Multiple vulnerabilities were found in Pidgin, the worst of which allowing for the remote execution of arbitrary code.
Package | net-im/pidgin on all architectures |
---|---|
Affected versions | < 2.10.0-r1 |
Unaffected versions | >= 2.10.0-r1 |
Pidgin is an GTK Instant Messenger client.
Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details.
These vulnerabilities allow for arbitrary file retrieval, Denial of Service and arbitrary code execution with the privileges of the user running Pidgin.
There is no known workaround at this time.
All Pidgin users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.0-r1"