Ubuntu [1] has recently released fixes for CVE-2008-2955, CVE-2008-2957, and CVE-2008-3532 in gaim/pidgin. Can we expect to see these fixes released for Etch soon?
Also note that Ubuntu seems to have missed CVE-2008-2956 [2], which also applies to gaim/pidgin. The problem has not yet been fixed in any of the Debian archives, which may explain why they did not include a patch for this one. Thanks for working to keep Debian secure. [1] http://www.ubuntu.com/usn/USN-675-1 [2] http://security-tracker.debian.net/tracker/CVE-2008-2956 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]