This is just a different way to implement the workaround so that the NSS_SSL_CBC_RANDOM_IV variable is only set for the Pidgin process instead of globally in your environment.
It should not hurt if /usr/local/bin/pidgin remains in use even once a proper fix is deployed, assuming you have a modicum of trust for your local environment (and if not, you should hardly be using SIPE for messaging in the first place).
https:/ /bugzilla. redhat. com/show_ bug.cgi? id=770682 alleges that setting NSS_SSL_ CBC_RANDOM_ IV=0 globally is a security problem. As an alternative, what I did was this:
Create the following file in /tmp/pidgin
#!/bin/sh CBC_RANDOM_ IV=0 exec /usr/bin/pidgin "$@"
NSS_SSL_
Then run the following commands:
sudo cp /tmp/pidgin /usr/local/bin bin/pidgin
sudo chmod a+x /usr/local/
This is just a different way to implement the workaround so that the NSS_SSL_ CBC_RANDOM_ IV variable is only set for the Pidgin process instead of globally in your environment.
It should not hurt if /usr/local/ bin/pidgin remains in use even once a proper fix is deployed, assuming you have a modicum of trust for your local environment (and if not, you should hardly be using SIPE for messaging in the first place).