View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/pidgin
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
ubuntu/utopic-updates 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: ac9aa72290802e8d8cc037b6f07dc6299df02b25

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

ubuntu/utopic-devel 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: ac9aa72290802e8d8cc037b6f07dc6299df02b25

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

applied/ubuntu/utopic-devel 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: f1fd5bf8ed6dea33892458358a489d298035235c
Unapplied parent: 0a4fd5526df3e7802ea478ae714a4c2a7dd8163f

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

applied/ubuntu/utopic-security 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: f1fd5bf8ed6dea33892458358a489d298035235c
Unapplied parent: 0a4fd5526df3e7802ea478ae714a4c2a7dd8163f

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

applied/ubuntu/utopic-updates 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-applied version 1:2.10.9-0ubuntu7.1 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: f1fd5bf8ed6dea33892458358a489d298035235c
Unapplied parent: 0a4fd5526df3e7802ea478ae714a4c2a7dd8163f

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

ubuntu/utopic-security 2014-10-28 13:53:35 UTC 2014-10-28
Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2014-10-27 15:29:40 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu7.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: ac9aa72290802e8d8cc037b6f07dc6299df02b25

New changelog entries:
  * SECURITY UPDATE: insufficient ssl certificate validation
    - debian/patches/CVE-2014-3694.patch: fix basic constraints checking in
      libpurple/certificate.c, libpurple/certificate.h,
      libpurple/plugins/ssl/ssl-gnutls.c, libpurple/plugins/ssl/ssl-nss.c.
    - CVE-2014-3694
  * SECURITY UPDATE: denial of service via malformed MXit emoticon response
    - debian/patches/CVE-2014-3695.patch: properly check lengths in
      libpurple/protocols/mxit/markup.c.
    - CVE-2014-3695
  * SECURITY UPDATE: denial of service via malformed Groupwise message
    - debian/patches/CVE-2014-3696.patch: check sizes in
      libpurple/protocols/novell/nmevent.c.
    - CVE-2014-3696
  * SECURITY UPDATE: XMPP information leak
    - debian/patches/CVE-2014-3698.patch: fix leaks in
      libpurple/protocols/jabber/jutil.c.
    - CVE-2014-3698

applied/ubuntu/utopic-proposed 2014-09-18 17:48:40 UTC 2014-09-18
Import patches-applied version 1:2.10.9-0ubuntu7 to applied/ubuntu/utopic-pro...

Author: Dimitri John Ledkov
Author Date: 2014-09-18 17:11:48 UTC

Import patches-applied version 1:2.10.9-0ubuntu7 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 44b3a459a84124e5fff14bce516b96b2d27ee353
Unapplied parent: 5f890e048938c43948d1495f4d09068a84357c30

New changelog entries:
  * Add dialpad support.

applied/ubuntu/utopic 2014-09-18 17:48:40 UTC 2014-09-18
Import patches-applied version 1:2.10.9-0ubuntu7 to applied/ubuntu/utopic-pro...

Author: Dimitri John Ledkov
Author Date: 2014-09-18 17:11:48 UTC

Import patches-applied version 1:2.10.9-0ubuntu7 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 44b3a459a84124e5fff14bce516b96b2d27ee353
Unapplied parent: 5f890e048938c43948d1495f4d09068a84357c30

New changelog entries:
  * Add dialpad support.

ubuntu/utopic-proposed 2014-09-18 17:48:40 UTC 2014-09-18
Import patches-unapplied version 1:2.10.9-0ubuntu7 to ubuntu/utopic-proposed

Author: Dimitri John Ledkov
Author Date: 2014-09-18 17:11:48 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu7 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 0dc4a7f23ab1b7c892e1f3e9d7e5763b47457cb2

New changelog entries:
  * Add dialpad support.

ubuntu/utopic 2014-09-18 17:48:40 UTC 2014-09-18
Import patches-unapplied version 1:2.10.9-0ubuntu7 to ubuntu/utopic-proposed

