Many security issues in Pidgin
Pidgin 2.10.8 came out and fixes lots of security issues. The Debian security plans to:
- take it as is into Wheezy (instead of trying to backport all the bugfixes)
- EOL Pidgin in Squeeze
So, we cannot simply wait for things to be fixed elsewhere.
I think our only option is to backport Pidgin 2.10.8 for Squeeze, which I've done in a branch, and successfully tested (IRC, XMPP, OTR for both).
Once 2.10.8 reaches Wheezy, I'll upload the backport to the official Debian squeeze-backports.