You are here

Pidgin: Off-The-Record Messaging Updated

3 posts / 0 new
Last post
Amarus
Amarus's picture
Offline
Last seen: 11 years 12 months ago
Joined: 2008-04-25 17:00
Pidgin: Off-The-Record Messaging Updated

OTR recently updated to from version 3.2.1 I'm just bringing this to the attention of the PA.com developers.

16 May 2012

Security update: pidgin-otr version 3.2.1

Versions 3.2.0 and earlier of the pidgin-otr plugin contain a format string security flaw. This flaw could potentially be exploited by a remote attacker to cause arbitrary code to be executed on the user's machine.

The flaw is in pidgin-otr, not in libotr. Other applications that use libotr are not affected.

CVE-2012-2369 has been assigned to this issue.

Please upgrade to pidgin-otr version 3.2.1 immediately.

Users of pidgin-otr packages in Linux and *BSD distributions should see updated packages shortly.
---
Off-the-Record Messaging
http://www.cypherpunks.ca/otr/

John T. Haller
John T. Haller's picture
Online
Last seen: 38 min 23 sec ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Updated

The plugin has been updated. I posted a story to the homepage, RSS feed and Twitter just to be sure as I know a portion of our userbase likes to make use of encryption.
https://portableapps.com/news/2012-05-22--pidgin-otr-3.2.1-released

Thanks for the heads-up on the update.

Sometimes, the impossible can become possible, if you're awesome!

Amarus
Amarus's picture
Offline
Last seen: 11 years 12 months ago
Joined: 2008-04-25 17:00
Yay

Thank you sir for the rapid OTR-portable deployment ^_^

in_vino_veritas,_in_aqua_sanitas.

Log in or register to post comments