New release 2.12.0 for security issue

Gary Kramlich grim at
Thu Mar 9 20:54:04 EST 2017

Pidgin 2.12.0 tarballs can be found at



On Tue, Feb 28, 2017 at 10:28 PM, Gary Kramlich <grim at> wrote:
> All,
> We will be releasing Pidgin 2.12.0 on 20170310 at 0200 UTC which is
> our embargo date. This is a normal release with a fixed security
> issue.  A CVE has been requested, but I have not heard back by the
> time of this writing.
> The issue that has been fixed in the release is an out of bound memory
> access when a server sends invalid XML.  I do not yet have the
> tarballs built but we should have them in the next few days (we're
> waiting on one more patch for the release).
> Thanks,
> --
> Gary Kramlich <grim at>


Gary Kramlich <grim at>

More information about the Packagers mailing list