I am about to commit a new ~masked ebuild for gaim-0.59.9-r1 which contains an important security fix for the gaim-encryption plugin. I have been contacted by the creator of the gaim-encryption plugin and he asked me to get it in the ebuild ASAP but not to make a security announcement for a few days. Uhh yeah.
Has the gaim-encryption author said anything more in this matter?
Hmm... never heard anything about an official security advisory, however, there are now two versions beyond this versino of the plugin (for 0.60 and 0.61 of gaim), and I have just marked 0.59.9-r1 stable, so I think we should issue a GLSA to have users on previous versions of gaim with USE="ssl" upgrade their gaims.
confirmed, we can issue a GLSA, see http://www.securityfocus.com/bid/7182 for more info
Can this bug be closed?
long gone.