Versions 3.2.0 and earlier of the pidgin-otr plugin contain
a format string security flaw. This flaw could potentially be
exploited by a remote attacker to cause arbitrary code to be
executed on the user's machine.
The flaw is in pidgin-otr, not in libotr. Other applications
that use libotr are not affected.