Pidgin 2.10.2 released
Elliott Sales de Andrade
qulogic at pidgin.im
Wed Mar 14 18:03:21 EDT 2012
On Wed, Mar 14, 2012 at 2:05 PM, Mark Doliner <mark at kingant.net> wrote:
> It contains fixes for two security problems. I've requested CVEs for
> both issues from oss-security at lists.openwall.com.
>
> More info:
> http://developer.pidgin.im/wiki/ChangeLog
> http://pidgin.im/news/security/?id=60
> http://pidgin.im/news/security/?id=61
>
> Files:
> https://sourceforge.net/projects/pidgin/files/Pidgin/2.10.2/
>
> The 2.x.y branch is our stable branch and we're trying to only include
> critical fixes, so it should be fairly safe to upgrade to the newest
> version. However, if you still want to patch an older version with
> the fixes, I believe these are the commits you'll want:
>
> For the XMPP issue (issue #60):
>
> http://developer.pidgin.im/viewmtn/revision/info/e30e044988add329e86eaf06a2f6ab1b3c5c47bb
>
> For the MSN issue (issue #61)(I'm actually not sure if you need all of
> these... but definitely the first one):
>
> http://developer.pidgin.im/viewmtn/revision/info/18f2f94b625542348af0049e0132a83a1c58aef6
>
> http://developer.pidgin.im/viewmtn/revision/info/395c14cb9ec6322fae27e85095ab2f640fa7c00a
>
> http://developer.pidgin.im/viewmtn/revision/info/2f0f6854241b2f975d10b73095bf46d5e9a8eb01
>
>
Those last two are not necessary for the security issue. You may want to
apply the last one to fix sending of offline messages.
--
Elliott aka QuLogic
Pidgin developer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/cgi-bin/mailman/private/packagers/attachments/20120314/76154728/attachment.html>
More information about the Packagers
mailing list