head 1.36; access; symbols pkgsrc-2023Q4:1.36.0.22 pkgsrc-2023Q4-base:1.36 pkgsrc-2023Q3:1.36.0.20 pkgsrc-2023Q3-base:1.36 pkgsrc-2023Q2:1.36.0.18 pkgsrc-2023Q2-base:1.36 pkgsrc-2023Q1:1.36.0.16 pkgsrc-2023Q1-base:1.36 pkgsrc-2022Q4:1.36.0.14 pkgsrc-2022Q4-base:1.36 pkgsrc-2022Q3:1.36.0.12 pkgsrc-2022Q3-base:1.36 pkgsrc-2022Q2:1.36.0.10 pkgsrc-2022Q2-base:1.36 pkgsrc-2022Q1:1.36.0.8 pkgsrc-2022Q1-base:1.36 pkgsrc-2021Q4:1.36.0.6 pkgsrc-2021Q4-base:1.36 pkgsrc-2021Q3:1.36.0.4 pkgsrc-2021Q3-base:1.36 pkgsrc-2021Q2:1.36.0.2 pkgsrc-2021Q2-base:1.36 pkgsrc-2021Q1:1.35.0.8 pkgsrc-2021Q1-base:1.35 pkgsrc-2020Q4:1.35.0.6 pkgsrc-2020Q4-base:1.35 pkgsrc-2020Q3:1.35.0.4 pkgsrc-2020Q3-base:1.35 pkgsrc-2020Q2:1.35.0.2 pkgsrc-2020Q2-base:1.35 pkgsrc-2020Q1:1.34.0.16 pkgsrc-2020Q1-base:1.34 pkgsrc-2019Q4:1.34.0.18 pkgsrc-2019Q4-base:1.34 pkgsrc-2019Q3:1.34.0.14 pkgsrc-2019Q3-base:1.34 pkgsrc-2019Q2:1.34.0.12 pkgsrc-2019Q2-base:1.34 pkgsrc-2019Q1:1.34.0.10 pkgsrc-2019Q1-base:1.34 pkgsrc-2018Q4:1.34.0.8 pkgsrc-2018Q4-base:1.34 pkgsrc-2018Q3:1.34.0.6 pkgsrc-2018Q3-base:1.34 pkgsrc-2018Q2:1.34.0.4 pkgsrc-2018Q2-base:1.34 pkgsrc-2018Q1:1.34.0.2 pkgsrc-2018Q1-base:1.34 pkgsrc-2017Q4:1.33.0.10 pkgsrc-2017Q4-base:1.33 pkgsrc-2017Q3:1.33.0.8 pkgsrc-2017Q3-base:1.33 pkgsrc-2017Q2:1.33.0.4 pkgsrc-2017Q2-base:1.33 pkgsrc-2017Q1:1.33.0.2 pkgsrc-2017Q1-base:1.33 pkgsrc-2016Q4:1.31.0.8 pkgsrc-2016Q4-base:1.31 pkgsrc-2016Q3:1.31.0.6 pkgsrc-2016Q3-base:1.31 pkgsrc-2016Q2:1.31.0.4 pkgsrc-2016Q2-base:1.31 pkgsrc-2016Q1:1.31.0.2 pkgsrc-2016Q1-base:1.31 pkgsrc-2015Q4:1.30.0.10 pkgsrc-2015Q4-base:1.30 pkgsrc-2015Q3:1.30.0.8 pkgsrc-2015Q3-base:1.30 pkgsrc-2015Q2:1.30.0.6 pkgsrc-2015Q2-base:1.30 pkgsrc-2015Q1:1.30.0.4 pkgsrc-2015Q1-base:1.30 pkgsrc-2014Q4:1.30.0.2 pkgsrc-2014Q4-base:1.30 pkgsrc-2014Q3:1.28.0.6 pkgsrc-2014Q3-base:1.28 pkgsrc-2014Q2:1.28.0.4 pkgsrc-2014Q2-base:1.28 pkgsrc-2014Q1:1.28.0.2 pkgsrc-2014Q1-base:1.28 pkgsrc-2013Q4:1.27.0.8 pkgsrc-2013Q4-base:1.27 pkgsrc-2013Q3:1.27.0.6 pkgsrc-2013Q3-base:1.27 pkgsrc-2013Q2:1.27.0.4 pkgsrc-2013Q2-base:1.27 pkgsrc-2013Q1:1.27.0.2 pkgsrc-2013Q1-base:1.27 pkgsrc-2012Q4:1.26.0.12 pkgsrc-2012Q4-base:1.26 pkgsrc-2012Q3:1.26.0.10 pkgsrc-2012Q3-base:1.26 pkgsrc-2012Q2:1.26.0.8 pkgsrc-2012Q2-base:1.26 pkgsrc-2012Q1:1.26.0.6 pkgsrc-2012Q1-base:1.26 pkgsrc-2011Q4:1.26.0.4 pkgsrc-2011Q4-base:1.26 pkgsrc-2011Q3:1.26.0.2 pkgsrc-2011Q3-base:1.26 pkgsrc-2011Q2:1.25.0.2 pkgsrc-2011Q2-base:1.25 pkgsrc-2011Q1:1.24.0.2 pkgsrc-2011Q1-base:1.24 pkgsrc-2010Q4:1.22.0.4 pkgsrc-2010Q4-base:1.22 pkgsrc-2010Q3:1.22.0.2 pkgsrc-2010Q3-base:1.22 pkgsrc-2010Q2:1.21.0.4 pkgsrc-2010Q2-base:1.21 pkgsrc-2010Q1:1.21.0.2 pkgsrc-2010Q1-base:1.21 pkgsrc-2009Q4:1.20.0.2 pkgsrc-2009Q4-base:1.20 pkgsrc-2009Q3:1.19.0.2 pkgsrc-2009Q3-base:1.19 pkgsrc-2009Q2:1.18.0.2 pkgsrc-2009Q2-base:1.18 pkgsrc-2009Q1:1.17.0.2 pkgsrc-2009Q1-base:1.17 pkgsrc-2008Q4:1.16.0.2 pkgsrc-2008Q4-base:1.16 pkgsrc-2008Q3:1.14.0.2 pkgsrc-2008Q3-base:1.14 cube-native-xorg:1.13.0.2 cube-native-xorg-base:1.13 pkgsrc-2008Q2:1.12.0.4 pkgsrc-2008Q2-base:1.12 cwrapper:1.12.0.2 pkgsrc-2008Q1:1.9.0.2 pkgsrc-2008Q1-base:1.9 pkgsrc-2007Q4:1.8.0.2 pkgsrc-2007Q4-base:1.8 pkgsrc-2007Q3:1.6.0.2 pkgsrc-2007Q3-base:1.6 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.36 date 2021.05.02.10.19.20; author nia; state Exp; branches; next 1.35; commitid GKAPbllfJuSuLyRC; 1.35 date 2020.06.12.11.40.19; author nia; state Exp; branches; next 1.34; commitid nhefN182sjnZCVbC; 1.34 date 2018.01.01.22.29.20; author rillig; state Exp; branches; next 1.33; commitid 0WRi40zz4tz6VdlA; 1.33 date 2017.03.20.18.42.50; author khorben; state Exp; branches; next 1.32; commitid GDRckVLNQvhqSjKz; 1.32 date 2017.03.11.03.02.39; author khorben; state Exp; branches; next 1.31; commitid d9Y1eNZlT8qKY4Jz; 1.31 date 2016.01.13.22.25.38; author wiz; state Exp; branches 1.31.8.1; next 1.30; commitid OS2UPvyByPx00PQy; 1.30 date 2014.12.07.08.45.59; author obache; state Exp; branches; next 1.29; commitid fAKlvr5tihiXo51y; 1.29 date 2014.12.07.08.42.07; author obache; state Exp; branches; next 1.28; commitid HLGQ2jWQNF2on51y; 1.28 date 2014.01.31.06.32.16; author obache; state Exp; branches; next 1.27; commitid KhOPv9lEtckTCenx; 1.27 