CVE-2010-1624 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1624): The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.0 allows remote attackers to cause a denial of service (application crash) via a custom emoticon in a malformed SLP message.
net-im, can we go ahead with stabling of 2.7.1-r1?
There are a lot of changes in the ebuild between 2.6.x and 2.7.1-r1 ...
Yup. @security, if nothing pops up (no new bugs, no changes in tree) go ahead on 21 Jun (but I'll try to remember about this bug too).
Ok, arch teams, please stabilize net-im/pidgin-2.7.1-r1 (and new net-libs/libgadu dependency as required).
(In reply to comment #4) > Ok, arch teams, please stabilize net-im/pidgin-2.7.1-r1 (and new > net-libs/libgadu dependency as required). No newer libgadu is needed according to DEPEND line..
x86 stable
Stable for HPPA.
alpha/ia64/sparc stable
*** Bug 324701 has been marked as a duplicate of this bug. ***
ppc64 done
amd64 done
Marked ppc stable.
DOS in client app -> closing noglsa.
...and actually closing.