Pidgin 2.5.9, 2.6.0, 2.6.1

John Bailey rekkanoryo at
Wed Aug 19 10:08:08 EDT 2009

Mark Doliner wrote:
> 2.6.1: This is 2.6.0 with an important security fix and some fixed
> compilation problems.  Please use this and never 2.6.0!

For reference, the security issue was that a remote user could send a URL over
Yahoo and crash a running Pidgin.  Neither Mark nor I could reproduce this
ourselves, but the user experiencing it was able to provide us a good backtrace
and test the patch for us.  It was already public on our trac before Mark fixed
the issue (

> See for details.  Also, as
> of 2.6.0 we now require glib and gtk+ 2.4.0 or newer.  tarballs for
> all releases are online and it's likely that an amazing human being
> will build a Windows package for 2.6.1 within the next 48 hours.

The change to a minimum requirement of GTK+ and GLib 2.4.0 was not intentional;
Stu discovered the issues when building against older libraries and concluded
that while we could probably fix most of the issues pretty easily, there were
several places where it would prove unreasonably difficult to do so.  It seemed
more sensible to just increase the minimum version requirements.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 835 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Packagers mailing list