Additional Security issues

Mark Doliner mark at kingant.net
Tue Feb 5 18:26:31 EST 2013


On Tue, Feb 5, 2013 at 2:51 PM, Daniel Atallah <daniel.atallah at gmail.com> wrote:
> I'm assuming that at this point none of these are public.

To my knowledge that's true.

> Is the urgency related to the CA cert?

Partially.  Other reasons:
- I want to avoid delaying the MXit fixes much more
- It's harder for me logistically to manage releases with large
numbers of security problems (apply more patches, request CVEs for
more things, email descriptions and patches to publishers, type up
descriptions for http://www.pidgin.im/news/security/)

But I guess if we have patches for these issues and we think they're
safe then we should go ahead and release them.


More information about the security mailing list