Michael Gilbert wrote: > qutecom embeds libpurple, which makes security updates troublesome. > please update the package to dynamically link to the system libpurple > libraries. thanks.
I totally agree with that. They problem is the way qutecom uses libpurple, and is not of easy solution without some cooperation from libpurple upstream. Here is summary of the problem: -in qutecom, when you logout and than login, libpurple is reinitialized -reinitializing libpurple is supported in theory, but in practice nobody uses that and is buggy (i.e. would segfault) I have been spending quite some time debugging and trying to get fixes upstream. Although, Pidgin core has been fixed [1], the problem is not solved because some plugins does not reload correctly [2], [3]. The version of purple included does not have this problem because the "bad" plugins are not loaded. Unfortunately, if qutecom used system libpurple, it would not be able to prevent those plugins to get loaded. However having this feature did not raise much interest in libpurple upstream developers. I'll try again to see if we can get these issues fixed. Do you think it would make sense to open also bugs against the Debian package of libpurple, or just upstream of libpurple? Thank you, Ludovico [1] http://developer.pidgin.im/ticket/7761 [2] http://developer.pidgin.im/ticket/8758 [3] http://developer.pidgin.im/ticket/8770 [4] http://pidgin.im/pipermail/devel/2009-March/007800.html
signature.asc
Description: OpenPGP digital signature
