Pidgin 2.14.13

Pidgin is a widely-used and featureful instant messenger and chat client. It supports AIM, Bonjour, Gadu-Gadu, Google Talk, Groupwise, ICQ, IRC, MSN, MXit, GroupWise, SILC, SIMPLE, Sametime, XMPP (Jabber), Yahoo!, Zephy. It provides friend lists across chat networks, file transfers, avatars, custom smileys, typing status display, away messages, and many more features (encryption, audio alerts, LED notification, IRC scripting, SMS gateways, sessions, auto-replys) and IM services (Tor, Twitter, WhatsApp, Facebook, QQ) through plugins.

Tags c gtk chat instant-messenger xmpp cross-platform internet-relay-chat
License GNU GPL
State initial

Recent Releases

2.14.1325 Feb 2024 15:45 minor bugfix: : compile warning (Wcast-function-type). (RR 2225) (Markus Fischer). memory leak originating in purple_prefs_connect_callback. (RR 2226). (Markus Fisher). Don't use the Real name as a candidate for the SASL username in IRC. (RR 2535) (Gary Kramlich). Don't link with libgadu unnecessarily. (RR 2684) (Elliott Sales de Andrade). Make collapsed groups searchable in the buddy list. (PIDGIN-7877). (RR 1494) (Belgin Știrbu). incompatible type conversion errors. (PIDGIN-17850) (RR 2944). (Jaroslav Škarvada, Elliott Sales de Andrade). Stop removing -Wall from CFLAGS. (PIDGIN-16593) (RR 2946) (Elliott Sales de Andrade). Updated the spell checking dictionaries on Windows. (Gary Kramlich). Resolved the crash on exit under Windows by reverting to the old toolchain. (PIDGIN-17710) (Gary Kramlich).
2.14.1205 Jan 2023 15:45 minor bugfix: : Remove a string from the Romanian translation that's breaks the creation of the Windows installer. (RR 2157) (Gary Kramlich).
2.14.1101 Jan 2023 08:25 minor bugfix: : Add Markus "ivanhoe" Fischer to the Crazy Patch Writers! Congrats Markus!. (RR 1952) (Gary Kramlich). a crash when closing a group chat with spellchk plugin enabled. (RR (Markus Fischer). network interface detection on Windows to broken file transfers. (PIDGIN-17123, PIDGIN-17293, PIDGIN-17516, PIDGIN-17704) (RR 2018) (Gary Kramlich). Update the about box to point people to Discourse instead of the mailing lists. (RR 2154) (Gary Kramlich).
2.14.1003 Jun 2022 03:21 minor bugfix: : General: Audit and correct the COPYRIGHT file. (RR 1425) (Richard Laager). a spelling error in a demessage for proxies. (RR 1426) (Richard Laager). Install some emojis already in the theme but not being installed. (RR 1428) (Richard Laager). Drop the QQ smileys as we don't ship QQ anymore. (PIDGIN-14385) (RR 1429). (Richard Laager). Modernize the desktop file. (RR 1433) (Richard Laager). Modernize the appdata file. (RR 1431) (Richard Laager). Make privacy settings persist. (PIDGIN-17137) (RR 1463) (Belgin Știrbu). Pidgin: a use after free that was introduced in 2.14.9. (RR 1488) (ivanhoe). IRC: a crash if the server sends a short form JOIN message. (PIDGIN-17375). (RR 1484) (Belgin Știrbu). XMPP: a regression from 2.14.9 where XMPP accounts state would get lost after failing to connect. (PIDGIN-17621) (RR 1455) (Belgin Știrbu). a crash when requesting your own info in an XMPP conference. (RR 1465). (Belgin Știrbu). hang when completing a file transfer over XMPP. (RR 1466) (Belgin. Știrbu). updating custom smileys. (PIDGIN-17153) (RR 1477) (Belgin Știrbu). unblocking users. (PIDGIN-16414) (RR 1479) (Belgin Știrbu). a crash when cancelling a file transfer. (PIDGIN-17189) (RR 1485). (Belgin Știrbu).
2.14.929 Apr 2022 03:45 major bugfix: : Security: Remove _xmppconnect support. (RR 1357) (CVE-2022-26491) (Gary Kramlich). libpurple: a GLib CRITICAL message with typing time outs. (RR 1123) (Mohammed Sadiq). an where the unit tests for purple_str_to_time would fail. (GENTOO-819774) (RR 1238) (Gary Kramlich). Pidgin: a memory leak in pidgin_conversations_set_tab_colors. (RR 1244). (ivanhoe). the majority of the infinite resizing in the input box. (PIDGIN-16753, PIDGIN-16999, PIDGIN-17287, PIDGIN-17413, PIDGIN-17430, PIDGIN-17568, PIDGIN-17602) (RR 1342) (Belgin Știrbu). Add transient-buddy back which is used to show some context menus and other things. (PIDGIN-17523) (RR 1381) (Belgin Știrbu). Windows: the download of dictionaries in the Windows installer. (PIDGIN-14618, PIDGIN-15648, PIDGIN-15540, PIDGIN-14612, PIDGIN-14893) (RR 1303) (Gary Kramlich). Translations: a typo in the German translations. (PIDGIN-17575) (RR 1242) (ivanhoe). Synced all of the translations with Transifex. IRC: IRC file transfers on Windows. (PIDGIN-17175) (RR 1382) (Belgin. Știrbu). file transfers failing at 99 on IRC. (PIDGIN-15893) (RR 1385) (Belgin. Știrbu). Default realname and ident name in IRC to the username (nickname) of the account. (PIDGIN-17610) (RR 1386) (Belgin Știrbu). Add an advanced account option to IRC accounts for explicitly setting the SASL login name. (PIDGIN-15451) (RR 1388) (Belgin Știrbu). Added a rate limiter that should make it impossible to excess flood. (RR 1391) (Gary Kramlich). SIMPLE: an with the CSeq numbers in SIMPLE. (PIDGIN-9675) (RR 1379). (dohmniq). XMPP: XMPP attention messages being sent to incorrect JIDs. (PIDGIN-14714). (RR 1387) (itsnotabigtruck, Belgin Știrbu).
