Multiple vulnerabilities has been discovered and corrected in pidgin:

When receiving various stanzas related to voice and video chat,
the XMPP protocol plugin failed to ensure that the incoming message
contained all required fields, and would crash if certain fields
were missing.

When receiving various messages related to requesting or receiving
authorization for adding a buddy to a buddy list, the oscar protocol
plugin failed to validate that a piece of text was UTF-8. In some
cases invalid UTF-8 data would lead to a crash (CVE-2011-4601).

When receiving various incoming messages, the SILC protocol plugin
failed to validate that a piece of text was UTF-8. In some cases
invalid UTF-8 data would lead to a crash (CVE-2011-3594).

This update provides pidgin 2.10.1, which is not vulnerable to
these issues.