Home Pidgin IM Client 2.10.0 Closes Holes

Pidgin IM Client 2.10.0 Closes Holes

Version 2.10.0 of Pidgin is now available to download. This latest maintenance and security update includes a number of bug fixes and addresses three vulnerabilities in the open source instant messenger (IM) application.
A bug in the libpurple library, used by Pidgin and other IM clients such as Adium and Meebo, that could lead Pidgin to crash on some operating systems has been fixed. According to the developers, the problem concerned certain characters in IRC user nicknames that could lead to a null pointer problem in the IRC protocol plugin. Clients based on version 2.8.0 through 2.9.0 libpurple are affected.
The update also fixes a problem in the MSN protocol plugin that could cause the application to try to access memory that it should not. The developers note that the vulnerability only affects users that enable the HTTP connection method, which is disabled by default, and that they “believe remote code execution is not possible”.
In the Windows builds, when users click on a file:// URI received in an IM, previous versions of Pidgin would attempt to execute the file. This could be dangerous if, for example, it led to a malicious file on a network share. Instead, the new version now opens a file browser at the file’s location.
Further information about the update, including a full list of bug fixes, can be found in the change log. Pidgin 2.10.0 is available to download for Windows, Mac OS X and Linux; as Ubuntu ships with Pidgin, but does not typically update it after a release, users should refer to the Ubuntu specific install page on the Pidgin site to install it on Ubuntu. Hosted on SourceForge, Pidgin is licensed under the GNU General Public Licence (GPL).
Source The H Open Source

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.