Remote crash in old Pidgin versions
Mark Doliner
mark at kingant.net
Fri Dec 28 19:07:39 EST 2012
Someone brought to our attention that Pidgin versions before 2.7.10
contained a remote crash bug (null pointer dereference only--I believe
buffer overflow is not possible). This bug was fixed in Pidgin 2.7.10
and all newer versions.
I bring this to your attention because we did not treat this as a
security problem at the time and we did not notify you or list this at
http://pidgin.im/news/security/
If you're maintaining security updates for a Pidgin build older than
2.7.10 then I recommend you include this patch:
http://hg.pidgin.im/pidgin/main/rev/b25469e04402
Thanks,
Mark
More information about the Packagers
mailing list