date 2013.03.03.07.17.24; author obache; state Exp; branches; next 1.26; 1.26 date 2011.08.26.13.14.58; author obache; state Exp; branches; next 1.25; 1.25 date 2011.06.30.13.03.39; author obache; state Exp; branches; next 1.24; 1.24 date 2011.02.10.12.17.37; author adam; state Exp; branches; next 1.23; 1.23 date 2011.02.02.13.18.48; author adam; state Exp; branches; next 1.22; 1.22 date 2010.08.30.11.18.01; author adam; state Exp; branches; next 1.21; 1.21 date 2010.02.26.09.48.56; author wiz; state Exp; branches; next 1.20; 1.20 date 2009.12.08.12.45.42; author wiz; state Exp; branches; next 1.19; 1.19 date 2009.09.06.21.06.44; author abs; state Exp; branches; next 1.18; 1.18 date 2009.06.14.17.37.47; author joerg; state Exp; branches; next 1.17; 1.17 date 2009.03.12.07.37.51; author mlelstv; state Exp; branches; next 1.16; 1.16 date 2008.12.22.18.47.44; author jmcneill; state Exp; branches; next 1.15; 1.15 date 2008.12.21.14.08.39; author ahoka; state Exp; branches; next 1.14; 1.14 date 2008.09.16.19.54.21; author abs; state Exp; branches; next 1.13; 1.13 date 2008.08.19.18.18.10; author bjs; state Exp; branches; next 1.12; 1.12 date 2008.05.17.22.56.17; author tnn; state Exp; branches; next 1.11; 1.11 date 2008.04.29.10.55.02; author jmmv; state Exp; branches; next 1.10; 1.10 date 2008.04.12.22.42.58; author jlam; state Exp; branches; next 1.9; 1.9 date 2008.03.04.17.22.40; author tnn; state Exp; branches; next 1.8; 1.8 date 2007.12.02.04.17.54; author tnn; state Exp; branches; next 1.7; 1.7 date 2007.11.03.15.59.18; author tnn; state Exp; branches; next 1.6; 1.6 date 2007.09.30.13.47.02; author tnn; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2007.09.15.14.55.02; author tnn; state Exp; branches; next 1.4; 1.4 date 2007.08.13.22.18.58; author tnn; state Exp; branches; next 1.3; 1.3 date 2007.08.13.05.32.09; author dan; state Exp; branches; next 1.2; 1.2 date 2007.08.02.13.43.32; author gdt; state Exp; branches; next 1.1; 1.1 date 2007.07.28.12.10.43; author gdt; state Exp; branches 1.1.1.1; next ; 1.31.8.1 date 2017.03.23.23.50.14; author bsiegert; state Exp; branches; next ; commitid NvsjImNGKkw7vJKz; 1.6.2.1 date 2007.11.04.14.25.33; author ghen; state Exp; branches; next ; 1.1.1.1 date 2007.07.28.12.10.43; author gdt; state Exp; branches; next ; desc @@ 1.36 log @pidgin: update to 2.14.4 changes: https://pidgin.im/posts/2021-04-2.14.4-released/ @ text @@@comment $NetBSD: PLIST,v 1.35 2020/06/12 11:40:19 nia Exp $ ${PLIST.dbus}bin/purple-client-example ${PLIST.dbus}bin/purple-remote ${PLIST.dbus}bin/purple-send ${PLIST.dbus}bin/purple-send-async ${PLIST.dbus}bin/purple-url-handler include/libpurple/account.h include/libpurple/accountopt.h include/libpurple/blist.h include/libpurple/buddyicon.h include/libpurple/certificate.h include/libpurple/cipher.h include/libpurple/circbuffer.h include/libpurple/cmds.h include/libpurple/connection.h include/libpurple/conversation.h include/libpurple/core.h ${PLIST.dbus}include/libpurple/dbus-bindings.h ${PLIST.dbus}include/libpurple/dbus-define-api.h include/libpurple/dbus-maybe.h ${PLIST.dbus}include/libpurple/dbus-purple.h ${PLIST.dbus}include/libpurple/dbus-server.h ${PLIST.dbus}include/libpurple/dbus-types.h ${PLIST.dbus}include/libpurple/dbus-useful.h include/libpurple/debug.h include/libpurple/desktopitem.h include/libpurple/dnsquery.h include/libpurple/dnssrv.h include/libpurple/eventloop.h include/libpurple/ft.h include/libpurple/gaim-compat.h include/libpurple/glibcompat.h include/libpurple/idle.h include/libpurple/imgstore.h include/libpurple/log.h include/libpurple/marshallers.h include/libpurple/media-gst.h include/libpurple/media.h include/libpurple/media/backend-iface.h include/libpurple/media/candidate.h include/libpurple/media/codec.h include/libpurple/media/enum-types.h include/libpurple/mediamanager.h include/libpurple/mime.h include/libpurple/nat-pmp.h include/libpurple/network.h include/libpurple/notify.h include/libpurple/ntlm.h include/libpurple/plugin.h include/libpurple/pluginpref.h include/libpurple/pounce.h include/libpurple/prefs.h include/libpurple/privacy.h include/libpurple/proxy.h include/libpurple/prpl.h include/libpurple/purple.h include/libpurple/request.h