SUSE-SU-2026:2967-1: moderate: Security update for libgnt, meson, pidgin
SLE-UPDATES
null at suse.de
Tue Jul 14 16:39:58 UTC 2026
# Security update for libgnt, meson, pidgin
Announcement ID: SUSE-SU-2026:2967-1
Release Date: 2026-07-14T11:11:18Z
Rating: moderate
References:
* bsc#1057701
* bsc#1062785
* bsc#1068818
* bsc#1125736
* bsc#1184786
* bsc#1191780
* bsc#1260058
* jsc#SLE-21105
Cross-References:
* CVE-2019-25544
CVSS scores:
* CVE-2019-25544 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2019-25544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-25544 ( NVD ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2019-25544 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2019-25544 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server 12 SP5 LTSS
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
* SUSE Linux Enterprise Server for SAP Applications 12 SP5
An update that solves one vulnerability, contains one feature and has six
security fixes can now be installed.
## Description:
This update for libgnt, meson, pidgin fixes the following issues
Security issue:
* CVE-2019-25544: denial of service vulnerability that allows local attackers
to crash the application by providing an excessively long username string
during account creation (bsc#1260058).
Non security issues:
Changes for meson:
* Update to version 0.46.0.
* Require python2-devel for the testsuite (bsc#1125736)
* Update to version 0.45.0:
* Config-Tool based dependencies can be specified in a cross file.
* Visual Studio C# compiler support.
* Removed two deprecated features:
* Generator outputs can preserve directory structure.
* Hexadecimal string literals.
* install_data()`defaults to``.}/{projectname
* install_subdir() supports strip_directory.
* Integer options.
* New method meson.project_license().
* Rust cross-compilation.
* Rust compiler-private library disambiguation.
* Project templates.
* Improve test setup selection.
* Yielding subproject option to superproject.
* Update to version 0.44.1:
* Support running out-of-tree tests against a meson in PATH.
* Don't add rpaths to system libraries.
* Fix meson location detection from other meson tools.
* Various boost, pkg-config and vala related fixes.
* Update to version 0.44.0:
* New features:
* Added warning function.
* Adds support for additional Qt5-Module keyword moc_extra_arguments.
* Prefix-dependent defaults for sysconfdir, localstatedir and sharedstatedir.
* An array type for user options.
* LLVM dependency supports both dynamic and static linking.
* Added if_found to subdir.
* get_unquoted() method for the configuration data object.
* Added disabler object.
* Config-Tool based dependencies gained a method to get arbitrary options.
* Disable tests for static llvm: we don't ship the static libs.
* Add cmake(Qt5LinguistTools), libwmf-devel BuildRequires and zlib-devel-
static: new dependencies for various tests.
* Require python3-xml: mesonbuild/modules/qt5.py imports the xml module
(bsc#1068818).
* Update to version 0.43.0:
* Generator learned capture: Generators can now be configured to capture the
standard output.
* Can index CustomTarget objects: The CustomTarget object can now be indexed
like an array. The resulting object can be used as a source file for other
Targets, this will create a dependency on the original CustomTarget, but
will only insert the generated file corresponding to the index value of the
CustomTarget's output keyword.
* The cross file can now be used for overriding the result of find_program.
Then issuing the command find_program('objdump') will return the version
specified in the cross file.
* Easier handling of supported compiler arguments.
* Better support for shared libraries in non-system paths: This release adds
feature parity to shared libraries that are either in non-standard system
paths or shipped as part of your project. On systems that support rpath,
Meson automatically adds rpath entries to built targets using manually found
external libraries.
* The Wrap dependency system now supports Subversion (svn). This support is
rudimentary. The repository url has to point to a specific (sub)directory
containing the meson.build file (typically trunk/). However, providing a
revision is supported.
* Don't use obsolete boost-devel for openSUSE Leap 15.0 and newer
(bsc#1062785).
* Update to version 0.42.1.
* Tumbleweed meson 0.42.0-1.1fails for clang++ projects (bsc#1057701).
* Update to version 0.42.0:
* Distribution tarballs from Mercurial repositories. Creating distribution
tarballs can now be made out of projects based on Mercurial. As before, this
remains possible only with the Ninja backend.
* Keyword argument verification. Meson will now check the keyword arguments
used when calling any function and print a warning if any of the keyword
arguments is not known. In the future this will become a hard error.
