Possible libpurple vulnerability in multiple prpls
John Bailey
rekkanoryo at rekkanoryo.org
Sat Aug 15 17:30:06 EDT 2009
Mark Doliner wrote:
> In the past I think we have not gotten CVE numbers for things that
> require the user to accept a request. So my vote is no. But maybe
> you should hold off on committing the change until Tuesday the 18th,
> and maybe email us a diff of your fix?
>
> -Mark
If we could have the patch here ASAP, that would be great. With a patch to
commit, I could kill the 2.5.9 tag while it's still local to my database only
and retag with the patch included (and also generate new tarballs).
John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/cgi-bin/mailman/private/packagers/attachments/20090815/f2110ced/attachment.pgp>
More information about the Packagers
mailing list