-
Latest Version
-
Operating System
Windows (All Versions)
-
User Rating
Click to vote -
Author / Product
-
Filename
pidgin-2.10.10.exe
-
MD5 Checksum
0d6b30535fcdf659a731c069507806a5
Sometimes latest versions of the software can cause issues when installed on older devices or devices running an older version of the operating system.
Software makers usually fix these issues but it can take them some time. What you can do in the meantime is to download and install an older version of Pidgin 2.10.10.
For those interested in downloading the most recent release of Pidgin or reading our review, simply click here.
All old versions distributed on our website are completely virus-free and available for download at no cost.
We would love to hear from you
If you have any questions or ideas that you want to share with us - head over to our Contact page and let us know. We value your feedback!
What's new in this version:
General:
- Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins. (Discovered by an anonymous person and Jacob Appelbaum of the Tor Project, with thanks to Moxie Marlinspike for first publishing about this type of vulnerability. Thanks to Kai Engert for guidance and for some of the NSS changes) (CVE-2014-3694)
- Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL. (Elrond and Ashish Gupta) (#15909)
libpurple3 compatibility:
- Encrypted account passwords are preserved until the new one is set.
- Fix loading Google Talk and Facebook XMPP accounts.
Windows-Specific Changes:
- Don't allow overwriting arbitrary files on the file system when the user installs a smiley theme via drag-and-drop. (Discovered by Yves Younan of Cisco Talos) (CVE-2014-3697)
- Updates to dependencies:
NSS 3.17.1 and NSPR 4.10.7
Finch:
- Fix build against Python 3. (Ed Catmur) (#15969)
Gadu-Gadu:
- Updated internal libgadu to version 1.12.0.
Groupwise:
- Fix potential remote crash parsing server message that indicates that a large amount of memory should be allocated. (Discovered by Yves Younan and Richard Johnson of Cisco Talos) (CVE-2014-3696)
IRC:
- Fix a possible leak of unencrypted data when using /me command with OTR. (Thijs Alkemade) (#15750)
MXit:
- Fix potential remote crash parsing a malformed emoticon response. (Discovered by Yves Younan and Richard Johnson of Cisco Talos) (CVE-2014-3695)
XMPP:
- Fix potential information leak where a malicious XMPP server and possibly even a malicious remote user could create a carefully crafted XMPP message that causes libpurple to send an XMPP message containing arbitrary memory. (Discovered and fixed by Thijs Alkemade and Paul Aurich) (CVE-2014-3698)
- Fix Facebook XMPP roster quirks. (#15041, #15957)
Yahoo:
- Fix login when using the GnuTLS library for TLS connections. (#16172)
- OperaOpera 115.0 Build 5322.109 (64-bit)
- 4K Download4K Video Downloader+ 1.10.3 (64-bit)
- PhotoshopAdobe Photoshop CC 2025 26.2 (64-bit)
- OKXOKX - Buy Bitcoin or Ethereum
- iTop VPNiTop VPN 6.2.0 - Fast, Safe & Secure
- Premiere ProAdobe Premiere Pro CC 2025 25.1
- BlueStacksBlueStacks 10.41.642.1001
- Hero WarsHero Wars - Online Action Game
- TradingViewTradingView - Trusted by 60 Million Traders
- LockWiperiMyFone LockWiper (Android) 5.7.2
Comments and User Reviews