[Pidgin] #15286: Master bug for old libraries in Windows Pidgin build
Pidgin
trac at pidgin.im
Sun Aug 26 02:05:55 EDT 2012
#15286: Master bug for old libraries in Windows Pidgin build
----------------------+-----------------------------------------------------
Reporter: ioerror | Owner: datallah
Type: defect | Status: new
Milestone: | Component: winpidgin (gtk)
Version: 2.10.6 | Resolution:
Keywords: security |
----------------------+-----------------------------------------------------
Comment(by ioerror):
Replying to [comment:12 datallah]:
> Replying to [comment:10 abadidea]:
> > Replying to [comment:8 datallah]:
> > > Why are all of these being posted publicly?
> >
> > the ticket that ioerror opened for "all the DLLs are out of date"
(#15281) was closed as a duplicate of #14571 which was opened just about a
year ago.
>
> Right, that ticket also shouldn't have been opened either, but it wasn't
a real problem anyway.
I think pidgin should get a security tag that actually makes the bugs
private, perhaps?
>
> The instructions on the top of the ticket page link to
[wiki:TipsForBugReports] which has instructions about how to deal with
security issues.
Ok - well, if I find any novel 0day, I'll drop it an a private message. I
didn't think that shipping old buggy libraries, as I said, counted.
>
> >
> > This isn't 0day, this is nday for very high values of n :)
>
> Like I said, it is not known information about Pidgin.
Pidgin is known to have a pretty bad security reputation and I am doubtful
that I am the first to find any of these issues. As we saw in #14571, some
guy's ''automated security software'' actually finds these kinds of bugs
in the pidgin software releases. I feel like such a a sucker, I had to
slum it with objdump...
--
Ticket URL: <http://developer.pidgin.im/ticket/15286#comment:14>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list