Format String Bug into libsilcclient 1.1.2
elb at pidgin.im
Fri Oct 14 17:01:56 EDT 2011
Joilson Rabelo spake unto us the following wisdom:
> Libsilcclient 1.1.2 dll is vulnerable to format string attacks since 2009
> and i'd like to know why you guys did not updated it?
> Pidgin 2.10 is obviously vulnerable since it uses 1.1.2, please upgrade to
> 1.1.3 and the problem is going to be solved, it's a serious bug and can lead
> to Remote Code Execution
I assume you are talking specifically about our Windows package, is
that true? (We do not bundle libsilc with our sources.)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 482 bytes
Desc: Digital signature
More information about the security