Possible libpurple vulnerability in multiple prpls
rekkanoryo at rekkanoryo.org
Sat Aug 15 17:30:06 EDT 2009
Mark Doliner wrote:
> In the past I think we have not gotten CVE numbers for things that
> require the user to accept a request. So my vote is no. But maybe
> you should hold off on committing the change until Tuesday the 18th,
> and maybe email us a diff of your fix?
If we could have the patch here ASAP, that would be great. With a patch to
commit, I could kill the 2.5.9 tag while it's still local to my database only
and retag with the patch included (and also generate new tarballs).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 835 bytes
Desc: OpenPGP digital signature
More information about the Packagers