Hacker News new | ask | show | jobs
by Redoubts 3130 days ago
I’m out of the loop, what’s wrong with pidgin?
1 comments
ryanlol 3130 days ago
libpurple suffers from very poor code quality, leading to tons of exploitable vulnerabilities. Just as you would expect when writing C parsers for lots of complicated protocols.
link
the_common_man 3130 days ago
> libpurple suffers from very poor code quality, leading to tons of exploitable vulnerabilities. Just as you would expect when writing C parsers for lots of complicated protocols.

Is this your personal feeling or do you have something to back this up? A quick look at the source code suggests it's basically like any other glib based program.

link
daxorid 3130 days ago
These are just public ones:

https://www.cvedetails.com/vulnerability-list/vendor_id-6938...

Filter by CVSS > 6, note the number of execs. Enjoy.

link
ryanlol 3130 days ago
This is a commonly known fact, not just my personal feeling.
link