* Add support for Genie to Vala compiler. The Vala compiler has an alternative
syntax, Genie, that uses the .gs file extension. Meson now recognises and
uses Genie files.
* Pkgconfig support for additional cflags. The Pkgconfig module object can add
arbitrary extra cflags to the Cflags value in the .pc file, using the
"extra_cflags" keyword.
* Base options accessible via get_option(). Base options are now accessible
via the get_option() function.
* Allow crate type configuration for Rust compiler. Rust targets now take an
optional rust_crate_type keyword, allowing you to set the crate type of the
resulting artifact. Valid crate types are dylib or cdylib for shared
libraries, and rlib or staticlib for static libraries. For more, see Rust's
linkage reference.
* Simultaneous use of Address- and Undefined Behavior Sanitizers. Both the
address- and undefined behavior sanitizers can now be used simultaneously by
passing -Db_sanitize=address,undefined to Meson.
* Unstable SIMD module. A new experimental module to compile code with many
different SIMD instruction sets and selecting the best one at runtime. This
module is unstable, meaning it's API is subject to change in later releases.
It might also be removed altogether.
* Import libraries for executables on Windows. The new keyword implib to
executable() allows generation of an import library for the executable.
* Added build_rpath keyword argument. You can specify build_rpath: '/foo/bar'
in build targets and the given path will get added to the target's rpath in
the build tree. It is removed during the install step.
* Meson will print a warning when the user tries to add an rpath linker flag
manually, e.g. via link_args to a target. This is not recommended because
having multiple rpath causes them to stomp on each other. This warning will
become a hard error in some future release.
* Vulkan dependency module. Vulkan can now be used as native dependency. The
dependency module will detect the VULKAN_SDK environment variable or
otherwise try to receive the vulkan library and header via pkgconfig or from
the system.
* Limiting the maximum number of linker processes. With the Ninja backend it
is now possible to limit the maximum number of concurrent linker processes.
This is usually only needed for projects that have many large link steps
that cause the system to run out of memory if they are run in parallel. This
limit can be set with the new backend_max_links option.
* Disable implicit include directories. By default Meson adds the current
source and build directories to the header search path. On some rare
occasions this is not desired. Setting the implicit_include_directories
keyword argument to false these directories are not used.
* Support for MPI dependency. MPI is now supported as a dependency. Because
dependencies are language-specific, you must specify the requested language
with the language keyword, i.e., dependency('mpi', language='c') will
request the C MPI headers and libraries. See the MPI dependency for more
information.
* Allow excluding files or directories from install_subdir. The install_subdir
command accepts the new exclude_files and exclude_directories keyword
arguments that allow specified files or directories to be excluded from the
installed subdirectory.
* Make all Meson functionality invokable via the main executable. Previously
Meson had multiple executables such as mesonintrospect and mesontest. They
are now invokable via the main Meson executable like this: meson configure
<arguments> # equivalent to mesonconf <options> meson test <arguments> #
equivalent to mesontest <arguments> The old commands are still available but
they are deprecated and will be removed in some future release.
* Pcap dependency detector. Meson will automatically obtain dependency
information for pcap using the pcap-config tool. It is used like any other
dependency.
* GNOME module mkenums_simple() addition. Most libraries and applications use
the same standard templates for glib-mkenums. There is now a new
mkenums_simple() convenience method that passes those default templates to
glib-mkenums and allows some tweaks such as optional function decorators or
leading underscores.
* Update to version 0.41.2:
* Various gtkdoc fixes.
* Fix how rpath directories are handled.
* pkgconfig: avoid appending slash at Cflags.
* Fix a missing path issue causing Python traceback.
* Qt4 support.
* Skip handling non-available dependencies.
* vala: Only add --use-header for unity builds regression.
* Tag functions in asm properly.
* Update to version 0.41.1:
* wxwidgets: Fix usage of multiple dependency() calls.
* Make external library no-op when used with incompatible target
(gh#mesonbuild/meson#1941).
* Failing test for -D dedupping.
* Preserve standalone -D arguments always.
* Handle both pkg-config and pkgconf argument order
(gh#mesonbuild/meson#1934).
* Update to version 0.41.0:
* Native support for linking against LLVM using the dependency function.
* Pkgconfig support for custom variables.
* A target for creating tarballs using 'ninja dist'.
* Support for passing arguments to Rust compiler.
