Brian May <br...@linuxpenguins.xyz> writes: > Attached is a patch to fix all known security issues in pidgin in > Wheezy-LTS. > > I found that a number of ther CVEs under security-tracker.debian.org > referenced the patch for the fix for the wrong CVE, so I had to retrieve > the correct patches from upstream git. > > I also found that the security fix I identified for CVE-2016-2372 was > the same as one of the patches for CVE-2016-2369 so I didn't apply it > twice. > > Still need to test this and make a copy for testing.
Here is a version I built for testing: https://people.debian.org/~bam/debian/pool/main/p/pidgin/ Disclaimer: might be several days before I get a chance to test this myself. -- Brian May <b...@debian.org>
