[Pidgin] #15286: Master bug for old libraries in Windows Pidgin build
Pidgin
trac at pidgin.im
Sun Aug 26 02:36:54 EDT 2012
#15286: Master bug for old libraries in Windows Pidgin build
----------------------+-----------------------------------------------------
Reporter: ioerror | Owner: datallah
Type: defect | Status: new
Milestone: | Component: winpidgin (gtk)
Version: 2.10.6 | Resolution:
Keywords: security |
----------------------+-----------------------------------------------------
Comment(by datallah):
Replying to [comment:16 ioerror]:
> Replying to [comment:15 datallah]:
> > Replying to [comment:14 ioerror]:
> > > I think pidgin should get a security tag that actually makes the
bugs private, perhaps?
> >
> > This would be nice, but it isn't something that trac supports (at
least not well). There are a couple plugins that attempt to do something
like this, but they leak the tickets via emails and such and the data
would end up in public anyway.
>
> That still seems like an improvement - I mean, it's all plain text at
some point. Pidgin doesn't publish a PGP/GPG key on the security contact
page, so I assumed that a network sniffing adversary wasn't part of your
threat model...
I'm more thinking of the [http://pidgin.im/pipermail/tracker/ "tracker"
mailing list] as a problem rather than network sniffing.
--
Ticket URL: <http://developer.pidgin.im/ticket/15286#comment:17>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list