Author: Dimitri John Ledkov
Author Date: 2014-09-18 17:11:48 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu7 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 0dc4a7f23ab1b7c892e1f3e9d7e5763b47457cb2

New changelog entries:
  * Add dialpad support.

applied/debian/squeeze 2014-07-19 17:06:11 UTC 2014-07-19
Import patches-applied version 2.7.3-1+squeeze4 to applied/debian/squeeze

Author: Raphael Geissert
Author Date: 2014-03-18 22:25:14 UTC

Import patches-applied version 2.7.3-1+squeeze4 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 9eac3a3333a7357cc7186f942f1c9258733f0a84
Unapplied parent: b878a82aaba6a2badc9797bb7f110948016e0e96

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Only build with support for the following protocols:
    irc, jabber, sametime, simple
  * Fix CVE-2013-6485 and CVE-2013-6490

debian/squeeze 2014-07-19 17:06:11 UTC 2014-07-19
Import patches-unapplied version 2.7.3-1+squeeze4 to debian/squeeze

Author: Raphael Geissert
Author Date: 2014-03-18 22:25:14 UTC

Import patches-unapplied version 2.7.3-1+squeeze4 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 62061cde9c39340f65b71c1242f0227cbfbd10db

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Only build with support for the following protocols:
    irc, jabber, sametime, simple
  * Fix CVE-2013-6485 and CVE-2013-6490

ubuntu/saucy-devel 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 60b7780218cf06bd2a1fa2618d1c656e90834afd

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

applied/ubuntu/saucy-updates 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 6635312e185dd205dc44b7ad0ab82ce7347ee028
Unapplied parent: 75522f3dd8a0b8294cf4eca4508625a229bc96bb

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

applied/ubuntu/saucy-security 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 6635312e185dd205dc44b7ad0ab82ce7347ee028
Unapplied parent: 75522f3dd8a0b8294cf4eca4508625a229bc96bb

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

applied/ubuntu/saucy-devel 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1.13.10.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 6635312e185dd205dc44b7ad0ab82ce7347ee028
Unapplied parent: 75522f3dd8a0b8294cf4eca4508625a229bc96bb

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

ubuntu/saucy-security 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 60b7780218cf06bd2a1fa2618d1c656e90834afd

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

ubuntu/saucy-updates 2014-05-21 12:18:37 UTC 2014-05-21
Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-...

Author: Marc Deslauriers
Author Date: 2014-05-20 15:09:56 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1.13.10.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 60b7780218cf06bd2a1fa2618d1c656e90834afd

New changelog entries:
  * SECURITY UPDATE: memory corruption via crafted message from gadu-gadu
    file relay server
    - debian/patches/CVE-2014-3775.patch: check relay_count in
      libpurple/protocols/gg/lib/dcc7.c
    - CVE-2014-3775

applied/ubuntu/trusty 2014-04-09 18:10:22 UTC 2014-04-09
Import patches-applied version 1:2.10.9-0ubuntu3 to applied/ubuntu/trusty-pro...

Author: Sebastien Bacher
Author Date: 2014-04-09 17:00:52 UTC

Import patches-applied version 1:2.10.9-0ubuntu3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: ad69a7eddca6b698519b289afbd7c028a0493210
Unapplied parent: cf5e94f9c96c7e8d553a30b6c75049088c5821f4

New changelog entries:
  * debian/patches/xmessagingmenu.patch: change the .in file as well
    so the changes are not overwriten when regenerating

ubuntu/trusty-proposed 2014-04-09 18:10:22 UTC 2014-04-09
Import patches-unapplied version 1:2.10.9-0ubuntu3 to ubuntu/trusty-proposed

Author: Sebastien Bacher
Author Date: 2014-04-09 17:00:52 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 20e626a2c43a6a129632bbb4c45dadb5ab2adec7

New changelog entries:
  * debian/patches/xmessagingmenu.patch: change the .in file as well
    so the changes are not overwriten when regenerating

applied/ubuntu/trusty-proposed 2014-04-09 18:10:22 UTC 2014-04-09
Import patches-applied version 1:2.10.9-0ubuntu3 to applied/ubuntu/trusty-pro...