2.14.807 Jan 2022 03:17 minor bugfix: : libpurple: a regression in purple_str_to_time. (PIDGIN-17552) (RR 931) (Gary Kramlich). XMPP: a double free in jabber/message.c. (PIDGIN-17547) (RR 932) (Gary Kramlich, pv32768). Pidgin: the link to the support mailing list archive in the About Dialog. (RR 929) (Gary Kramlich).
2.13.007 Apr 2018 07:05 major bugfix: : libpurple: Unified string comparison. (Arkadiy Illarionov). Properlly shell escape URI's when opening them. (PR #271 Daniel Kamil Kozar). a one byte buffer overread in function purple_markup_linkify. an were utf8 was incorrectly truncated which could lead to crashes as we were potentially feeding garbage into glib/gtk. libgnt: build against curses 6.0 with opaque structs set.. (PR #268 Daniel Kamil Kozar). a crash when resizing the window. (PR #269 Daniel Kamil Kozar). General: bashism in autotools. (PR #267 Daniel Kamil Kozar). XMPP: Show XEP-0066 OOB URLs in any message, not just headlines. a user after free (PR #266 Ethan Blanton). Removed pipelining from BOSH connections. Don't try to TLS already secured BOSH connections. IRC: "Registration timeout" on SASL auth with InspIRCd servers. (and possibly others not based on charybdis/ratbox/ircd-seven). with plugins that modify outgoing messages. (such as the custom PART/QUIT feature of the IRC More plugin). IRC buffer handling.. Properly handle AUTHENTICATE as a normal command with server pre. (PR #316 dx). a crash caused by a use after free of the MOTD. an out of bounds read in irc_nick_skip_mode. a write of a single byte before the start of a buffer in irc_parse_ctcp. Pidgin: Better support for dark themes.. IPv6 links by not escaping 's. (PR #270 Daniel Kamil Kozar). Only write buddy icons to the cache if they're not already cached. (PR #276 David Woodhouse). Rejoin persistent chats after reconnect.. Made the WIN32 Transparency plugin work on all platforms.. Ensure search results buttons are labeled. matching unicode smilies.. Correctly update mute/unmute status when the remote side mutes/unmutes us.. Rework the status icon blinking to not used deprecated API.. Don't allow adding a buddy to protocols that don't have an add_buddy callback.. Finch: handling of search results. Voice Video: Port backend-fs to newer api for farstream relay-info property.
2.12.013 Mar 2017 06:45 major bugfix: : Libpurple: an out of bounds memory read in purple_markup_unescape_entity. CVE-2017-2640. Use of uninitialised memory if running non-de-enabled versions of glib. Updated AIM dev and dist ID's to new ones that were assigned by AOL. TLS certificate verification now uses SHA-256 checksums. SASL external auth for Freenode. Removed the MSN protocol plugin. It has been unusable and dormant for some. Time. MSNP18 has been discontinued and the protocol plugin would require a Large update to start working again. See: The Third-party Pidgin SkypeWeb plugin, however, should provide enough Functionality as a replacement if people still want to use MSN: Https:// Removed Mxit protocol plugin. The service was at the end of September 2016. See. Https:// Removed the MySpaceIM protocol plugin. The service has been defunct for a. Long time. Remove the Yahoo! protocol plugin. Yahoo has completely. Reimplemented their protocol, so this version is no longer operable as of August 5th, 2016: Https:// A new protocol plugin has been written to support the new protocol. It can be found here: This also removes support for Yahoo! Japan. According to. Http:// the service ended March 26th, 2014. Remove the Facebook (XMPP) account option. According to. Https:// the XMPP Chat API service Ended April 30th, 2015. A new protocol plugin has been written, Using a different method, to support Facebook. It can be found at Https:// Gnutls certificate validation errors that mainly affected google (Dequis). General. Replaced instances of with and updated the. Urls to use https. IRC. of messages being silently cut off at 500 chara
2.10.1202 Jan 2016 11:25 minor feature: General.. purple-url-handler now works with Python 3.x, an where transient startup statuses could be deleted Pidgin.. The shout smile now matches the default theme. Windows-Specific Changes.. Updates to dependencies: Cyrus SASL 2.1.26. libxml2 2.9.2. NSS 3.20.1 and NSPR 4.10.10. Perl 5.20.1. SILC 1.1.12. Remove support for Tcl plugins. Gadu-Gadu.. Updated internal libgadu to version 1.12.1.
2.10.1124 Nov 2014 03:17 minor feature: General Fix handling of Self-Signed SSL/TLS Certificates when using the NSS plugin , Improve default cipher suites used with the NSS plugin , Add NSS Preferences plugin which allows the SSL/TLS Versions and cipher suites to be configured , Gadu-Gadu Fix a bug that prevented plugin to load when compiled without GnuTLS. Fix build for platforms without AF_LOCAL definition. MSN Fix broken login due to server change , Fail early when buddy list is unavailable instead of wasting bandwidth endlessly re-trying.
2.10.1028 Oct 2014 09:45 security: Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins. (Discovered by an anonymous person and Jacob Appelbaum of the Tor Project, with thanks to Moxie Marlinspike for first publishing about this type of vulnerability. Thanks to Kai Engert for guidance and for some of the NSS changes) (CVE-2014-3694) Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL. (Elrond and Ashish Gupta)