include/libpurple/roomlist.h include/libpurple/savedstatuses.h include/libpurple/server.h include/libpurple/signals.h include/libpurple/smiley.h include/libpurple/sound-theme-loader.h include/libpurple/sound-theme.h include/libpurple/sound.h include/libpurple/sslconn.h include/libpurple/status.h include/libpurple/stringref.h include/libpurple/stun.h include/libpurple/theme-loader.h include/libpurple/theme-manager.h include/libpurple/theme.h include/libpurple/upnp.h include/libpurple/util.h include/libpurple/value.h include/libpurple/version.h include/libpurple/whiteboard.h include/libpurple/xmlnode.h ${PLIST.dbus}lib/libpurple-client.la lib/libpurple.la lib/pkgconfig/purple.pc lib/purple-2/autoaccept.la lib/purple-2/buddynote.la ${PLIST.dbus}lib/purple-2/dbus-example.la lib/purple-2/idle.la lib/purple-2/joinpart.la ${PLIST.avahi}lib/purple-2/libbonjour.la lib/purple-2/libgg.la lib/purple-2/libirc.la lib/purple-2/libjabber.la lib/purple-2/libnovell.la lib/purple-2/libsimple.la lib/purple-2/libxmpp.la lib/purple-2/libzephyr.la lib/purple-2/log_reader.la lib/purple-2/newline.la ${PLIST.nss}lib/purple-2/nss-prefs.la lib/purple-2/offlinemsg.la ${PLIST.perl}lib/purple-2/perl.la lib/purple-2/psychic.la ${PLIST.gnutls}lib/purple-2/ssl-gnutls.la ${PLIST.nss}lib/purple-2/ssl-nss.la lib/purple-2/ssl.la lib/purple-2/statenotify.la ${PLIST.tcl}lib/purple-2/tcl.la share/aclocal/purple.m4 share/locale/af/LC_MESSAGES/pidgin.mo share/locale/am/LC_MESSAGES/pidgin.mo share/locale/ar/LC_MESSAGES/pidgin.mo share/locale/ar_SA/LC_MESSAGES/pidgin.mo share/locale/as/LC_MESSAGES/pidgin.mo share/locale/ast/LC_MESSAGES/pidgin.mo share/locale/az/LC_MESSAGES/pidgin.mo share/locale/be@@latin/LC_MESSAGES/pidgin.mo share/locale/bg/LC_MESSAGES/pidgin.mo share/locale/bn/LC_MESSAGES/pidgin.mo share/locale/bn_IN/LC_MESSAGES/pidgin.mo share/locale/br/LC_MESSAGES/pidgin.mo share/locale/brx/LC_MESSAGES/pidgin.mo share/locale/bs/LC_MESSAGES/pidgin.mo share/locale/ca/LC_MESSAGES/pidgin.mo share/locale/ca@@valencia/LC_MESSAGES/pidgin.mo share/locale/cs/LC_MESSAGES/pidgin.mo share/locale/da/LC_MESSAGES/pidgin.mo share/locale/de/LC_MESSAGES/pidgin.mo share/locale/dz/LC_MESSAGES/pidgin.mo share/locale/el/LC_MESSAGES/pidgin.mo share/locale/en_AU/LC_MESSAGES/pidgin.mo share/locale/en_CA/LC_MESSAGES/pidgin.mo share/locale/en_GB/LC_MESSAGES/pidgin.mo share/locale/eo/LC_MESSAGES/pidgin.mo share/locale/es/LC_MESSAGES/pidgin.mo share/locale/es_AR/LC_MESSAGES/pidgin.mo share/locale/et/LC_MESSAGES/pidgin.mo share/locale/eu/LC_MESSAGES/pidgin.mo share/locale/fa/LC_MESSAGES/pidgin.mo share/locale/fi/LC_MESSAGES/pidgin.mo share/locale/fr/LC_MESSAGES/pidgin.mo share/locale/ga/LC_MESSAGES/pidgin.mo share/locale/gl/LC_MESSAGES/pidgin.mo share/locale/gu/LC_MESSAGES/pidgin.mo share/locale/he/LC_MESSAGES/pidgin.mo share/locale/hi/LC_MESSAGES/pidgin.mo share/locale/hr/LC_MESSAGES/pidgin.mo share/locale/hu/LC_MESSAGES/pidgin.mo share/locale/id/LC_MESSAGES/pidgin.mo share/locale/it/LC_MESSAGES/pidgin.mo share/locale/ja/LC_MESSAGES/pidgin.mo share/locale/ka/LC_MESSAGES/pidgin.mo share/locale/kk/LC_MESSAGES/pidgin.mo share/locale/km/LC_MESSAGES/pidgin.mo share/locale/kn/LC_MESSAGES/pidgin.mo share/locale/ko/LC_MESSAGES/pidgin.mo share/locale/ks/LC_MESSAGES/pidgin.mo share/locale/ku/LC_MESSAGES/pidgin.mo share/locale/ku_IQ/LC_MESSAGES/pidgin.mo share/locale/lt/LC_MESSAGES/pidgin.mo share/locale/lv/LC_MESSAGES/pidgin.mo share/locale/mai/LC_MESSAGES/pidgin.mo share/locale/mhr/LC_MESSAGES/pidgin.mo share/locale/mk/LC_MESSAGES/pidgin.mo share/locale/ml/LC_MESSAGES/pidgin.mo share/locale/mn/LC_MESSAGES/pidgin.mo share/locale/mr/LC_MESSAGES/pidgin.mo share/locale/ms_MY/LC_MESSAGES/pidgin.mo share/locale/my_MM/LC_MESSAGES/pidgin.mo share/locale/nb/LC_MESSAGES/pidgin.mo share/locale/ne/LC_MESSAGES/pidgin.mo share/locale/nl/LC_MESSAGES/pidgin.mo share/locale/nn/LC_MESSAGES/pidgin.mo share/locale/oc/LC_MESSAGES/pidgin.mo share/locale/or/LC_MESSAGES/pidgin.mo share/locale/pa/LC_MESSAGES/pidgin.mo share/locale/pl/LC_MESSAGES/pidgin.mo share/locale/ps/LC_MESSAGES/pidgin.mo share/locale/pt/LC_MESSAGES/pidgin.mo share/locale/pt_BR/LC_MESSAGES/pidgin.mo share/locale/ro/LC_MESSAGES/pidgin.mo share/locale/ru/LC_MESSAGES/pidgin.mo