Version 2.10.0 of Pidgin is now available to download. This latest maintenance and security update includes a number of bug fixes and addresses three vulnerabilities in the open source instant messenger (IM) application.
A bug in the libpurple library, used by Pidgin and other IM clients such as Adium and Meebo, that could lead Pidgin to crash on some operating systems has been fixed. According to the developers, the problem concerned certain characters in IRC user nicknames that could lead to a null pointer problem in the IRC protocol plugin. Clients based on version 2.8.0 through 2.9.0 libpurple are affected.
The update also fixes a problem in the MSN protocol plugin that could cause the application to try to access memory that it should not. The developers note that the vulnerability only affects users that enable the HTTP connection method, which is disabled by default, and that they “believe remote code execution is not possible”.
In the Windows builds, when users click on a file:// URI received in an IM, previous versions of Pidgin would attempt to execute the file. This could be dangerous if, for example, it led to a malicious file on a network share. Instead, the new version now opens a file browser at the file’s location.
Further information about the update, including a full list of bug fixes, can be found in the change log. Pidgin 2.10.0 is available to download for Windows, Mac OS X and Linux; as Ubuntu ships with Pidgin, but does not typically update it after a release, users should refer to the Ubuntu specific install page on the Pidgin site to install it on Ubuntu. Hosted on SourceForge, Pidgin is licensed under the GNU General Public Licence (GPL).
Source The H Open Source
Most Popular Tech Stories
- Kelly Betting – How It Works and the Kelly Criterion Explained
- What are Pokies? – The Latest Guide to How Pokies Work in Australia
- AI industry needs annual revenues of more than the UAE’s GDP to offset costs
- Pepe Unchained Meme Token ICO Hits $2 Million – Could PEPU See a Post-Launch Surge Like PEPE?
- 4 Best Meme Coins to Buy with 100x Gains Potential – Top Picks for July 2024
Latest News
Does AI increase productivity at work? New study suggests otherwise
Artificial intelligence software reduces productivity and harms the working environment, according to a study from the freelance platform, Upwork. The findings appear to question how AI is being deployed at...