Pidgin Changelog

What's new in Pidgin 2.13.0

Mar 9, 2018
  • libpurple:
  • Unified string comparison. (PR #186) (Arkadiy Illarionov)
  • Properlly shell escape URI's when opening them. (PR #271 Daniel Kamil Kozar)
  • libgnt:
  • Fixed build against curses 6.0 with opaque structs set. (#16764 dimstar) (PR #268 Daniel Kamil Kozar)
  • Fixed a crash when resizing the window. (#16680 marcus) (PR #269 Daniel Kamil Kozar)
  • General:
  • Fixed bashism in autotools. (#16836 lameventanas) (PR #267 Daniel Kamil Kozar)
  • XMPP:
  • Show XEP-0066 OOB URLs in any message, not just headlines
  • Fix a user after free (#17200 debarshiray) (PR #266 Ethan Blanton)
  • IRC:
  • Fix "Registration timeout" on SASL auth with InspIRCd servers (and possibly others not based on charybdis/ratbox/ircd-seven)
  • Fix issues with plugins that modify outgoing messages (such as the custom PART/QUIT feature of the IRC More plugin)
  • Pidgin:
  • Better support for dark themes. (#12572 Alyssa Rosenzweig and Gary Kramlich)
  • Fixed IPv6 links by not escaping []'s. (#16391 cyisfor) (PR #270 Daniel Kamil Kozar)
  • Only write buddy icons to the cache if they're not already cached. (PR #276 David Woodhouse)
  • Finch:
  • Fix handling of search results (#17238 David Woodhouse)

New in Pidgin 2.12.0 (Mar 11, 2017)

  • libpurple:
  • Fix an out of bounds memory read in purple_markup_unescape_entity. CVE-2017-2640
  • Fix use of uninitialised memory if running non-debug-enabled versions of glib
  • Updated AIM dev and dist ID's to new ones that were assigned by AOL.
  • TLS certificate verification now uses SHA-256 checksums.
  • Fixed SASL external auth for Freenode.
  • Removed the MSN protocol plugin. It has been unusable and dormant for some time. MSNP18 has been discontinued and the protocol plugin would require a large update to start working again. See: http://ismsndeadyet.com/ The third-party Pidgin SkypeWeb plugin, however, should provide enough functionality as a replacement if people still want to use MSN: https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb
  • Removed Mxit protocol plugin. The service was closed at the end of September 2016. See https://pidgin.im/pipermail/devel/2016-September/024078.htm
  • Removed the MySpaceIM protocol plugin. The service has been defunct for a long time. (#15356)
  • Remove the Yahoo! protocol plugin. Yahoo has completely reimplemented their protocol, so this version is no longer operable as of August 5th, 2016: https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product A new protocol plugin has been written to support the new protocol. It can be found here: https://github.com/EionRobb/funyahoo-plusplus This also removes support for Yahoo! Japan. According to http://messenger.yahoo.co.jp/ the service ended March 26th, 2014.
  • Remove the Facebook (XMPP) account option. According to https://developers.facebook.com/docs/chat the XMPP Chat API service ended April 30th, 2015. A new protocol plugin has been written, using a different method, to support Facebook. It can be found at https://github.com/dequis/purple-facebook/wiki
  • Fixed gnutls certificate validation errors that mainly affected google (Dequis)
  • General:
  • Replaced instances of d.pidgin.im with developer.pidgin.im and updated the urls to use https. (#17036)
  • IRC:
  • Fixed issue of messages being silently cut off at 500 characters. Large messages are now split into parts and sent one by one. (#4753)

New in Pidgin 2.11.0 (Jun 21, 2016)

