Pidgin 2.12.0

Pidgin is a widely-used and featureful instant messenger and chat client. It supports AIM, Bonjour, Gadu-Gadu, Google Talk, Groupwise, ICQ, IRC, MSN, MXit, GroupWise, SILC, SIMPLE, Sametime, XMPP (Jabber), Yahoo!, Zephy. It provides friend lists across chat networks, file transfers, avatars, custom smileys, typing status display, away messages, and many more features (encryption, audio alerts, LED notification, IRC scripting, SMS gateways, sessions, auto-replys) and IM services (Tor, Twitter, WhatsApp, Facebook, QQ) through plugins.

Tags c gtk chat instant-messenger icq xmpp cross-platform
License GNU GPL
State initial

Recent Releases

2.12.013 Mar 2017 06:45 major bugfix: : Libpurple: an out of bounds memory read in purple_markup_unescape_entity. CVE-2017-2640. Use of uninitialised memory if running non-de-enabled versions of glib. Updated AIM dev and dist ID's to new ones that were assigned by AOL. TLS certificate verification now uses SHA-256 checksums. SASL external auth for Freenode. Removed the MSN protocol plugin. It has been unusable and dormant for some. Time. MSNP18 has been discontinued and the protocol plugin would require a Large update to start working again. See: The Third-party Pidgin SkypeWeb plugin, however, should provide enough Functionality as a replacement if people still want to use MSN: Https:// Removed Mxit protocol plugin. The service was at the end of September 2016. See. Https:// Removed the MySpaceIM protocol plugin. The service has been defunct for a. Long time. Remove the Yahoo! protocol plugin. Yahoo has completely. Reimplemented their protocol, so this version is no longer operable as of August 5th, 2016: Https:// A new protocol plugin has been written to support the new protocol. It can be found here: This also removes support for Yahoo! Japan. According to. Http:// the service ended March 26th, 2014. Remove the Facebook (XMPP) account option. According to. Https:// the XMPP Chat API service Ended April 30th, 2015. A new protocol plugin has been written, Using a different method, to support Facebook. It can be found at Https:// Gnutls certificate validation errors that mainly affected google (Dequis). General. Replaced instances of with and updated the. Urls to use https. IRC. of messages being silently cut off at 500 chara
2.10.1202 Jan 2016 11:25 minor feature: General.. purple-url-handler now works with Python 3.x, an where transient startup statuses could be deleted Pidgin.. The shout smile now matches the default theme. Windows-Specific Changes.. Updates to dependencies: Cyrus SASL 2.1.26. libxml2 2.9.2. NSS 3.20.1 and NSPR 4.10.10. Perl 5.20.1. SILC 1.1.12. Remove support for Tcl plugins. Gadu-Gadu.. Updated internal libgadu to version 1.12.1.
2.10.1124 Nov 2014 03:17 minor feature: General Fix handling of Self-Signed SSL/TLS Certificates when using the NSS plugin , Improve default cipher suites used with the NSS plugin , Add NSS Preferences plugin which allows the SSL/TLS Versions and cipher suites to be configured , Gadu-Gadu Fix a bug that prevented plugin to load when compiled without GnuTLS. Fix build for platforms without AF_LOCAL definition. MSN Fix broken login due to server change , Fail early when buddy list is unavailable instead of wasting bandwidth endlessly re-trying.
2.10.1028 Oct 2014 09:45 security: Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins. (Discovered by an anonymous person and Jacob Appelbaum of the Tor Project, with thanks to Moxie Marlinspike for first publishing about this type of vulnerability. Thanks to Kai Engert for guidance and for some of the NSS changes) (CVE-2014-3694) Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL. (Elrond and Ashish Gupta)