Evan Schoenberg, M.D.
evands at pidgin.im
Sun Aug 2 19:04:23 EDT 2009
On Aug 2, 2009, at 5:37 PM, Paul Aurich wrote:
> Are there any Adium developers on this list? Is Evan subscribed?
> They will
> probably want time to prepare releases (or at least a new Adium
> for the vulnerability.
I'm here, yes. Zac West, the Adium co-lead, isn't - could a list
moderator please add his email address, cc'd above? Zac, the
vulnerability in question is a potential remote-code-execution exploit
within MSN code which requires only that the remote side have privacy
settings such that they would receive an IM from you.
We'll do a micro point release of Adium (Adium 1.3.6) with libpurple
2.5.9, and a beta of Adium 1.4 with TIP of im.pidgin.adium after
merging the changes, once it's ready.
What's the current proposed timeframe?
More information about the Packagers