share/locale/sd/LC_MESSAGES/pidgin.mo share/locale/si/LC_MESSAGES/pidgin.mo share/locale/sk/LC_MESSAGES/pidgin.mo share/locale/sl/LC_MESSAGES/pidgin.mo share/locale/sq/LC_MESSAGES/pidgin.mo share/locale/sr/LC_MESSAGES/pidgin.mo share/locale/sr@@latin/LC_MESSAGES/pidgin.mo share/locale/sv/LC_MESSAGES/pidgin.mo share/locale/sw/LC_MESSAGES/pidgin.mo share/locale/ta/LC_MESSAGES/pidgin.mo share/locale/te/LC_MESSAGES/pidgin.mo share/locale/th/LC_MESSAGES/pidgin.mo share/locale/tr/LC_MESSAGES/pidgin.mo share/locale/tt/LC_MESSAGES/pidgin.mo share/locale/uk/LC_MESSAGES/pidgin.mo share/locale/ur/LC_MESSAGES/pidgin.mo share/locale/uz/LC_MESSAGES/pidgin.mo share/locale/vi/LC_MESSAGES/pidgin.mo share/locale/xh/LC_MESSAGES/pidgin.mo share/locale/zh_CN/LC_MESSAGES/pidgin.mo share/locale/zh_HK/LC_MESSAGES/pidgin.mo share/locale/zh_TW/LC_MESSAGES/pidgin.mo share/purple/ca-certs/CAcert_Class3.pem share/purple/ca-certs/CAcert_Root.pem share/purple/ca-certs/mozilla.pem share/sounds/purple/alert.wav share/sounds/purple/login.wav share/sounds/purple/logout.wav share/sounds/purple/receive.wav share/sounds/purple/send.wav @ 1.35 log @pidgin: Update to 2.14.1 version 2.14.1 (11/06/2020): * Fixed issues with Windows installer that always thought Pidgin was running. (Eion Robb) * Fixed an issue where the Windows installer was not using Unicode while doing checksums which made it fail. (Eion Robb) * Fixed an issue in the released source code that caused the Mercurial revision in the About box to be "unknown". (Gary Kramlich) version 2.14.0 (10/06/2020): General: * Fixed a memory leak in search results. (#17292 PR #320 David Woodhouse) * Support SNI with GNUTLS. (#17300 tiagosalem) (PR #659 Mihai Moldovan) * Add additional error handling to NSS and GNUTLS. (PR #679 Samuel Thibault) libpurple: * Add invisible buddy support to support presence/name/photos for non buddies. (#17295 PR 321 David Woodhouse) * Make purple-remote compatible with both Python 2 and Python 3. (Jan Synacek of RedHat) * Fixed some leaky deprecation warnings. (PR #586 Gary Kramlich) * Fixed HTML logs which were writing invalid HTML. (#17280 stars PR #312 Daniel Kamil Kozar) * Fixed a use after free in purple_smiley_set_data_impl. (PR #694 Gary Kramlich) * Added the chat_send_file ability to protocol plugins. (PR #701 David Woodhouse) Pidgin: * Treat
tags as line breaks when pasting. (PR #678 Colin Xu)
* Reverted Ticket #17232/PR #695. It caused more harm than good and a new
solution needs to be found. (PR #695 Gary Kramlich)
Bonjour:
* Always use port fallback for IPv4 addresses. (PR #382 Michael Osborne)
XMPP:
* Support for XEP-0198 Stream Management (PR #309 defanor)
* Decrease delay for file transfer using streamhosts (PR #464 #627 Evert
Mouw)
Voice & Video:
* Improve webcam failure handling. (PR #322 David Woodhouse)
* Show error when creating media pipeline fails. (#17290 PR 322 David
Woodhouse)
* Clip audio level reporting. (#14426 PR #322 David Woodhouse)
* Keep track of devices managed by GstDeviceMonitor. (PR #322 David
Woodhouse)
* Ignore PulseAudio monitors. (PR #322 David Woodhouse)
* Backport native Voice & Video prefs from 3.0. (PR #322 David Woodhouse)
* Fixed building against GStreamer 0.10 (PR #325 David Woodhouse)
* Fixed initial delay on incoming audio (PR #379 David Woodhouse)
* Properly cleanup timeouts. (PR #383 Jakub Adam)
* Added an audio mixer so mixed sources don't cause a pipe failure. (PR #522
Fabrice Bellet)
* Added screen share support for Wayland via XDP Portal. (PR #337 David
Woodhouse)
* Handle unplug and replug events of selected media device. (PR #699 David
Woodhouse)
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.34 2018/01/01 22:29:20 rillig Exp $
a86 1
lib/purple-2/libaim.la
a88 1
lib/purple-2/libicq.la
a91 1
lib/purple-2/liboscar.la
@
1.34
log
@Sort PLIST files.
Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:
pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.33 2017/03/20 18:42:50 khorben Exp $
d32 1
a109 1
${PLIST.gnome}share/gconf/schemas/purple.schemas
d113 1
@
1.33
log
@Update chat/{libpurple,pidgin} to version 2.12.0
version 2.12.0 (03/09/2017):
libpurple:
* Fix an out of bounds memory read in purple_markup_unescape_entity.
