2.14.7 Released!

Notice for Windows users: We are aware of an issue with the installer failing to download the dictionaries used for spellchecking. We are currently working on a fix and hope to have this resolved as soon as possible.

Yet another minor version of Pidgin has been released, 2.14.7. This release includes a bunch of random fixes for issues that were found by Google OSS-Fuzz.

As far as we can tell, none of these issues are remotely exploitable, but you should update for the memory leak fixes alone.

libpurple:

  • Fix leak in purple_markup_find_tag on error. (OSS-Fuzz 35816 ) (Review 924) (Elliott Sales de Andrade)
  • Fix an issue where the XMPP utility tests would fail if libidn was disabled. (Review 922) (Gary Kramlich)
  • Fix an assert in purple_markup_html_to_xhtml (OSS-Fuzz 35029 ) (Review 921) (Elliott Sales de Andrade)
  • Fix building on Haiku (Review 916) (Haiku Ports Team)
  • Correctly free parse tags at end of purple_html_to_xhtml (OSS-Fuzz 34996 ) (Review 913) (Elliott Sales de Andrade)
  • Fix leak that may occur when xmlnode_from_str fails (OSS-Fuzz 34988 ) (Review 911) (Elliott Sales de Andrade)
  • Cleanup, standardize and create starting corpora for all of the fuzzers. (Review 920) (Gary Kramlich)
  • Port purple_str_to_time to use a regular expression and add additional unit tests for it. (Review 923) (Gary Kramlich)

Looking to reach us via XMPP? Check out the new PidginChat service!