Greetings everyone! As you may have heard there was a incident with the Arch Linux User Repository where some malware had been added to many packages.
Fortunately, Pidgin itself was not affected, but unfortunately some third party plugins were affect and they are listed below.
Details are a little sparse, but it looks like this has all happened in the past 48 hours. So if you have updated any of the affected packages in that time frame, make sure to update them to remove the malware and I would also recommended treating this as everything on your machine has been compromised because I can not find details of what exactly the malware does.
- pidgin-cmds
- pidgin-im-gnome-shell-extension
- pidgin-kwallet
- pidgin-nudge-svn
Additional information is available on this AUR General mailing list thread including the full list of affected packages.