CVE-2017-2640
* Fix use of uninitialised memory if running non-debug-enabled versions of glib
* Updated AIM dev and dist ID's to new ones that were assigned by AOL.
* TLS certificate verification now uses SHA-256 checksums.
* Fixed SASL external auth for Freenode.
* Removed the MSN protocol plugin. It has been unusable and dormant for some
time. MSNP18 has been discontinued and the protocol plugin would require a
large update to start working again. See: http://ismsndeadyet.com/ The
third-party Pidgin SkypeWeb plugin, however, should provide enough
functionality as a replacement if people still want to use MSN:
https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb
* Removed Mxit protocol plugin. The service was closed at the end of
September 2016. See
https://pidgin.im/pipermail/devel/2016-September/024078.htm
* Removed the MySpaceIM protocol plugin. The service has been defunct for a
long time. (#15356)
* Remove the Yahoo! protocol plugin. Yahoo has completely
reimplemented their protocol, so this version is no longer operable as
of August 5th, 2016:
https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product
A new protocol plugin has been written to support the new protocol.
It can be found here: https://github.com/EionRobb/funyahoo-plusplus
This also removes support for Yahoo! Japan. According to
http://messenger.yahoo.co.jp/ the service ended March 26th, 2014.
* Remove the Facebook (XMPP) account option. According to
https://developers.facebook.com/docs/chat the XMPP Chat API service
ended April 30th, 2015. A new protocol plugin has been written,
using a different method, to support Facebook. It can be found at
https://github.com/dequis/purple-facebook/wiki
* Fixed gnutls certificate validation errors that mainly affected google (Dequis)
General
* Replaced instances of d.pidgin.im with developer.pidgin.im and updated the
urls to use https. (#17036)
IRC
* Fixed issue of messages being silently cut off at 500 characters. Large
messages are now split into parts and sent one by one. (#4753)
@
text
@d1 6
a6 1
@@comment $NetBSD: PLIST,v 1.32 2017/03/11 03:02:39 khorben Exp $
d18 2
d21 4
d78 1
d83 1
d99 1
d101 1
a102 1
${PLIST.nss}lib/purple-2/nss-prefs.la
a211 14
${PLIST.dbus}bin/purple-client-example
${PLIST.dbus}bin/purple-remote
${PLIST.dbus}bin/purple-send
${PLIST.dbus}bin/purple-send-async
${PLIST.dbus}bin/purple-url-handler
${PLIST.dbus}include/libpurple/dbus-bindings.h
${PLIST.dbus}include/libpurple/dbus-define-api.h
${PLIST.dbus}include/libpurple/dbus-purple.h
${PLIST.dbus}include/libpurple/dbus-server.h
${PLIST.dbus}include/libpurple/dbus-types.h
${PLIST.dbus}include/libpurple/dbus-useful.h
${PLIST.dbus}lib/libpurple-client.la
${PLIST.dbus}lib/purple-2/dbus-example.la
${PLIST.perl}lib/purple-2/perl.la
@
1.32
log
@Update chat/{libpurple,pidgin} to version 2.11.0
version 2.11.0 (06/21/2016):
General:
* 2.10.12 was accidentally released with new additions to the API and
should have been released as 2.11.0. Unfortunately, we did not catch
the mistake until after 2.10.12 was released, but we're fixing it now.
See ChangeLog.API for more information.
* Include the Mozilla certificate bundle. This fixes connecting to servers
with certificates from Let's Encrypt.
* Remove all 1024-bit CAs
libpurple:
* media: fix an issue with ximagesink displaying only a corner cut-out of
a larger webcam video (Jakub Adam)
* mediamanager: update output window destruction so that it reflects recent
changes in the media pipeline structure (Jakub Adam)
* Ported Instantbird's CommandUiOps to libpurple (Dequis)
Pidgin:
* Fixed #14962
* Fixed alignment of incoming right-to-left messages in protocols that
don't support rich text
* Fix a potential crash while exiting pidgin
Windows-Specific Changes:
* Use getaddrinfo for DNS to enable IPv6 (#1075)
* Updates to dependencies:
* NSS 3.24 and NSPR 4.12.
AIM:
* Add support for the newer kerberos-based authentication of AIM 8.x
Bonjour
* Fixed building on Mac OSX (Patrick Cloke) (#16883)
ICQ:
* Stop truncating passwords to 8 characters like old ICQ clients did.
(#16692). If you actually needed this, truncate your password
manually by pressing backspace a few times.
IRC:
* Base64-decode SASL messages before passing to libsasl (#16268)
MXit
* Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0120)
* Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0140)
* Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
* Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
(TALOS-CAN-0118)
* Fixed a remote buffer overflow vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0119)
* Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0123)
* Fixed a directory traversal issue. Discovered by Yves Younan of Cisco
Talos (TALOS-CAN-0128)
* Fixed a remote denial of service vulnerability that could result in
a null pointer dereference. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0133)
* Fixed a remote denial of service that could result in an out-of-bounds
read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134)
* Fixed multiple remote buffer overflows. Discovered by Yves Younan of
Cisco Talos. (TALOS-CAN-0136)
* Fixed a remote NULL pointer dereference. Discovered by Yves Younan of
Cisco Talos (TALOS-CAN-0137)
* Fixed a remote code execution issue discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0142)
* Fixed a remote denial of service vulnerability in contact mood
handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141)
* Fixed a remote out-of-bounds write vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0139)
* Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0143)
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.31 2016/01/13 22:25:38 wiz Exp $
a78 3
lib/purple-2/libmsn.la
lib/purple-2/libmxit.la
lib/purple-2/libmyspace.la
a82 3
lib/purple-2/libyahoo.la
lib/purple-2/libyahoojp.la
lib/purple-2/libymsg.la
@
1.31
log
@Update pidgin/finch/libpurple to 2.10.12.
gstreamer is not an option any longer.
