Fixes for gaim/pidgin vulnerabilities?
Ubuntu [1] has recently released fixes for CVE-2008-2955,
CVE-2008-2957, and CVE-2008-3532 in gaim/pidgin. Can we expect to see
these fixes released for Etch soon?
Also note that Ubuntu seems to have missed CVE-2008-2956 [2], which
also applies to gaim/pidgin. The problem has not yet been fixed in
any of the Debian archives, which may explain why they did not include
a patch for this one.
Thanks for working to keep Debian secure.
[1] http://www.ubuntu.com/usn/USN-675-1
[2] http://security-tracker.debian.net/tracker/CVE-2008-2956
Reply to: