Description
It was discovered that libpurple versions prior to 2.7.10 do not properly clear
certain data structures used in libpurple/cipher.c prior to freeing. An
attacker could potentially extract partial information from memory regions freed
by libpurple.
Mitigation
Proper structure clearing has been implemented.