SILC Toolkit 1.1.9 fixed following issue: http://silcnet.org/docs/changelog/SILC%20Toolkit%201.1.9 HTTP: fix stack overwrite due to format string error. On AMD64, %lu refers to a 64-bit unsigned value, but the address passed to sscanf points to a 32-bit unsigned value. This causes an adjoining value on the stack to be overwritten with data from the converted integer. Fix the format string to match the size of the supplied value, and remove the pointer cast. Upstream fix: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff;h=b2b91b074b6701455053425b583a6fd0beedc8cc SILC's SilcHttpServer library is include in Fedora libsilc packages, but does not seem to be used by rest of the library, or by pidgin / libpurpe, which should be the only application in Fedora using this library. This may affect other applications using libsilc. This does not affect libsilc packages shipped in Red Hat Enterprise Linux 4 and 5, as they do not include SILC HTTP server implementation.
libsilc-1.1.8-7.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/libsilc-1.1.8-7.fc11
libsilc-1.1.8-7.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/libsilc-1.1.8-7.fc10
libsilc-1.1.8-7.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
libsilc-1.1.8-7.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.