Project

General

Profile

Feature #6117

Feature #5769: Applications audit

Audit Pidgin

Added by Tails about 6 years ago. Updated over 1 year ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Security Audit
Blueprint:
Starter:
No
Affected tool:
Instant Messaging

Description

Already checked

Local time leak through CTCP-TIME requests

Pidgin leaks this piece of information if you use the IRC More plugin. The original Incognito patches it to disable CTCP completely.

Jabber DNS leak bug

Need to investigate around the DNS leaks bug when using jabber. Still as it's a SRV request leak, Tails should be safe until it becomes able to resolv something else thant just A requests. TBB has it's own ticket (bug #1676 on Tor Project's Trac) for this issue.

TODO

More?


Related issues

Related to Tails - Bug #6347: Pidgin IRC Protocol responds to DCC SEND? Confirmed 10/08/2013
Related to Tails - Feature #6174: Test Pidgin SSL validation in Debian Jessie Resolved 07/19/2013
Related to Tails - Bug #8573: Hopefully replace Pidgin some day In Progress 01/07/2015

History

#1 Updated by intrigeri about 6 years ago

  • Parent task set to #5769

#2 Updated by intrigeri about 6 years ago

  • Subject changed from pidgin to audit Pidgin

#3 Updated by intrigeri almost 6 years ago

  • Type of work changed from Research to Audit
  • Starter set to No

#4 Updated by BitingBird about 5 years ago

  • Subject changed from audit Pidgin to Audit Pidgin

#5 Updated by intrigeri almost 5 years ago

  • Category set to 213

#6 Updated by BitingBird over 4 years ago

  • Related to Bug #6347: Pidgin IRC Protocol responds to DCC SEND? added

#7 Updated by BitingBird over 4 years ago

  • Related to Feature #6174: Test Pidgin SSL validation in Debian Jessie added

#8 Updated by intrigeri over 3 years ago

  • Related to Bug #8573: Hopefully replace Pidgin some day added

#9 Updated by intrigeri over 3 years ago

  • Type of work changed from Audit to Security Audit

Also available in: Atom PDF