Author: Sebastien Bacher
Author Date: 2014-04-09 17:00:52 UTC

Import patches-applied version 1:2.10.9-0ubuntu3 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: ad69a7eddca6b698519b289afbd7c028a0493210
Unapplied parent: cf5e94f9c96c7e8d553a30b6c75049088c5821f4

New changelog entries:
  * debian/patches/xmessagingmenu.patch: change the .in file as well
    so the changes are not overwriten when regenerating

ubuntu/trusty 2014-04-09 18:10:22 UTC 2014-04-09
Import patches-unapplied version 1:2.10.9-0ubuntu3 to ubuntu/trusty-proposed

Author: Sebastien Bacher
Author Date: 2014-04-09 17:00:52 UTC

Import patches-unapplied version 1:2.10.9-0ubuntu3 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 20e626a2c43a6a129632bbb4c45dadb5ab2adec7

New changelog entries:
  * debian/patches/xmessagingmenu.patch: change the .in file as well
    so the changes are not overwriten when regenerating

ubuntu/quantal-updates 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3f19d311945b9cfa2a957bf07f4559d12e9e031b

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

ubuntu/quantal-security 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3f19d311945b9cfa2a957bf07f4559d12e9e031b

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

ubuntu/quantal-devel 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-unapplied version 1:2.10.6-0ubuntu2.3 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3f19d311945b9cfa2a957bf07f4559d12e9e031b

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

applied/ubuntu/quantal-security 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-...

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 2ba490b057d78b734be59f1ed7dcf290d49dfdca
Unapplied parent: f777cd40c87cd3f6420e7aa4767315aed47bb023

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

applied/ubuntu/quantal-devel 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-...

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 2ba490b057d78b734be59f1ed7dcf290d49dfdca
Unapplied parent: f777cd40c87cd3f6420e7aa4767315aed47bb023

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

applied/ubuntu/quantal-updates 2014-02-06 15:43:36 UTC 2014-02-06
Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-...

Author: Marc Deslauriers
Author Date: 2014-02-05 20:56:07 UTC

Import patches-applied version 1:2.10.6-0ubuntu2.3 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 2ba490b057d78b734be59f1ed7dcf290d49dfdca
Unapplied parent: f777cd40c87cd3f6420e7aa4767315aed47bb023

New changelog entries:
  * SECURITY UPDATE: remote crash in yahoo via incorrect char encoding
    - debian/patches/CVE-2012-6152.patch: validate strings as utf-8
      before parsing in libpurple/protocols/yahoo/{libymsg,yahoo_aliases,
      yahoo_filexfer,yahoo_friend,yahoo_picture,yahoochat}.c.
    - CVE-2012-6152
  * SECURITY UPDATE: crash via bad XMPP timestamp
    - debian/patches/CVE-2013-6477.patch: properly handle invalid
      timestamps in libpurple/{conversation,log,server}.c.
    - CVE-2013-6477
  * SECURITY UPDATE: crash via hovering pointer over long URL
    - debian/patches/CVE-2013-6478.patch: set max lengths in
      pidgin/gtkimhtml.c.
    - CVE-2013-6478
  * SECURITY UPDATE: remote crash via HTTP response parsing
    - debian/patches/CVE-2013-6479.patch: don't implicitly trust
      Content-Length in libpurple/util.c.
    - CVE-2013-6479
  * SECURITY UPDATE: remote crash via yahoo P2P message
    - debian/patches/CVE-2013-6481.patch: perform bounds checking in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2013-6481
  * SECURITY UPDATE: crashes via MSN NULL pointer dereferences
    - debian/patches/CVE-2013-6482.patch: fix NULL pointers in
      libpurple/protocols/msn/{msg,oim,soap}.c.
    - CVE-2013-6482
  * SECURITY UPDATE: iq reply spoofing via incorrect from verification
    - debian/patches/CVE-2013-6483.patch: verify from field on iq replies
      in libpurple/protocols/jabber/{iq.*,jabber.c,jutil.*}.
    - CVE-2013-6483
  * SECURITY UPDATE: crash via response from STUN server
    - debian/patches/CVE-2013-6484.patch: validate len in libpurple/stun.c.
    - CVE-2013-6484
  * SECURITY UPDATE: buffer overflow in chunked HTTP response parsing
    - debian/patches/CVE-2013-6485.patch: limit chunk size in
      libpurple/util.c.
    - CVE-2013-6485
  * SECURITY UPDATE: buffer overflow in gadu-gadu HTTP parsing
    - debian/patches/CVE-2013-6487.patch: limit length in
      libpurple/protocols/gg/lib/http.c.
    - CVE-2013-6487
  * SECURITY UPDATE: buffer overflow in MXit emoticon parsing
    - debian/patches/CVE-2013-6489.patch: check return code in
      libpurple/protocols/mxit/markup.c.
    - CVE-2013-6489
  * SECURITY UPDATE: buffer overflow in SIMPLE header parsing
    - debian/patches/CVE-2013-6490.patch: use g_new in
      libpurple/protocols/simple/simple.c and check length in
      libpurple/protocols/simple/sipmsg.c.
    - CVE-2013-6490
  * SECURITY UPDATE: crash via IRC argument parsing
    - debian/patches/CVE-2014-0020.patch: fix arg handling in
      libpurple/protocols/irc/msgs.c, fix counts in
      libpurple/protocols/irc/parse.c.
    - CVE-2014-0020

