[Pidgin] #15284: NSS library out of date

Pidgin trac at pidgin.im
Sat Aug 25 19:55:06 EDT 2012

#15284: NSS library out of date
 Reporter:  ioerror          |     Owner:  datallah
     Type:  defect           |    Status:  new     
Component:  winpidgin (gtk)  |   Version:  2.10.6  
 Keywords:  security         |  
 It appears that the pidgin libnss library shipped with the Windows release
 is vulnerable to CVE-2012-0441 and perhaps other issues.

 % strings nss3.dll|grep -i  3.1
 $Header: NSS  Feb 28 2010 18:45:37 $
 @(#)NSS  Feb 28 2010 18:45:37


 It may also be vulnerable to MITM ala CVE-2009-3555:

 Is Pidgin shipping NSS It appears that 3.12.6 is may be the way
 to not be vulnerable to the above MITM issue:

Ticket URL: <http://developer.pidgin.im/ticket/15284>
Pidgin <http://pidgin.im>

More information about the Tracker mailing list