CVE-2017-2640 in libpurple

Chris Forsythe chris at
Fri Mar 24 15:07:51 UTC 2017

The guys are working on a release. In the meantime if you would like you
can build your own. Please read the published documentation about how to
update and build libpurple here:

Which is linked from here:

(Section 2)

On Wed, Mar 15, 2017 at 6:46 PM, erythronium23 <erythronium23 at>

> Recently a security issue (CVE-2017-2640) was fixed in libpurple:
> SecurityFocus and Ubuntu say the vulnerability impact is arbitrary code
> execution on the client.
> Is the Adium team aware of this issue? Is there a response in the works?
> Does the Adium team have processes in place for handling and responding to
> security errata in libpurple? I'd be happy to help with any or all of the
> above.
> Thanks,
> Eryt

Chris Forsythe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the devel mailing list