New release 2.12.0 for security issue
grim at reaperworld.com
Thu Mar 9 20:54:04 EST 2017
Pidgin 2.12.0 tarballs can be found at
On Tue, Feb 28, 2017 at 10:28 PM, Gary Kramlich <grim at reaperworld.com> wrote:
> We will be releasing Pidgin 2.12.0 on 20170310 at 0200 UTC which is
> our embargo date. This is a normal release with a fixed security
> issue. A CVE has been requested, but I have not heard back by the
> time of this writing.
> The issue that has been fixed in the release is an out of bound memory
> access when a server sends invalid XML. I do not yet have the
> tarballs built but we should have them in the next few days (we're
> waiting on one more patch for the release).
> Gary Kramlich <grim at reaperworld.com>
Gary Kramlich <grim at reaperworld.com>
More information about the Packagers