Pidgin 2.6.5 released

Josh Bressers bressers at
Mon Jan 11 08:17:13 EST 2010

----- "Paul Aurich" <paul at> wrote:

> Pidgin 2.6.5 is released (though not yet listed as such at
> As mentioned previously, this release provides a fix for CVE-2010-013
> (MSN arbitrary file upload), along with a number of build fixes and crash
> bugs.

Does this update this fix this the MSN memory corruption bug?


slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and
Adium 1.3.8 allows remote attackers to cause a denial of service
(memory corruption) or possibly have unspecified other impact via
unknown vectors, a different issue than CVE-2010-0013.

Reference: URL:



More information about the Packagers mailing list