Pidgin IM client 2.9.0 closes security vulnerability

"The Pidgin development team has announced the release of version 2.9.0
of its open source instant messenger application. This latest
maintenance and security update addresses a potential denial-of-service
(DoS) vulnerability caused by corrupt buddy icons. According to the
developers, using a specially-crafted GIF image file as their buddy
icon, a remote attacker could cause the application to be terminated due
to excessive memory use."