2.14.5 Released!

Notice for Windows users: We are aware of an issue with the installer failing to download the dictionaries used for spellchecking. We are currently working on a fix and hope to have this resolved as soon as possible.

Whoops we missed May, but hopefully you all enjoy this kind of rushed release!

Why was it rushed? Well a certain unnamed broker of software vulnerabilities posted a bounty for vulnerabilities in Pidgin. Thus we quickly ran a bunch of static analysis tools and patched everything we could find.

We have no reason to believe that 2.14.5 is any safer than 2.14.4 as the issues the static analysis found should not be exploitable. However, we didn’t want to take a chance and leave them in.

We also changed the default value of the Enable automatic router port forwarding preference from on to off. We suggest you disable this setting as well if you’re upgrading and you don’t typically send files directly to other users.

For the first time in a long time we updated our bundled TLS Certificates. This should hopefully avoid some certificate warnings for some users but there’s a good chance some third party protocol plugins users might still see them.

Finally, with all the events regarding the Freenode and Libera IRC networks, we decided to change the default IRC server from irc.freenode.net to irc.libera.chat. We will maintain a presence on both networks for as long as we have users there.

The complete changelog for this release is the following:

General:

IRC:

  • Changed the default server to irc.libera.chat. (Review 675) (Gary Kramlich)

Windows Specific Changes:

  • Fixed the installer not running when Mandatory ASLR was turned on. (Review 721) (PIDGIN-17524) (Gary Kramlich)

You can find 2.14.5 on SourceForge.

We hope everyone enjoys this release and the fixes it brings. Remember that if you have any questions or comments we have a variety of channels where you can reach out to us.

Looking to reach us via XMPP? Check out the new PidginChat service!