Mandriva Linux Security Advisory 2009-321 - Security vulnerabilities have been identified and fixed in pidgin. This update provides pidgin 2.6.2, which is not vulnerable to these issues.
7fa7a9e261705a1c8d79a87e1bd96c137a3fc7f7847a59247c6845386710d895
Gentoo Linux Security Advisory 200910-2 - Multiple vulnerabilities have been discovered in Pidgin, leading to the remote execution of arbitrary code, unauthorized information disclosure, or Denial of Service. Versions less than 2.5.9-r1 are affected.
e779f111b1348b505f287d3b122922b47e53deed021d9b1d7f32a5e7bd682180
Mandriva Linux Security Advisory 2009-230 - Security vulnerabilities has been identified and fixed in pidgin.
21e4fec4f4426731e84e353e4f3e1e763c7511c9995ae7f25519ceb23e1e4370
Ubuntu Security Notice USN-820-1 - Federico Muttis discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.
3cb0bc8ff34af8d18496e2c3d5d2bcb732b59e6582fcf4a8ccb1838d53e7bb47
Debian Security Advisory 1870-1 - Federico Muttis discovered that libpurple, the shared library that adds support for various instant messaging networks to the pidgin IM client, is vulnerable to a heap-based buffer overflow. This issue exists because of an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can exploit this by sending two consecutive SLP packets to a victim via MSN.
11ac33561f3bbbffca98ffd632e07b2283b4a9f19e94b23a9c98eb2ca8256b2e
Core Security Technologies Advisory - A remote arbitrary-code-execution vulnerability has been found in Libpurple (used by Pidgin and Adium instant messaging clients, among others), which can be triggered by a remote attacker by sending a specially crafted MSNSLP packet with invalid data to the client through the MSN server. No victim interaction is required, and the attacker is not required to be in the victim's buddy list (under default configuration). Libpurple versions 2.5.8 and below are affected.
f363baeb98fdd656675988b12ada553e50c4b259ca0340eeb44952b1b17ac21d