Please backport pidgin 2.5.2-0ubuntu1.4 to hardy

Hardy backports already contains 2.5.2-0ubuntu1.2 from intrepid. Can we update to the intrepid update 2.5.2-0ubuntu1.4 version that fixes a number of CVE issues.

pidgin (1:2.5.2-0ubuntu1.4) intrepid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted MSNSLP packet
    (LP: #415863)
    - debian/patches/86_security_CVE-2009-2694.patch: properly destroy
      slpmsg in libpurple/protocols/{msn,msnp9}/slplink.c.
    - CVE-2009-2694

 -- Marc Deslauriers <email address hidden> Wed, 19 Aug 2009 12:50:44 -0400

pidgin (1:2.5.2-0ubuntu1.3) intrepid-security; urgency=low

  * SECURITY UPDATE: denial of service via ICQWebMessage message type in
    OSCAR protocol. (LP: #393736)
    - debian/patches/85_security_CVE-2009-1889.patch: make the check better
      in libpurple/protocols/oscar/oscar.c, only allocate memory if len is
      valid in libpurple/protocols/oscar/bstream.c.
    - CVE-2009-1889

 -- Marc Deslauriers <email address hidden> Fri, 03 Jul 2009 11:12:31 -0400