Remote crash
Ethan Blanton
elb at pidgin.im
Wed Jan 16 08:55:45 EST 2013
Mark Doliner spake unto us the following wisdom:
> Hi Chris. Thanks for reporting this to us. It sounds like you're
> using some version of Windows... I'm wondering if you could tell us
> what version, specifically? Knowing that information might help us
> track this down.
This came up in #pidgin, and it is my understanding from the
conclusion of the conversation that a) this is a Pango bug related to
non-BMP Unicode codepoints, and b) there's some sort of plugin to
protect against it.
I'm wondering if GtkIMHtml should filter stuff on the way through, in
Windows? It sounds like maybe that's not perfect protection (I assume
you'd just have to put such a string in an invite or similar), but
it'd avoid channel-clearing etc.
Those of you who are familiar with this bug, is there a fixed version
of Pango or something?
Ethan
More information about the security
mailing list