Security vulnerabilities has been identified and fixed in pidgin: The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. Pidgin 2.4.1 allows remote attackers to cause a denial of service via a long filename that contains certain characters, as demo ...