[Fwd: Re: [Advisories] Libpurple security vulnerability CORE-2009-0727]

Mark Doliner mark at kingant.net
Thu Aug 13 20:45:24 EDT 2009


On Wed, Aug 12, 2009 at 8:57 PM, Warren Togami<wtogami at redhat.com> wrote:
> On 08/12/2009 10:48 PM, Mark Doliner wrote:
>>>
>>> We will be releasing Pidgin 2.5.9, which will contain a patch just for
>>> this
>>> exploit."
>>
>> This looks fantastic to me.
>>
>>> Do we still plan on releasing 2.5.9 with just the patch? Will we release
>>> 2.6.0 at the same time?
>>
>> I think we should definitely release 2.6.0--aside from this change
>> everything is ready, right?  I don't have a strong opinion about
>> releasing 2.5.9, but I'm mildly in favor.
>
> Could we please have a coordinated pidgin-1.5.2 as well?  Due to the
> confusion of the earlier incomplete patch and distros shipping different
> versions of earlier patch, it would be good to agree upon a common release?

Sorry, I personally don't have time to manage a patch for Pidgin
1.5.2, but I certainly won't stop anyone else from doing so.

-Mark



More information about the Packagers mailing list