version 2.10.12 (MM/DD/YY):
Windows-Specific Changes:
* Updates to dependencies:
* Cyrus SASL 2.1.26
* libxml2 2.9.2
* NSS 3.17.3 and NSPR 4.10.7
* Perl 5.20.1
* SILC 1.1.12
* Remove support for Tcl plugins
Gadu-Gadu:
* Updated internal libgadu to version 1.12.1.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.30 2014/12/07 08:45:59 obache Exp $
a195 4
share/purple/ca-certs/AOL_Member_CA.pem
share/purple/ca-certs/AddTrust_External_Root.pem
share/purple/ca-certs/America_Online_Root_Certification_Authority_1.pem
share/purple/ca-certs/Baltimore_CyberTrust_Root.pem
d198 1
a198 23
share/purple/ca-certs/Certum_Root_CA.pem
share/purple/ca-certs/Certum_Trusted_Network_CA.pem
share/purple/ca-certs/Deutsche_Telekom_Root_CA_2.pem
share/purple/ca-certs/DigiCertHighAssuranceCA-3.pem
share/purple/ca-certs/DigiCertHighAssuranceEVRootCA.pem
share/purple/ca-certs/Entrust.net_2048.pem
share/purple/ca-certs/Entrust.net_Secure_Server_CA.pem
share/purple/ca-certs/Equifax_Secure_CA.pem
share/purple/ca-certs/Equifax_Secure_Global_eBusiness_CA-1.pem
share/purple/ca-certs/GTE_CyberTrust_Global_Root.pem
share/purple/ca-certs/Go_Daddy_Class_2_CA.pem
share/purple/ca-certs/Microsoft_Internet_Authority_2010.pem
share/purple/ca-certs/Microsoft_Secure_Server_Authority_2010.pem
share/purple/ca-certs/StartCom_Certification_Authority.pem
share/purple/ca-certs/Thawte_Premium_Server_CA.pem
share/purple/ca-certs/Thawte_Primary_Root_CA.pem
share/purple/ca-certs/ValiCert_Class_2_VA.pem
share/purple/ca-certs/VeriSign_Class3_Extended_Validation_CA.pem
share/purple/ca-certs/VeriSign_Class_3_Primary_CA-G2.pem
share/purple/ca-certs/VeriSign_Class_3_Primary_CA-G5-2.pem
share/purple/ca-certs/VeriSign_Class_3_Primary_CA-G5.pem
share/purple/ca-certs/VeriSign_International_Server_Class_3_CA.pem
share/purple/ca-certs/Verisign_Class3_Primary_CA.pem
@
1.31.8.1
log
@Pullup ticket #5224 - requested by khorben
chat/libpurple: security fix
Revisions pulled up:
- chat/finch/Makefile 1.67
- chat/libpurple/Makefile 1.80
- chat/libpurple/Makefile.common 1.47-1.48
- chat/libpurple/PLIST 1.32-1.33
- chat/libpurple/buildlink3.mk 1.43
- chat/libpurple/distinfo 1.47-1.49
- chat/libpurple/patches/patch-libpurple_protocols_mxit_profile.c deleted
- chat/pidgin-sametime/Makefile 1.48
- chat/pidgin-silc/Makefile 1.51
- chat/pidgin/Makefile 1.70
- chat/pidgin/PLIST 1.23-1.24
---
Module Name: pkgsrc
Committed By: khorben
Date: Sat Mar 11 03:02:40 UTC 2017
Modified Files:
pkgsrc/chat/libpurple: Makefile.common PLIST buildlink3.mk distinfo
pkgsrc/chat/pidgin: PLIST
Log Message:
Update chat/{libpurple,pidgin} to version 2.11.0
version 2.11.0 (06/21/2016):
General:
* 2.10.12 was accidentally released with new additions to the API and
should have been released as 2.11.0. Unfortunately, we did not catch
the mistake until after 2.10.12 was released, but we're fixing it now.
See ChangeLog.API for more information.
* Include the Mozilla certificate bundle. This fixes connecting to servers
with certificates from Let's Encrypt.
* Remove all 1024-bit CAs
libpurple:
* media: fix an issue with ximagesink displaying only a corner cut-out of
a larger webcam video (Jakub Adam)
* mediamanager: update output window destruction so that it reflects recent
changes in the media pipeline structure (Jakub Adam)
* Ported Instantbird's CommandUiOps to libpurple (Dequis)
Pidgin:
* Fixed #14962
* Fixed alignment of incoming right-to-left messages in protocols that
don't support rich text
* Fix a potential crash while exiting pidgin
Windows-Specific Changes:
* Use getaddrinfo for DNS to enable IPv6 (#1075)
* Updates to dependencies:
* NSS 3.24 and NSPR 4.12.
AIM:
* Add support for the newer kerberos-based authentication of AIM 8.x
Bonjour
* Fixed building on Mac OSX (Patrick Cloke) (#16883)
ICQ:
* Stop truncating passwords to 8 characters like old ICQ clients did.
(#16692). If you actually needed this, truncate your password
manually by pressing backspace a few times.
IRC:
* Base64-decode SASL messages before passing to libsasl (#16268)
MXit
* Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0120)
* Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0140)
* Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
* Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
(TALOS-CAN-0118)
* Fixed a remote buffer overflow vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0119)
* Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0123)
* Fixed a directory traversal issue. Discovered by Yves Younan of Cisco
Talos (TALOS-CAN-0128)
* Fixed a remote denial of service vulnerability that could result in
a null pointer dereference. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0133)
* Fixed a remote denial of service that could result in an out-of-bounds
read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134)
* Fixed multiple remote buffer overflows. Discovered by Yves Younan of
Cisco Talos. (TALOS-CAN-0136)
* Fixed a remote NULL pointer dereference. Discovered by Yves Younan of
Cisco Talos (TALOS-CAN-0137)
* Fixed a remote code execution issue discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0142)
* Fixed a remote denial of service vulnerability in contact mood
handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141)
* Fixed a remote out-of-bounds write vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0139)
* Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0143)
---
Module Name: pkgsrc
Committed By: wiz
Date: Sat Mar 11 07:15:25 UTC 2017
Modified Files:
pkgsrc/chat/finch: Makefile
pkgsrc/chat/libpurple: Makefile
pkgsrc/chat/pidgin: Makefile
pkgsrc/chat/pidgin-sametime: Makefile
pkgsrc/chat/pidgin-silc: Makefile
Log Message:
Reset PKGREVISION after update.
