pidgin 2.10.10 发布了!
更新日志:
General Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins. (Discovered by an anonymous person and Jacob Appelbaum of the Tor Project, with thanks to Moxie Marlinspike for first publishing about this type of vulnerability. Thanks to Kai Engert for guidance and for some of the NSS changes) (CVE-2014-3694) Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL. (Elrond and Ashish Gupta) (#15909)
Windows-Specific Changes NSS 3.17.1 and NSPR 4.10.7 Don't allow overwriting arbitrary files on the file system when the user installs a smiley theme via drag-and-drop. (Discovered by Yves Younan of Cisco Talos) (CVE-2014-3697) Updates to dependencies
XMPP Fix potential information leak where a malicious XMPP server and possibly even a malicious remote user could create a carefully crafted XMPP message that causes libpurple to send an XMPP message containing arbitrary memory. (Discovered and fixed by Thijs Alkemade and Paul Aurich) (CVE-2014-3698) Fix Facebook XMPP roster quirks. (#15041, #15957)
Pidgin 原名 Gaim,是一款采用 GTK 开发的跨平台即时聊天客户端软件,支持包括 Aim、ICQ (基于Oscar协议)、MSN Messenger、Yahoo、IRC、Jabber、Gadu-Gadu、SILC、Groupwise Messenger和Zephyr等即时通信软件。你可以同时用不同的账号在多个即时通信网络中登录。这意味着你可以一边与AOL Instant Messenger上的朋友聊天,一边向Yahoo Messenger上的同事发送文件,同时还能在某个IRC频道中聊天。
Pidgin(Gaim)对这些即时通信网络的支持相当全面,除了一般的聊天之外,像文件传输、离开提示、键入提示等等都可以支持。此外,它还拥有 不少独特的功能。最流行 的要算是好友提醒功能了,当某个特定的好友离开或者脱机,它会用某种方式对你进行提醒,比如发送消息、播放声音甚至运行某个程序。
| 
