CVE-2017-2640 in libpurple
Chris Forsythe
chris at growl.info
Fri Mar 24 15:07:51 UTC 2017
The guys are working on a release. In the meantime if you would like you
can build your own. Please read the published documentation about how to
update and build libpurple here:
https://trac.adium.im/wiki/GettingLibpurpleSource
Which is linked from here:
https://trac.adium.im/wiki/GettingAdiumSource
(Section 2)
On Wed, Mar 15, 2017 at 6:46 PM, erythronium23 <erythronium23 at gmail.com>
wrote:
> Recently a security issue (CVE-2017-2640) was fixed in libpurple:
>
> https://www.pidgin.im/news/security/?id=109
>
> SecurityFocus and Ubuntu say the vulnerability impact is arbitrary code
> execution on the client.
>
> Is the Adium team aware of this issue? Is there a response in the works?
> Does the Adium team have processes in place for handling and responding to
> security errata in libpurple? I'd be happy to help with any or all of the
> above.
>
> Thanks,
>
> Eryt
>
--
Chris Forsythe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20170324/c87fb660/attachment.html>
More information about the devel
mailing list