dereferences due to improper handling of malformed YMSG packets.  Thanks
+	  to Marius Wachtler for reporting this and reviewing the fix!
+
 version 2.7.10 (02/06/2011):
 	General:
 	* Force video sources to all have the same capabilities.  This reduces the