Potential security issue: Yahoo authorisation requests with invalid encoding
robertvehse at fastmail.fm
Mon Jul 15 17:34:27 EDT 2013
Am 05.02.2013 um 08:43 schrieb Mark Doliner <mark at kingant.net>:
> I've been looking at this a bit, and I think it's going to take some
> work. Our string handling in Yahoo is pretty inconsistent, and I
> think we'll want to do some testing with Windows clients to make sure
> we're behaving sanely. I think that will take time.
> I'd like to go ahead and do a Pidgin release nowish with the fixes for
> the two MXit problems, and with working SSL CA certs, and we can do
> another release once we're confident we have a patch for this issue.
> Does that sound ok to people?
Did anything become of this?
More information about the security