CVE-2017-2640 in libpurple

Chris Forsythe chris at growl.info
Fri Mar 24 15:07:51 UTC 2017


The guys are working on a release. In the meantime if you would like you
can build your own. Please read the published documentation about how to
update and build libpurple here:

https://trac.adium.im/wiki/GettingLibpurpleSource

Which is linked from here:

https://trac.adium.im/wiki/GettingAdiumSource

(Section 2)


On Wed, Mar 15, 2017 at 6:46 PM, erythronium23 <erythronium23 at gmail.com>
wrote:

> Recently a security issue (CVE-2017-2640) was fixed in libpurple:
>
> https://www.pidgin.im/news/security/?id=109
>
> SecurityFocus and Ubuntu say the vulnerability impact is arbitrary code
> execution on the client.
>
> Is the Adium team aware of this issue? Is there a response in the works?
> Does the Adium team have processes in place for handling and responding to
> security errata in libpurple? I'd be happy to help with any or all of the
> above.
>
> Thanks,
>
> Eryt
>



-- 
Chris Forsythe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://adium.im/pipermail/devel_adium.im/attachments/20170324/c87fb660/attachment.html>


More information about the devel mailing list