{"id":"RHSA-2017:1854","summary":"Red Hat Security Advisory: pidgin security, bug fix, and enhancement update","modified":"2025-11-22T11:21:27Z","published":"2024-09-15T23:55:18Z","upstream":["CVE-2014-3694","CVE-2014-3695","CVE-2014-3696","CVE-2014-3698","CVE-2017-2640"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1854"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1154908"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1154909"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1154910"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1154911"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369526"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1430019"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1439296"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1445921"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1446368"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1854.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2014-3694"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2014-3694"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3694"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2014-3695"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2014-3695"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3695"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2014-3696"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2014-3696"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3696"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2014-3698"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2014-3698"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3698"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-2640"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-2640"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-2640"}],"affected":[{"package":{"name":"finch","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/finch"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"finch-devel","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/finch-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libpurple"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-devel","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libpurple-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-perl","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libpurple-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-tcl","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/libpurple-tcl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/pidgin"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/pidgin-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-devel","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/pidgin-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-perl","ecosystem":"Red Hat:enterprise_linux:7::client","purl":"pkg:rpm/redhat/pidgin-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"finch","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/finch"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"finch-devel","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/finch-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libpurple"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-devel","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libpurple-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-perl","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libpurple-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-tcl","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/libpurple-tcl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/pidgin"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/pidgin-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-devel","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/pidgin-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-perl","ecosystem":"Red Hat:enterprise_linux:7::server","purl":"pkg:rpm/redhat/pidgin-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"finch","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/finch"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"finch-devel","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/finch-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libpurple"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-devel","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libpurple-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-perl","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libpurple-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"libpurple-tcl","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/libpurple-tcl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/pidgin"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-debuginfo","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/pidgin-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-devel","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/pidgin-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}},{"package":{"name":"pidgin-perl","ecosystem":"Red Hat:enterprise_linux:7::workstation","purl":"pkg:rpm/redhat/pidgin-perl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.11-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:1854.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}