[Fwd: Re: [Advisories] Libpurple security vulnerability CORE-2009-0727]
Mark Doliner
mark at kingant.net
Thu Aug 13 20:45:24 EDT 2009
On Wed, Aug 12, 2009 at 8:57 PM, Warren Togami<wtogami at redhat.com> wrote:
> On 08/12/2009 10:48 PM, Mark Doliner wrote:
>>>
>>> We will be releasing Pidgin 2.5.9, which will contain a patch just for
>>> this
>>> exploit."
>>
>> This looks fantastic to me.
>>
>>> Do we still plan on releasing 2.5.9 with just the patch? Will we release
>>> 2.6.0 at the same time?
>>
>> I think we should definitely release 2.6.0--aside from this change
>> everything is ready, right? I don't have a strong opinion about
>> releasing 2.5.9, but I'm mildly in favor.
>
> Could we please have a coordinated pidgin-1.5.2 as well? Due to the
> confusion of the earlier incomplete patch and distros shipping different
> versions of earlier patch, it would be good to agree upon a common release?
Sorry, I personally don't have time to manage a patch for Pidgin
1.5.2, but I certainly won't stop anyone else from doing so.
-Mark
More information about the Packagers
mailing list