It has always been vulnerable to MITM attacks when it is not used with DNSSEC,
and has been removed from XEP-0156 because of that. We have been issued
CVE-2022-26491 for this issue.
More discussion can be found at
https://mail.jabber.org/pipermail/standards/2022-February/038759.html.
Testing Done:
Compiled
Reviewed at https://reviews.imfreedom.org/r/1357/
# Makefile.mingw
#
# Description: Makefile to generate mo files
#
PIDGIN_TREE_TOP:=..
include $(PIDGIN_TREE_TOP)/libpurple/win32/global.mak