Package: pidgin Version: 2.11.0-0+deb8u1 Severity: grave Tags: security Justification: user security hole
Dear Maintainer, Like bugs #399786 and #518339, the mouse is warped to an open conversation window when a new message comes into that conversation. Typing a password at the time, and your password gets entered into that conversation. Never steal focus - there is never any valid reason for it. Especially not something as unimportant as a chat program. There appears to be no setting in preferences or plugins to disable this brain damage. -- System Information: Debian Release: 8.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (5, 'testing'), (1, 'experimental'), (1, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.8.4-040804-generic (SMP w/4 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages pidgin depends on: ii gconf2 3.2.6-3 ii libatk1.0-0 2.14.0-1 ii libc6 2.23-5 ii libcairo2 1.14.0-2.1+deb8u1 ii libdbus-1-3 1.10.10-1 ii libdbus-glib-1-2 0.102-1 ii libfontconfig1 2.11.0-6.3+deb8u1 ii libfreetype6 2.5.2-3+deb8u1 ii libgadu3 1:1.12.0-5 ii libgdk-pixbuf2.0-0 2.31.1-2+deb8u5 ii libglib2.0-0 2.48.0-1~bpo8+1 ii libgstreamer0.10-0 0.10.36-1.5 ii libgtk2.0-0 2.24.25-3+deb8u1 ii libgtkspell0 2.0.16-1.1 ii libice6 2:1.0.9-1+b1 ii libpango-1.0-0 1.36.8-3 ii libpangocairo-1.0-0 1.36.8-3 ii libpangoft2-1.0-0 1.36.8-3 ii libpurple0 2.11.0-0+deb8u1 ii libsm6 2:1.2.2-1+b1 ii libx11-6 2:1.6.2-3 ii libxml2 2.9.1+dfsg1-5+deb8u3 ii libxss1 1:1.2.2-1 ii perl-base [perlapi-5.20.2] 5.20.2-3+deb8u6 ii pidgin-data 2.11.0-0+deb8u1 Versions of packages pidgin recommends: ii gstreamer0.10-alsa 0.10.36-2 pn gstreamer0.10-ffmpeg <none> ii gstreamer0.10-plugins-base 0.10.36-2 ii gstreamer0.10-plugins-good 0.10.31-3+nmu4+b1 Versions of packages pidgin suggests: ii libsqlite3-0 3.8.7.1-1+deb8u2 -- no debconf information