{"affected":[{"ecosystem_specific":{"binaries":[{"finch":"2.6.6-0.29.1","finch-devel":"2.6.6-0.29.1","libpurple":"2.6.6-0.29.1","libpurple-devel":"2.6.6-0.29.1","libpurple-lang":"2.6.6-0.29.1","pidgin":"2.6.6-0.29.1","pidgin-devel":"2.6.6-0.29.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 11 SP4","name":"pidgin","purl":"pkg:rpm/suse/pidgin&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6.6-0.29.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"\nThis update for pidgin fixes the following issues:\n\nSecurity issues fixed:\n- CVE-2016-2367: Fixed a MXIT Avatar Length Memory Disclosure Vulnerability (bsc#991715).\n- CVE-2016-2370: Fixed a MXIT Custom Resource Denial of Service Vulnerability (bsc#991712).\n- CVE-2016-2371: Fixed a MXIT Extended Profiles Code Execution Vulnerability (bsc#991691).\n- CVE-2016-2372: Fixed a MXIT File Transfer Length Memory Disclosure Vulnerability (bsc#991711).\n- CVE-2016-2373: Fixed a MXIT Contact Mood Denial of Service Vulnerability (bsc#991709)\n","id":"SUSE-SU-2016:2416-1","modified":"2016-09-29T13:16:31Z","published":"2016-09-29T13:16:31Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20162416-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/991691"},{"type":"REPORT","url":"https://bugzilla.suse.com/991709"},{"type":"REPORT","url":"https://bugzilla.suse.com/991711"},{"type":"REPORT","url":"https://bugzilla.suse.com/991712"},{"type":"REPORT","url":"https://bugzilla.suse.com/991715"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2367"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2370"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2371"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2372"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-2373"}],"related":["CVE-2016-2367","CVE-2016-2370","CVE-2016-2371","CVE-2016-2372","CVE-2016-2373"],"summary":"Security update for pidgin","upstream":["CVE-2016-2367","CVE-2016-2370","CVE-2016-2371","CVE-2016-2372","CVE-2016-2373"]}