Improving our security

Ethan Blanton elb at
Thu Sep 3 15:10:22 EDT 2009


If you're reading this, it means that you've been added to 
security at  The intent is that this list will be our primary 
point of contact for security vulnerabilities and disclosures from 
third parties. explains this, and our hope
is that individuals or organizations who have discovered security 
flaws in Pidgin, libpurple, finch, or other related projects will 
notify us by way of this list.  

All information on this list is considered privileged information -- 
please do not disclose it unless necessary.  The idea is that every 
vulnerability will be made public when a fix is available and 
packagers can be notified, but until that time, we wish to keep 
vulnerabilities under wraps.  This is pretty standard, and something 
you are probably already aware of.  

This list allows post from non-members, and is NOT spam filtered.  
This increases the probability that legitimate posts will actually be 
received by someone.  (It is unlikely that all of our individual spam
filters will collectively can a legitimate email.) If you do not wish
to be subscribed to a list with this policy, or wish to have your
subscription address changed, please contact me and I will correct

Thanks for reading,

The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <>

More information about the security mailing list