* General changes o Various bug and memory leak fixes * Windows-specific changes o Updated gtkspell to include a patch to share Aspell dictionaries among all the input fields to avoid excessive memory usage. o Updated libxml2 to 2.6.30 o Bonjour protocol now appears even if Bonjour for Windows isn't present (displays message indicating Bonjour for Windows must be installed if you try to log in and it isn't installed). o libpurple now looks for a default prefs.xml in the CSIDL_COMMON_APPDATA directory (e.g. \Documents and Settings\All Users\Application Data\purple\prefs.xml) similarly to how this is done on other platforms. Reproducible: Always
As version 2.2.2 fixes a security issue, I'll transform this bug report into a security bug. A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to a NULL-pointer dereference error when processing messages with invalid HTML code and can be exploited to cause libpurple to crash. Successful exploitation may require that HTML logging is used. (If this is not the default case, re-rate to C3.)
net-im, please advise and/or create an updated ebuild.
Ok, new version is in the tree
Thx for the bug keytoaster but we usually don't handle simple crash bugs in client applications. So I'm reassigning this one back.
Alright, then if its not security, we can wait one month to stable it.
*** Bug 197580 has been marked as a duplicate of this bug. ***
*** Bug 198746 has been marked as a duplicate of this bug. ***