  • General:
  • 2.10.12 was accidentally released with new additions to the API and should have been released as 2.11.0. Unfortunately, we did not catch the mistake until after 2.10.12 was released, but we're fixing it now. See ChangeLog.API for more information.
  • Include the Mozilla certificate bundle. This fixes connecting to servers with certificates from Let's Encrypt.
  • Remove all 1024-bit CAs
  • libpurple:
  • media: fix an issue with ximagesink displaying only a corner cut-out of a larger webcam video (Jakub Adam)
  • mediamanager: update output window destruction so that it reflects recent changes in the media pipeline structure (Jakub Adam)
  • Ported Instantbird's CommandUiOps to libpurple (Dequis)
  • Pidgin:
  • Fixed #14962
  • Fixed alignment of incoming right-to-left messages in protocols that don't support rich text
  • Fix a potential crash while exiting pidgin
  • AIM:
  • Add support for the newer kerberos-based authentication of AIM 8.x
  • Windows-Specific Changes:
  • Use getaddrinfo for DNS to enable IPv6 (#1075)
  • Updates to dependencies:
  • NSS 3.24 and NSPR 4.12.
  • Bonjour:
  • Fixed building on Mac OSX (Patrick Cloke) (#16883)
  • ICQ:
  • Stop truncating passwords to 8 characters like old ICQ clients did. (#16692). If you actually needed this, truncate your password manually by pressing backspace a few times.
  • IRC:
  • Base64-decode SASL messages before passing to libsasl (#16268)
  • MXit:
  • Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0120)
  • Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0140)
  • Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
  • Fixed an invalid read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0118)
  • Fixed a remote buffer overflow vulnerability. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0119)
  • Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0123)
  • Fixed a directory traversal issue. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0128)
  • Fixed a remote denial of service vulnerability that could result in a null pointer dereference. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0133)
  • Fixed a remote denial of service that could result in an out-of-bounds read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134)
  • Fixed multiple remote buffer overflows. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0136)
  • Fixed a remote NULL pointer dereference. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0137)
  • Fixed a remote code execution issue discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0142)
  • Fixed a remote denial of service vulnerability in contact mood handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141)
  • Fixed a remote out-of-bounds write vulnerability. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0139)
  • Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0143)

New in Pidgin 2.10.12 (Jan 2, 2016)

  • General:
  • purple-url-handler now works with Python 3.x (DaniĆ«l van Eeden)
  • Fixed an issue where transient startup statuses could be deleted (Jakub Adam) (#16762)
  • Pidgin:
  • The shout smile now matches the default theme (Steve Vaught)
  • Gadu-Gadu:
  • Updated internal libgadu to version 1.12.1.

New in Pidgin 2.10.11 (Mar 7, 2015)

  • General:
  • Fix handling of Self-Signed SSL/TLS Certificates when using the NSS plugin (#16412)
  • Improve default cipher suites used with the NSS plugin (#16262)
  • Add NSS Preferences plugin which allows the SSL/TLS Versions and cipher suites to be configured (#8061)
  • Gadu-Gadu:
  • Fix a bug that prevented plugin to load when compiled without GnuTLS. (mancha) (#16431)
  • Fix build for platforms without AF_LOCAL definition. (#16404)
  • MSN:
  • Fix broken login due to server change (dx, TReKiE). (#16451, #16455)
  • Fail early when buddy list is unavailable instead of wasting bandwidth endlessly re-trying.

New in Pidgin 2.5.8 (Feb 18, 2010)

  • Based on Pidgin 2.5.8.
  • Facebook fix by Greg Satz.
  • Sametime/meanwhile support.
  • Smaller fixes.

New in Pidgin 2.5.5 V2 (Mar 12, 2009)

  • fixed some bugs in the Gtk+ framework to make it working bundled in an app-bundle
  • statically linked in most official Pidgin plugins (but extended Pidgin source that not all of them are loaded by default)
  • build own Gtk+ framework from Gtk+ SVN trunk
  • MacOSX notify support (the icon jumps on a new message or any other event; that is the pidgin_set_urgent function)
  • OTR plugin builtin (based on Pidgin OTR 3.1.0)
  • added SSL support (builtin GnuTLS 2.6.4)
  • updated Pidgin source to 2.5.5
  • Facebookchat plugin builtin
  • Gfire plugin builtin