Users of Pidgin and other alternative IM clients need to update their software following the discovery of potentially serious security flaws. Pidgin, Finch, Adium, Meebo, and Gaim are all vulnerable to a flaw that stems from a bug in Libpurple, library software for multi-protocol support that's used by many IM clients. The …
That's all well and good, but the latest version on Windows is still 2.5.8!
Another issue it highlights...
"The issue provides further evidence that users of alternative client software may remove themselves from the main line of attacks but not from the need to patch their systems."
That's not the only issue it highlights - because I'm so used to software automatically checking for updates, I was still using Pidgin 2.4.x . I hadn't even thought to manually check to see if there was a new version until I read this story. I'm not sure what the bigger problem is really - the fact that I'm now so conditioned to expect all software to check for updates that checking manually never occurred, or the fact that Pidgin doesn't check.
Nah, sod it. It's the developers fault. Where's the auto update functionality :p
2.6.1 on Windows here.
Keep up at the back!
That explains the updated that got pushed to me today. Not by Windows Update, not by Pidgin, bu the pretty good, consistent and encompassing package manager in Ubuntu.
It so nice to have one application that keeps tabs on everything, and not have to rely on individual apps checking when they start or installing their own services.
I guess Windows will enter the 21st centry one day.
GregC Pidgin when it loads checks for an update. And tells you to download t.
you need to enable the Release Notification plugin to get update notices on window versions.
what we need here is to close down any requests for updates because the users don't know what they need.
mine's the one with the resizable text area in it's pocket
Not programs job to check for updates
"because I'm so used to software automatically checking for updates, I was still using Pidgin 2.4.x"
The thing is, programs on Linux do not typically check for updates, because that's the package manager's job. I got my pidgin updates yesterday on my Ubuntu boxes, before the story even broke! This is I guess one consequence of running a Windows box, then running a bunch of ports of Linux software on it -- better check for updates for them!
App has a bug, app fixed bug, updates already auto-pushed. Umm, the story is what ?