security review and patches for libpurple
Evan Schoenberg
evan at adium.im
Mon Jul 18 12:52:33 EDT 2011
On Jul 18, 2011, at 11:14 AM, Ethan Blanton <elb at pidgin.im> wrote:
> Jacob Appelbaum spake unto us the following wisdom:
>>> With that in mind, I'd like to ask again if there are any objections
>>> to my committing these patches to ipp without embargo or a coordinated
>>> release. If not, I will land them some time tomorrow. If anyone even
>>> simply thinks we should wait a few days or get additional input before
>>> landing them, that's fine, too.
>>
>> I would really strongly encourage you to co-ordinate with the Adium
>> folks. It seems to me that they're behind on libpurple updates and any
>> new security releases that don't go into Adium may cause Mac OS X users
>> major trouble.
>
> I appreciate that input. There are several Adium developers on the
> security at pidgin.im contact list, so they are in the loop on this
I apologize; I mixed up security threads. I was referring to the IRC whois issue.
Integration of the larger patch set, which is being applied only against im.pidgin.pidgin as I understand it, will be a somewhat more complicated issue but we will work to make it happen in coordination based on timing for Pidgin's release as it's discussed here.
-Evan
>
> Ethan
> _______________________________________________
> security mailing list
> security at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/security
More information about the security
mailing list