Red Hat Security Advisory 2017-1854-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The following packages have been upgraded to a later upstream version: pidgin. Security Fix: A denial of service flaw was found in the way Pidgin's Mxit plug-in handled emoticons. A malicious remote server or a man-in-the-middle attacker could potentially use this flaw to crash Pidgin by sending a specially crafted emoticon.
8025ad83e85f7711d5359c27763a16556d76510821e47dc5d645d2f65d5b42ab
Gentoo Linux Security Advisory 201706-10 - A vulnerability in Pidgin might allow remote attackers to execute arbitrary code. Versions less than 2.12.0 are affected.
2c655b3781df10956ba163b40a64abf56144f6f98cce7d5799a2d5c09004d173
Adium version 1.5.10.2 includes a vulnerable version of libpurple that permits for arbitrary code execution on the client.
ecda5b423632c41687024c6a3f6d0c1f5e08a999e78e7e3f2993c4210cff312b
Slackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
28ab51f1bbc6ebcee4b3ebc5e26e510679e1692947b5f29bb49d591d536e4f4d
Ubuntu Security Notice 3231-1 - Joseph Bisch discovered that Pidgin incorrectly handled certain xml messages. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code.
3430ac97a55a07d89fc7b0c1fef7489e061ec02f763ebc35af16e51616b1cb22