Pidgin 2.6.6 is fixing a denial of service (remotely-triggered high CPU use) triggered by large amount of "smileys" in received instant messages. This issue is addressed by setting a limit on number of smileys processed.
Created attachment 394494 [details] Upstream patch to be included in 2.6.6
Public now via: http://pidgin.im/news/security/
http://pidgin.im/news/security/?id=45
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0115 https://rhn.redhat.com/errata/RHSA-2010-0115.html
pidgin-2.6.6-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
pidgin-2.6.6-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
pidgin-2.6.6-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.