Remote crashes being fixed in Pidgin 2.6.6
ari at debian.org
Mon Feb 15 18:12:07 EST 2010
Mark Doliner wrote:
>> Also, it looks like the MSN SLP patch isn't straightforward to apply
>> onto slp.c from 2.4.3. Is that version thought to be vulnerable, or do
>> the msn_slp_sip_recv() changes not matter?
> I don't know if that version is vulnerable. I suspect that it is. If
> so, similar changes would probably need to be made to
> msn_slp_sip_recv() in that version.
Actually, I forgot pidgin 2.4 can't login to MSN anymore anyway. I'll
just disable MSN entirely for the backported Debian security update.
More information about the Packagers