Patch the Pidgin, patch the...

Dastardly security bugs in widely used chat app Pidgin have been discovered and patched. You should grab version 2.11 as it fixes the following exploitable information-leaking and buffer overflow programming blunders, all found by Cisco's Talos crew:

• CVE-2016-2365 - Pidgin MXIT Markup Command Denial of Service Vulnerability
• CVE-2016-2366 - Pidgin MXIT Table Command Denial of Service Vulnerability
• CVE-2016-2367 - Pidgin MXIT Avatar Length Memory Disclosure Vulnerability
• CVE-2016-2368 - Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerability
• CVE-2016-2369 - Pidgin MXIT CP SOCK REC TERM Denial of Service Vulnerability
• CVE-2016-2370 - Pidgin MXIT Custom Resource Denial of Service Vulnerability
• CVE-2016-2371 - Pidgin MXIT Extended Profiles Code Execution Vulnerability
• CVE-2016-2372 - Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability
• CVE-2016-2373 - Pidgin MXIT Contact Mood Denial of Service Vulnerability
• CVE-2016-2374 - Pidgin MXIT MultiMX Message Code Execution Vulnerability
• CVE-2016-2375 - Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability
• CVE-2016-2376 - Pidgin MXIT read stage Ox3 Code Execution Vulnerability
• CVE-2016-2377 - Pidgin MXIT HTTP Content-Length Buffer Overflow Vulnerability
• CVE-2016-2378 - Pidgin MXIT get_utf8_string Code Execution Vulnerability
• CVE-2016-2380 - Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability
• CVE-2016-4323 - Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability

File overwriting and remote code execution is never a good thing, unless you're the person trying to hack someone. Patch away. Pidgin is, we're told, used by millions of people. ®