* All known issues regarding reproducible builds are fixed.
* Extended template substitution in configure_file for @BASENAME@ and
@PLAINNAME@ .
* Support for capturing stdout of a command in configure_file.
* Update to version 0.40.1:
* Outputs of generators can be used in custom targets in the VS
* Visual Studio 2017 support.
* Automatic initialization of subprojects that are git submodules.
* No download mode for wraps.
* Overriding options per target.
* Compiler object get define.
* Cygwin support.
* Multiple install directories.
* Can specify method of obtaining dependencies.
* Link whole contents of static libraries.
* Unity builds only for subprojects.
* Running mesonintrospect from scripts.
* Update to version 0.39.1:
* Allow specifying extra arguments for tests.
* Bug fixes and minor polishes.
* Update to version 0.38.1:
* New Uninstall target.
* Support for arbitrary test setups.
* Intel C/C++ compiler support.
* Get values from configuration data objects.
* Python 3 module support simplified.
* Default options to subprojects.
* Set targets to be built (or not) by default.
* Add option to mesonconf to wipe cached data.
* Can specify file permissions and owner when installing data.
* has_header() checks are now faster.
* Array indexing now supports fallback values.
* Silent mode for Mesontest.
* Update to version 0.37.1.
* Update to version 0.37.0:
* Mesontest: a new testing tool that allows you to run your tests in many
different ways.
* New shared_module function allows shared modules creation.
* GNOME module now detects required programs and prints useful errors if any
are missing.
* GNOME module uses depfile support available in GLib >= 2.52.0.
* i18n module has a new merge_file() function for creating translated files.
* LLVM IR compilation is now supported.
* .wrap files for subprojects can now include a separate push URL to allow
developers to push changes directly from a subproject git checkout.
* Multiple version restrictions while searching for pkg-config dependencies is
now supported.
* Support for localstatedir has been added.
* You can now pass arguments to install scripts added with
meson.add_install_script().
* Added new options sbindir and infodir that can be used for installation.
* Update to version 0.36.0:
* Add option to run under gdb.
* Always specify installed data with a File object (gh#mesonbuild/meson#858).
* Made has_function survive optimization flags (gh#mesonbuild/meson#1053).
* Can give many alternative names to find_program to simplify searching.
* Can set compiler arguments in Java.
* Changes from version 0.34.0:
* Correctly install .typelib files to libdir.
* Add option for as-needed link option.
* Print the CFLAGS/LDFLAGS/etc inherited from the environment.
* Only append compile flags to the link flags when appropriate.
* Update to version 0.32.0.
* Update to version 0.31.0.
* Update to 0.29.0.
* Update to 0.28.0.
* Update to 0.27.0.
* Update to 0.26.0.
Changes for libgnt:
* update to 2.14.3:
* Added an option to disable python2 support.
* Add an option to disable building the docs.
* Fix a SEGFAULT in gnt_combo_box_get_dropdown.
* Fix an invalid read/write when hiding widgets
* Look for python-2.7.pc as well as python2.pc
* Bump the minimum meson version from 0.37.0 to 0.41.0
* Fix a buffer size in gntwm.c
Changes for pidgin:
* Update to version 2.14.8:
* Fix a regression in purple_str_to_time
* Update to version 2.14.7:
* Fix leak in purple_markup_find_tag on error
* Fix an assert in purple_markup_html_to_xhtml
* Correctly free parse tags at end of purple_html_to_xhtml
* Fix leak that may occur when xmlnode_from_str fails
* Port purple_str_to_time to use a regular expressions
* Update to version 2.14.6:
* Update references to point to our current websites.
* Add a donate link to the help menu. Finch:
* Check pkg-config for ncurses before looking for it manually. Pidgin:
* Replace newlines in topics with spaces. libpurple:
* Added support for the no_proxy environment variable.
* Added infrastructure for fuzzing as well as some initial fuzzers.
* Fix an out of bounds write in purple_markup_linkify. XMPP:
* Enable session management after binding a resource. Zephyr:
* Fix a clang logical-not-parentheses warning.
* Update to version 2.14.5:
* static code analysis fixes
* Disable UPnP and NAT-PMP by default for new user
* IRC: Change the default server to irc.libera.chat
* Update to version 2.14.4:
* Use LT_LIB_M to find the math library. This should simplify things for
various distros including the BSD's. (RR #608) (and, Justin Lechner)
* Update purple-remote and purple-url-handler to have a Python 3 shebang.
