[Pidgin] #15286: Master bug for old libraries in Windows Pidgin build

[Pidgin]

#15286: Master bug for old libraries in Windows Pidgin build
----------------------+-----------------------------------------------------
 Reporter:  ioerror   |        Owner:  datallah       
     Type:  defect    |       Status:  new            
Milestone:            |    Component:  winpidgin (gtk)
  Version:  2.10.6    |   Resolution:                 
 Keywords:  security  |  
----------------------+-----------------------------------------------------

Comment(by datallah):

 Replying to [comment:9 ioerror]:
 > Replying to [comment:8 datallah]:
 > > Why are all of these being posted publicly?
 >
 > I didn't realize it was important to keep these well know issues a
 secret. There was no problem discussing these kinds of issues in #14571 -
 how are these issues different? It's more third party library code that
 isn't maintained, just like the GTK bundle, right?
 >
 > Every single issue, other than #15289 (which is not confirmed as
 anything interesting anyway) is discussing known vulnerabilities.

 Is it not a common practice to keep security issues private until they're
 resolved?

 It is no different than #14571, I should have said something sooner.  I
 figured the cat was out of the bag already because it was posted; I didn't
 realize you were going to keep going.

 Sure they're "known" vulnerabilities in the library that they exist in,
 but they're not "known" in Pidgin.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/15286#comment:11>
Pidgin <http://pidgin.im>
Pidgin