[Pidgin] #14571: Win32 installer uses insecure GTK+ version

Pidgin trac at pidgin.im
Thu Aug 23 15:40:43 EDT 2012

#14571: Win32 installer uses insecure GTK+ version
 Reporter:  sdierl  |        Owner:  datallah       
     Type:  defect  |       Status:  new            
Milestone:  3.0.0   |    Component:  winpidgin (gtk)
  Version:  2.10.0  |   Resolution:                 
 Keywords:          |  

Comment(by datallah):

 If you read my comments, I already explained why this is not critical.
 Just because a potential vulnerability exists in a particular library
 doesn't mean that it's possible to run into it our use case.

 It's non-trivial to update the version of the GTK+ stack that we use.
 Lots of versions newer than the current version are problematic for a
 variety of reasons.  I believe that the latest few GTK+ 2.x releases have
 resolved most of the critical issues that made it not possible to upgrade
 for a long time, but I haven't had time to fully investigate.

Ticket URL: <http://developer.pidgin.im/ticket/14571#comment:9>
Pidgin <http://pidgin.im>

More information about the Tracker mailing list