* Install our AppData file into the $prefix/share/metainfo. Windows-Specific
Changes:
* Output pkg-config files so that our Windows builds can be seen by meson.
Grim owes a blog post on how this works.
* Update the debug symbols download in the installer to the inetc plugin.
* Make sure the uninstaller removes all files that we install.
* Removed the AIM protocol plugin. AIM has been shut down since December 15th
of 2017. We left it around because of a third party server, but our plugin
no longer works with it. (RR #598) (Gary Kramlich)
* Standardize on wprintf in pidgin/win32/winpidgin.c
* Use the inetc nsis plugin that supports https
* If building under msys2 copy libgcc_s_dw2-1.dll and libwinpthread to the
install directory. (RR #593) (PIDGIN-17511) (Gary Kramlich)
* Fix a build issue when compiling with gstreamer but without voice and video.
* Enable cyrus-sasl by default.
* Fix an issue with opening link in Firefox.
* Fix a regression from 2.14.0 where extra whitespace would be displayed when
pasting <p> elements from HTML.
* Require Python 3 for generating the D-Bus bindings.
* Fix an issue where pasting <hr>'s and other HTML elements would eventually
lead to a crash.
* Update to version 2.14.1:
* Fix an issue that caused the Mercurial revision in the About box to be
"unknown".
* Update to version 2.14.0:
General: \+ Fixed a memory leak in search results (pidgin.im#17292). \+ Support
SNI with GnuTLS (pidgin.im#17300 tiagosalem). \+ Add additional error handling
to NSS and GnuTLS. \+ libpurple: \+ Add invisible buddy support to support
presence/name/photos for non-buddies (pidgin.im#17295). \+ Make purple-remote
compatible with both Python 2 and Python 3. \+ Fix some leaky deprecation
warnings. \+ Fix HTML logs which were writing invalid HTML (pidgin.im#17280). \+
Fix use after free in purple_smiley_set_data_impl. \+ Added the chat_send_file
ability to protocol plugins. Pidgin: \+ Treat <p> tags as line breaks when
pasting. \+ Reverted pidgin.im#17232. It caused more harm than good. Bonjour: \+
Always use port fallback for IPv4 addresses. \+ XMPP: \+ Support for XEP-0198
Stream Management. \+ Decrease delay for file transfer using streamhosts. \+
Voice & Video: \+ Improve webcam failure handling. \+ Show error when creating
media pipeline fails. \+ Clip audio level reporting (pidgin.im#14426). \+ Keep
track of devices managed by GstDeviceMonitor. \+ Ignore PulseAudio monitors. \+
Backport native Voice & Video prefs from 3.0. \+ Fix building against GStreamer
0.10. \+ Fix initial delay on incoming audio. \+ Properly cleanup timeouts. \+
Add an audio mixer so mixed sources don't cause a pipe failure. \+ Add screen
share support for Wayland via XDP Portal. \+ Handle unplug and replug events of
selected media device.
* Update to version 2.13.0:
* Unified string comparison.
* Properlly shell escape URI's when opening them.
* Fix a one byte buffer overread in function purple_markup_linkify.
* Fix an issue were utf8 was incorrectly truncated which could lead to crashes
as we were potentially feeding garbage into glib/gtk. libgnt:
* Partially fix building against curses 6.0 with opaque structs set
(pidgin.im#16764).
* Fix a crash when resizing the window (pidgin.im#16680).
* Fix a bashism in autotools (pidgin.im#16836).
* Show XEP-0066 OOB URLs in any message, not just headlines.
* Fix a user after free (pidgin.im#17200).
* Remove pipelining from BOSH connections (pidgin.im#17025).
* Don't try to TLS already secured BOSH connections (pidgin.im#17270). IRC:
* Fix "Registration timeout" on SASL auth with InspIRCd servers (and possibly
others not based on charybdis/ratbox/ircd-seven).
* Fix issues with plugins that modify outgoing messages (such as the custom
PART/QUIT feature of the IRC More plugin).
* Fix IRC buffer handling (pidgin.im#12562).
* Properly handle AUTHENTICATE as a normal command with server prefix.
* Fix a crash caused by a use after free of the MOTD.
* Fix an out of bounds read in irc_nick_skip_mode.
* Fix a write of a single byte before the start of a buffer in irc_parse_ctcp.
