Issue with libgtk-win32-2.0-0.dll bundled with Pidgin for Win32

Daniel Atallah daniel.atallah at gmail.com
Fri Jan 3 10:08:04 EST 2014


On Fri, Jan 3, 2014 at 9:41 AM, Karl Foley <karl at thefoleyhouse.co.uk> wrote:

> My Kaspersky AV is picking up a vulnerability in the
> libgtk-win32-2.0-0.dll bundled with Pidgin v2.10.7. The alert is referring
> to a GIMP vulnerability in GIMP Script-FU server. Does Pidgin share some
> components with GIMP?
>
> The SA is here:
> https://secunia.com/advisories/49314/
>
> Thanks for a really cool IM program.
>

The connection with GIMP is that Pidgin uses the GTK+ Windowing library,
which started life to make the GUI for GIMP.
This is a false positive - the GIMP script-fu stuff is completely
independent of GTK+ and is not included in what Pidgin ships.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20140103/2296ab98/attachment.html>


More information about the security mailing list