Feature #6117

Audit Pidgin

Added by Tails 2013-07-18 07:51:12 . Updated 2018-01-07 11:19:01 .

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Security Audit
Blueprint:

Starter:
0
Affected tool:
Instant Messaging
Deliverable for:

Description

Already checked

Local time leak through CTCP-TIME requests

Pidgin leaks this piece of information if you use the IRC More plugin. The original Incognito patches it to disable CTCP completely.

Jabber DNS leak bug

Need to investigate around the DNS leaks bug when using jabber. Still as it’s a SRV request leak, Tails should be safe until it becomes able to resolv something else thant just A requests. TBB has it’s own ticket (bug #1676 on Tor Project’s Trac for this issue.

TODO

More?


Subtasks


Related issues

Related to Tails - Bug #6347: Pidgin IRC Protocol responds to DCC SEND? Confirmed 2013-10-08
Related to Tails - Feature #6174: Test Pidgin SSL validation in Debian Jessie Resolved 2013-07-19
Related to Tails - Bug #8573: Hopefully replace Pidgin some day In Progress 2015-01-07

History

#1 Updated by intrigeri 2013-07-19 06:11:21

#2 Updated by intrigeri 2013-07-19 06:16:47

  • Subject changed from pidgin to audit Pidgin

#3 Updated by intrigeri 2013-10-03 11:26:21

  • Type of work changed from Research to Audit
  • Starter set to No

#4 Updated by BitingBird 2014-06-09 11:06:15

  • Subject changed from audit Pidgin to Audit Pidgin

#5 Updated by intrigeri 2014-08-12 13:54:18

  • Category set to 213

#6 Updated by BitingBird 2015-01-04 02:50:55

  • related to Bug #6347: Pidgin IRC Protocol responds to DCC SEND? added

#7 Updated by BitingBird 2015-01-04 03:48:41

  • related to Feature #6174: Test Pidgin SSL validation in Debian Jessie added

#8 Updated by intrigeri 2016-02-19 00:45:37

  • related to Bug #8573: Hopefully replace Pidgin some day added

#9 Updated by intrigeri 2016-02-19 00:45:46

  • Type of work changed from Audit to Security Audit