Pidgin is an instant messaging program which lets you log in to accounts on multiple chat networks simultaneously. It runs on Windows, Linux, and other UNIX operating systems. Download Pidgin 2.14.1 for Mac from FileHorse. 100% Safe and Secure A multi-service messenger software that lets you chat with users.
News
9 Mar 2016
Versions 4.1.0 and earlier of libotr in 64-bit builds contain an integer overflow security flaw. This flaw could potentially be exploited by a remote attacker to cause a heap buffer overflow and subsequently for arbitrary code to be executed on the user's machine.
CVE-2016-2851 has been assigned to this issue.
Please upgrade to libotr version 4.1.1 immediately.
Users of libotr packages in Linux and *BSD distributions should see updated packages shortly.
This security release includes the following updates:
- Fix an integer overflow bug that can cause a heap buffer overflow (and from there remote code execution) on 64-bit platforms
- Fix possible free() of an uninitialized pointer
- Be stricter about parsing v3 fragments
- Add a testsuite ('make check' to run it), but only on Linux for now, since it uses Linux-specific features such as epoll
- Fix a memory leak when reading a malformed instance tag file
- Protocol documentation clarifications
This point release includes the following updates:
- Fix use-after-free issue during SMP
- Updated Spanish, German, Norwegian Bokmål translations
- New Danish translation
- The Windows binary has been linked with updated versions of libotr, libgcrypt, libgpg-error, and other supporting libraries