[Pidgin] #14571: Win32 installer uses insecure GTK+ version

Pidgin trac at pidgin.im
Fri Aug 24 09:38:32 EDT 2012

#14571: Win32 installer uses insecure GTK+ version
 Reporter:  sdierl  |        Owner:  datallah       
     Type:  defect  |       Status:  new            
Milestone:  3.0.0   |    Component:  winpidgin (gtk)
  Version:  2.10.0  |   Resolution:                 
 Keywords:          |  

Comment(by datallah):

 Replying to [comment:16 ioerror]:
 > I changed the malformed png a bit:


 > It appears that this png doesn't get wiped from disk even though it is
 clearly malformed. Additionally, I only see those decode errors on the
 Windows Pidgin, I do not see them on the Ubuntu Pidgin. I think that means
 that I am hitting the GTK libs that are vulnerable, perhaps?

 The fact that the file is still there there isn't a problem; it's just a
 cached value of what the server sent; we wouldn't want to re-download the
 same data.

Ticket URL: <http://developer.pidgin.im/ticket/14571#comment:19>
Pidgin <http://pidgin.im>

More information about the Tracker mailing list