---
Module Name: pkgsrc
Committed By: khorben
Date: Mon Mar 20 18:42:51 UTC 2017
Modified Files:
pkgsrc/chat/libpurple: Makefile.common PLIST distinfo
pkgsrc/chat/pidgin: PLIST
Removed Files:
pkgsrc/chat/libpurple/patches: patch-libpurple_protocols_mxit_profile.c
Log Message:
Update chat/{libpurple,pidgin} to version 2.12.0
version 2.12.0 (03/09/2017):
libpurple:
* Fix an out of bounds memory read in purple_markup_unescape_entity.
CVE-2017-2640
* Fix use of uninitialised memory if running non-debug-enabled versions
of glib
* Updated AIM dev and dist ID's to new ones that were assigned by AOL.
* TLS certificate verification now uses SHA-256 checksums.
* Fixed SASL external auth for Freenode.
* Removed the MSN protocol plugin. It has been unusable and dormant for
some
time. MSNP18 has been discontinued and the protocol plugin would
require a
large update to start working again. See: http://ismsndeadyet.com/ The
third-party Pidgin SkypeWeb plugin, however, should provide enough
functionality as a replacement if people still want to use MSN:
https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb
* Removed Mxit protocol plugin. The service was closed at the end of
September 2016. See
https://pidgin.im/pipermail/devel/2016-September/024078.htm
* Removed the MySpaceIM protocol plugin. The service has been defunct for a
long time. (#15356)
* Remove the Yahoo! protocol plugin. Yahoo has completely
reimplemented their protocol, so this version is no longer operable as
of August 5th, 2016:
https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product
A new protocol plugin has been written to support the new protocol.
It can be found here: https://github.com/EionRobb/funyahoo-plusplus
This also removes support for Yahoo! Japan. According to
http://messenger.yahoo.co.jp/ the service ended March 26th, 2014.
* Remove the Facebook (XMPP) account option. According to
https://developers.facebook.com/docs/chat the XMPP Chat API service
ended April 30th, 2015. A new protocol plugin has been written,
using a different method, to support Facebook. It can be found at
https://github.com/dequis/purple-facebook/wiki
* Fixed gnutls certificate validation errors that mainly affected
google (Dequis)
General
* Replaced instances of d.pidgin.im with developer.pidgin.im and
updated the
urls to use https. (#17036)
IRC
* Fixed issue of messages being silently cut off at 500 characters. Large
messages are now split into parts and sent one by one. (#4753)
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Mar 22 09:46:11 UTC 2017
Modified Files:
pkgsrc/chat/libpurple: distinfo
Log Message:
Regenerate to match actual patches.
@
text
@d1 1
a1 1
@@comment $NetBSD$
d79 3
d86 3
d196 4
d202 23
a224 1
share/purple/ca-certs/mozilla.pem
@
1.30
log
@Update pidgin to 2.10.11.
version 2.10.11 (11/23/14):
General:
* Fix handling of Self-Signed SSL/TLS Certificates when using the NSS
plugin (#16412)
* Improve default cipher suites used with the NSS plugin (#16262)
* Add NSS Preferences plugin which allows the SSL/TLS Versions and
cipher suites to be configured (#8061)
Gadu-Gadu:
* Fix a bug that prevented plugin to load when compiled without GnuTLS.
(mancha) (#16431)
* Fix build for platforms without AF_LOCAL definition. (#16404)
MSN:
* Fix broken login due to server change (dx, TReKiE). (#16451, #16455)
* Fail early when buddy list is unavailable instead of wasting bandwidth
endlessly re-trying.
version 2.10.10 (10/22/14):
General:
* Check the basic constraints extension when validating SSL/TLS
certificates. This fixes a security hole that allowed a malicious
man-in-the-middle to impersonate an IM server or any other https
endpoint. This affected both the NSS and GnuTLS plugins. (Discovered
by an anonymous person and Jacob Appelbaum of the Tor Project, with
thanks to Moxie Marlinspike for first publishing about this type of
vulnerability. Thanks to Kai Engert for guidance and for some of the
NSS changes) (CVE-2014-3694)
* Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL.
(Elrond and Ashish Gupta) (#15909)
libpurple3 compatibility:
* Encrypted account passwords are preserved until the new one is set.
* Fix loading Google Talk and Facebook XMPP accounts.
Windows-Specific Changes:
* Don't allow overwriting arbitrary files on the file system when the
user installs a smiley theme via drag-and-drop. (Discovered by Yves
Younan of Cisco Talos) (CVE-2014-3697)
* Updates to dependencies:
* NSS 3.17.1 and NSPR 4.10.7
Finch:
* Fix build against Python 3. (Ed Catmur) (#15969)
Gadu-Gadu:
* Updated internal libgadu to version 1.12.0.
Groupwise:
* Fix potential remote crash parsing server message that indicates that
a large amount of memory should be allocated. (Discovered by Yves Younan
and Richard Johnson of Cisco Talos) (CVE-2014-3696)
IRC:
* Fix a possible leak of unencrypted data when using /me command
with OTR. (Thijs Alkemade) (#15750)
MXit:
* Fix potential remote crash parsing a malformed emoticon response.
(Discovered by Yves Younan and Richard Johnson of Cisco Talos)
(CVE-2014-3695)
XMPP:
* Fix potential information leak where a malicious XMPP server and
possibly even a malicious remote user could create a carefully crafted
XMPP message that causes libpurple to send an XMPP message containing
arbitrary memory. (Discovered and fixed by Thijs Alkemade and Paul
Aurich) (CVE-2014-3698)
* Fix Facebook XMPP roster quirks. (#15041, #15957)
Yahoo:
* Fix login when using the GnuTLS library for TLS connections. (#16172)
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.29 2014/12/07 08:42:07 obache Exp $
d105 1
d112 2
d127 1
d148 1
d156 1
d159 1
d174 1
d190 1
d202 2
@
1.29
log
@Use packlist for most of perl related PLIST.