* Better support for dark themes (pidgin.im#12572).
* Fix IPv6 links by not escaping []'s. (pidgin.im#16391).
* Only write buddy icons to the cache if they're not already cached.
* Rejoin persistent chats after reconnect (pidgin.im#15687).
* Make the WIN32 Transparency plugin work on all platforms (pidgin.im#3124).
* Ensure search results buttons are labelled.
* Fix matching unicode emoticons (pidgin.im#17232).
* Correctly update mute/unmute status when the remote side mutes/unmutes us
(pidgin.im#17273).
* Rework the status icon blinking to not use deprecated API (pidgin.im#17174).
* Do not allow adding a buddy to protocols that don't have an add_buddy
callback.
* Finch:
* Fix handling of search results (pidgin.im#17238).
* Port backend-fs to newer api for farstream relay-info property
(pidgin.im#17274).
* Add purple-import-empathy Recommends for SLE15 (FATE#322984).
* Remove obsolete translation-update-upstream support (jsc#SLE-21105).
* Extract libpurple.so._and libpurple-client.so._ to own packages
(bsc#1191780).
* don't package directories owned by filesystem rpm (bsc#1184786)
* Drop support for openSUSE older than Leap 15.0.
* No longer recommend -lang: supplements are in use
* Drop pkgconfig(NetworkManager) BuildRequires and Requires: this legacy
symbol is no longer maintained and pidgin is not yet ready to move to libnm.
As a side-effect, we no longer depend on NM for all situations, even if the
system were to run wicked.
* Replace --enable-nm configure parameter with --disable-nm.
* Instead of removing the libjabber.so, liboscar.so symlinks, move them to the
devel package.
* Export PYTHON=python3 in %build.
* Adjust scripts to invoke python3, not python2.
* Drop support for SLE 11 and openSUSE older than 42.x.
* Correct the licence to GPL-2.0.
* Explicitly require python2
* Drop dependency over silc-toolkit-devel as we want to remove it from the
distribution
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Server 12 SP5 LTSS
zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2967=1
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2967=1
## Package List:
* SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* farstream-devel-0.2.8-5.2.4
* libnice-debugsource-0.1.13-7.2.3
* libfarstream-0_2-5-0.2.8-5.2.4
* libgnt-devel-2.14.3-4.3.8
* gstreamer-plugins-farstream-0.2.8-5.2.4
* libgupnp-1_0-4-0.20.18-8.5.2
* libpurple-debuginfo-2.14.8-3.9.3
* libpurple-client0-debuginfo-2.14.8-3.9.3
* libnice-devel-0.1.13-7.2.3
* libgupnp-devel-0.20.18-8.5.2
* libpurple-tcl-debuginfo-2.14.8-3.9.3
* libgnt-debugsource-2.14.3-4.3.8
* gssdp-debugsource-0.14.16-7.2.1
* finch-devel-2.14.8-3.9.3
* libnice-debuginfo-0.1.13-7.2.3
* libgupnp-igd-devel-0.2.4-6.2.2
* libgssdp-1_0-3-debuginfo-0.14.16-7.2.1
* farstream-debugsource-0.2.8-5.2.4
* typelib-1_0-Farstream-0_2-0.2.8-5.2.4
* libgupnp-1_0-4-debuginfo-0.20.18-8.5.2
* finch-debuginfo-2.14.8-3.9.3
* libpurple0-2.14.8-3.9.3
* finch-2.14.8-3.9.3
* gupnp-debugsource-0.20.18-8.5.2
* libpurple-client0-2.14.8-3.9.3
* typelib-1_0-GUPnPIgd-1_0-0.2.4-6.2.2
* libpurple-2.14.8-3.9.3
* libpurple-tcl-2.14.8-3.9.3
