Hi,
According to [1] at least CVE-2008-2957 has been fixed upstream in
version 2.5.0
The fix looks the same as the one from [2] in libpurple/upnp.c but
differs a bit in libpurple/util.c
Unfortunately the upstream SCM is currently down so I was not able to
exract the patch from there.
[1] http:/
Hi,
the only thing which is fixed in 2.4.3 so far is
CVE-2008-2927 but none of the CVE ids included in the bug
report are fixed from what I can see.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot1
Package: pidgin
Severity: grave
Tags: security
Justification: user security hole
Hi
The following email came over the public security list:
There are three pidgin flaws that could use CVE ids.
http://marc.info/?l=bugtraq&m=121449329530282&w=4
And two here:
http://crisp.cs.du.edu/?q=ca2007-1
I
3 matches
Mail list logo
