Pidgin: Multiple vulnerabilities

Pidgin: Multiple vulnerabilities Multiple vulnerabilities in Pidgin may allow execution of arbitrary code. pidgin May 18, 2014 May 18, 2014: 1 457580 499596 remote 2.10.9 2.10.9-r1 2.10.9

Pidgin is a GTK Instant Messenger client for a variety of instant messaging protocols.

Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details.

A remote attacker could possibly execute arbitrary code with the privileges of the Pidgin process, cause a Denial of Service condition, overwrite files, or spoof traffic.

There is no known workaround at this time.

All Pidgin users on HPPA or users of GNOME 3.8 and later on AMD64 or X86 should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.9-r1"

All Pidgin users on ALPHA, PPC, PPC64, SPARC, and users of GNOME before 3.8 on AMD64 and X86 should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.9"

CVE-2012-6152 CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274 CVE-2013-6477 CVE-2013-6478 CVE-2013-6479 CVE-2013-6481 CVE-2013-6482 CVE-2013-6483 CVE-2013-6484 CVE-2013-6485 CVE-2013-6487 CVE-2013-6489 CVE-2013-6490 CVE-2014-0020 ackle ackle