* libnice10-0.1.13-7.2.3
* libgnt0-2.14.3-4.3.8
* libgnt-devel-debuginfo-2.14.3-4.3.8
* libpurple-devel-2.14.8-3.9.3
* libgssdp-1_0-3-0.14.16-7.2.1
* typelib-1_0-GUPnP-1_0-0.20.18-8.5.2
* libgnt0-debuginfo-2.14.3-4.3.8
* libgssdp-devel-0.14.16-7.2.1
* libpurple0-debuginfo-2.14.8-3.9.3
* typelib-1_0-GSSDP-1_0-0.14.16-7.2.1
* libgupnp-igd-1_0-4-0.2.4-6.2.2
* libfarstream-0_2-5-debuginfo-0.2.8-5.2.4
* libgupnp-igd-1_0-4-debuginfo-0.2.4-6.2.2
* libnice10-debuginfo-0.1.13-7.2.3
* pidgin-devel-2.14.8-3.9.3
* SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
* libpurple-lang-2.14.8-3.9.3
* libpurple-branding-upstream-2.14.8-3.9.3
* farstream-data-0.2.8-5.2.4
* SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
* libgnt0-32bit-2.14.3-4.3.8
* libgnt0-debuginfo-32bit-2.14.3-4.3.8
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
* farstream-devel-0.2.8-5.2.4
* libnice-debugsource-0.1.13-7.2.3
* libfarstream-0_2-5-0.2.8-5.2.4
* libpurple-debuginfo-2.14.8-3.9.3
* gstreamer-plugins-farstream-0.2.8-5.2.4
* libgupnp-1_0-4-0.20.18-8.5.2
* libgnt-devel-2.14.3-4.3.8
* libpurple-client0-debuginfo-2.14.8-3.9.3
* libnice-devel-0.1.13-7.2.3
* libgupnp-devel-0.20.18-8.5.2
* libpurple-tcl-debuginfo-2.14.8-3.9.3
* libgnt-debugsource-2.14.3-4.3.8
* gssdp-debugsource-0.14.16-7.2.1
* finch-devel-2.14.8-3.9.3
* libnice-debuginfo-0.1.13-7.2.3
* libgupnp-igd-devel-0.2.4-6.2.2
* libgssdp-1_0-3-debuginfo-0.14.16-7.2.1
* farstream-debugsource-0.2.8-5.2.4
* typelib-1_0-Farstream-0_2-0.2.8-5.2.4
* libgupnp-1_0-4-debuginfo-0.20.18-8.5.2
* finch-debuginfo-2.14.8-3.9.3
* libpurple0-2.14.8-3.9.3
* finch-2.14.8-3.9.3
* gupnp-debugsource-0.20.18-8.5.2
* libpurple-client0-2.14.8-3.9.3
* typelib-1_0-GUPnPIgd-1_0-0.2.4-6.2.2
* libpurple-tcl-2.14.8-3.9.3
* libpurple-2.14.8-3.9.3
* libnice10-0.1.13-7.2.3
* libgnt0-2.14.3-4.3.8
* libgnt-devel-debuginfo-2.14.3-4.3.8
* libpurple-devel-2.14.8-3.9.3
* libgssdp-1_0-3-0.14.16-7.2.1
* typelib-1_0-GUPnP-1_0-0.20.18-8.5.2
* libgssdp-devel-0.14.16-7.2.1
* libpurple0-debuginfo-2.14.8-3.9.3
* libgnt0-debuginfo-2.14.3-4.3.8
* typelib-1_0-GSSDP-1_0-0.14.16-7.2.1
* libgupnp-igd-1_0-4-0.2.4-6.2.2
* libfarstream-0_2-5-debuginfo-0.2.8-5.2.4
* libgnt0-32bit-2.14.3-4.3.8
* libgupnp-igd-1_0-4-debuginfo-0.2.4-6.2.2
* libnice10-debuginfo-0.1.13-7.2.3
* pidgin-devel-2.14.8-3.9.3
* libgnt0-debuginfo-32bit-2.14.3-4.3.8
* SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
* libpurple-lang-2.14.8-3.9.3
* libpurple-branding-upstream-2.14.8-3.9.3
* farstream-data-0.2.8-5.2.4
## References:
* https://www.suse.com/security/cve/CVE-2019-25544.html
* https://bugzilla.suse.com/show_bug.cgi?id=1057701
* https://bugzilla.suse.com/show_bug.cgi?id=1062785
* https://bugzilla.suse.com/show_bug.cgi?id=1068818
* https://bugzilla.suse.com/show_bug.cgi?id=1125736
* https://bugzilla.suse.com/show_bug.cgi?id=1184786
* https://bugzilla.suse.com/show_bug.cgi?id=1191780
* https://bugzilla.suse.com/show_bug.cgi?id=1260058
* https://jira.suse.com/browse/SLE-21105
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260714/a3d25656/attachment.htm>
More information about the sle-updates
mailing list