main/pidgin: security upgrade to 2.10.9 (various CVEs)

fixes #2678

CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding

1 files changed, 2 insertions, 2 deletions

diff --git a/main/pidgin/APKBUILD b/main/pidgin/APKBUILD
index f64eb20249..c15d6c675c 100644
--- a/main/pidgin/APKBUILD
+++ b/main/pidgin/APKBUILD
@@ -1,6 +1,6 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=pidgin
-pkgver=2.10.7
+pkgver=2.10.9
 pkgrel=0
 pkgdesc="graphical multi-protocol instant messaging client for X"
 url="http://pidgin.im/"
@@ -69,5 +69,5 @@ libpurple() {
 	mv "$pkgdir"/usr/share/purple "$pkgdir"/usr/share/sounds \
 		"$subpkgdir"/usr/share/
 }
-md5sums="ea88976b9952e80b702b030489f94393  pidgin-2.10.7.tar.bz2
+md5sums="10a4a69d077893f6dd3438cd8af94e81  pidgin-2.10.9.tar.bz2
 3cf0c3a476007781f4b0d855817cf58a  pidgin-libm.patch"