Resolve PR pkg/49343.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.28 2014/01/31 06:32:16 obache Exp $
d94 1
a135 1
share/locale/hy/LC_MESSAGES/pidgin.mo
d140 1
d145 1
a145 1
share/locale/lo/LC_MESSAGES/pidgin.mo
d147 1
a152 1
share/locale/ms_MY/LC_MESSAGES/pidgin.mo
d179 1
d209 3
a211 3
share/purple/ca-certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G2.pem
share/purple/ca-certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
share/purple/ca-certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5_2.pem
@
1.28
log
@Update pidin to 2.10.8.
version 2.10.8 (1/28/2014):
General:
* Python build scripts and example plugins are now compatible with
Python 3. (Ashish Gupta) (#15624)
libpurple:
* Fix potential crash if libpurple gets an error attempting to read a
reply from a STUN server. (Discovered by Coverity static analysis)
(CVE-2013-6484)
* Fix potential crash parsing a malformed HTTP response. (Discovered by
Jacob Appelbaum of the Tor Project) (CVE-2013-6479)
* Fix buffer overflow when parsing a malformed HTTP response with
chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
(CVE-2013-6485)
* Better handling of HTTP proxy responses with negative Content-Lengths.
(Discovered by Matt Jones, Volvent)
* Fix handling of SSL certificates without subjects when using libnss.
* Fix handling of SSL certificates with timestamps in the distant future
when using libnss. (#15586)
* Impose maximum download size for all HTTP fetches.
Pidgin:
* Fix crash displaying tooltip of long URLs. (CVE-2013-6478)
* Better handling of URLs longer than 1000 letters.
* Fix handling of multibyte UTF-8 characters in smiley themes. (#15756)
Windows-Specific Changes:
* When clicking file:// links, show the file in Explorer rather than
attempting to run the file. This reduces the chances of a user
clicking on a link and mistakenly running a malicious file.
(Originally discovered by James Burton, Insomnia Security. Rediscovered
by Yves Younan of Sourcefire VRT.) (CVE-2013-6486)
* Fix Tcl scripts. (#15520)
* Fix crash-on-startup when ASLR is always on. (#15521)
* Updates to dependencies:
* NSS 3.15.4 and NSPR 4.10.2
* Pango 1.29.4-1daa
Patched for https://bugzilla.gnome.org/show_bug.cgi?id=668154
AIM:
* Fix untrusted certificate error.
AIM and ICQ:
* Fix a possible crash when receiving a malformed message in a Direct IM
session.
Gadu-Gadu:
* Fix buffer overflow with remote code execution potential. Only
triggerable by a Gadu-Gadu server or a man-in-the-middle.
(Discovered by Yves Younan and Ryan Pentney of Sourcefire VRT)
(CVE-2013-6487)
* Disabled buddy list import/export from/to server (it didn't work
anymore). Buddy list synchronization will be implemented in 3.0.0.
* Disabled new account registration and password change options, as it
didn't work either. Account registration also caused a crash. Both
functions are available using official Gadu-Gadu website.
IRC:
* Fix bug where a malicious server or man-in-the-middle could trigger
a crash by not sending enough arguments with various messages.
(Discovered by Daniel Atallah) (CVE-2014-0020)
* Fix bug where initial IRC status would not be set correctly.
* Fix bug where IRC wasn't available when libpurple was compiled with
Cyrus SASL support. (#15517)
MSN:
* Fix NULL pointer dereference parsing headers in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix NULL pointer dereference parsing OIM data in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix NULL pointer dereference parsing SOAP data in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix possible crash when sending very long messages. Not
remotely-triggerable. (Discovered by Matt Jones, Volvent)
MXit:
* Fix buffer overflow with remote code execution potential.
(Discovered by Yves Younan and Pawel Janic of Sourcefire VRT)
(CVE-2013-6487)
* Fix sporadic crashes that can happen after user is disconnected.
* Fix crash when attempting to add a contact via search results.
* Show error message if file transfer fails.
* Fix compiling with InstantBird.
* Fix display of some custom emoticons.
SILC:
* Correctly set whiteboard dimensions in whiteboard sessions.
SIMPLE:
* Fix buffer overflow with remote code execution potential.
(Discovered by Yves Younan of Sourcefire VRT) (CVE-2013-6487)
XMPP:
* Prevent spoofing of iq replies by verifying that the 'from' address
matches the 'to' address of the iq request. (Discovered by Fabian
Yamaguchi and Christian Wressnegger of the University of Goettingen)
(CVE-2013-6483)
* Fix crash on some systems when receiving fake delay timestamps with
extreme values. (Discovered by Jaime Breva Ribes) (CVE-2013-6477)
* Fix possible crash or other erratic behavior when selecting a very
small file for your own buddy icon.
* Fix crash if the user tries to initiate a voice/video session with a
resourceless JID.
* Fix login errors when the first two available auth mechanisms fail but
a subsequent mechanism would otherwise work when using Cyrus SASL.
(#15524)
* Fix dropping incoming stanzas on BOSH connections when we receive
multiple HTTP responses at once. (Issa Gorissen) (#15684)
Yahoo!:
* Fix possible crashes handling incoming strings that are not UTF-8.
(Discovered by Thijs Alkemade and Robert Vehse) (CVE-2012-6152)
* Fix a bug reading a peer to peer message where a remote user could
trigger a crash. (CVE-2013-6481)
Plugins:
* Fix crash in contact availability plugin.
* Fix perl function Purple::Network::ip_atoi
* Add Unity integration plugin.
@
text
@d1 1
a1 1
@@comment $NetBSD: PLIST,v 1.27 2013/03/03 07:17:24 obache Exp $
a230 6
${PLIST.perl}lib/purple-2/perl/Purple.pm
${PLIST.perl}lib/purple-2/perl/auto/Purple/.packlist
${PLIST.perl}lib/purple-2/perl/auto/Purple/Purple.bs
${PLIST.perl}lib/purple-2/perl/auto/Purple/Purple.so
${PLIST.perl}lib/purple-2/perl/auto/Purple/autosplit.ix
${PLIST.perl}man/man3/Purple.3
@
1.27
log
@Update pidgin to 2.10.7.
version 2.10.7 (02/13/2013):
Alien hatchery:
* No changes
General:
* The configure script will now exit with status 1 when specifying
invalid protocol plugins using the --with-static-prpls and
--with-dynamic-prpls arguments. (Michael Fiedler) (#15316)
libpurple:
* Fix a crash when receiving UPnP responses with abnormally long values.
(CVE-2013-0274)
* Don't link directly to libgcrypt when building with GnuTLS support.
(Bartosz Brachaczek) (#15329)
* Fix UPnP mappings on routers that return empty