ubuntu/raring 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 54cfdde64e0f66b6a82a815e38dfa1cb394b548d

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

applied/ubuntu/raring 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-p...

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 72704d8b48e480a0d48ff48a194cea7ebfe0c53a
Unapplied parent: 01210d521ddbbc62ec8fa61971aed77adccadc71

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

applied/ubuntu/raring-devel 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-p...

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 72704d8b48e480a0d48ff48a194cea7ebfe0c53a
Unapplied parent: 01210d521ddbbc62ec8fa61971aed77adccadc71

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

applied/ubuntu/raring-proposed 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-p...

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 72704d8b48e480a0d48ff48a194cea7ebfe0c53a
Unapplied parent: 01210d521ddbbc62ec8fa61971aed77adccadc71

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

applied/ubuntu/saucy 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-p...

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-applied version 1:2.10.7-0ubuntu4.1 to applied/ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 72704d8b48e480a0d48ff48a194cea7ebfe0c53a
Unapplied parent: 01210d521ddbbc62ec8fa61971aed77adccadc71

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

ubuntu/saucy 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 54cfdde64e0f66b6a82a815e38dfa1cb394b548d

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

ubuntu/raring-proposed 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 54cfdde64e0f66b6a82a815e38dfa1cb394b548d

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

ubuntu/raring-devel 2013-04-23 03:33:13 UTC 2013-04-23
Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Author: Robert Hooker
Author Date: 2013-04-20 19:40:16 UTC

Import patches-unapplied version 1:2.10.7-0ubuntu4.1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 54cfdde64e0f66b6a82a815e38dfa1cb394b548d

New changelog entries:
  * Add hg-remove-SIGCHLD-handler.patch: Fix hanging on startup.
    Backport of upstream commit from 3.0 (LP: #1108056)

applied/ubuntu/lucid-updates 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 1076e90e378fc15ee7eb7b8c24f7935fd81e110c
Unapplied parent: 5e6a65bc975f92e94641b0f14451310696b365e0

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/oneiric-devel 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: cbe2b8b74d368d9d760ca6aeb492b4b49249cbae

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/lucid-updates 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 0cb0bb0adceff199e128630b7ed7bfa7bd103095

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/lucid-security 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 0cb0bb0adceff199e128630b7ed7bfa7bd103095

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/lucid-devel 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-unapplied version 1:2.6.6-1ubuntu4.6 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 0cb0bb0adceff199e128630b7ed7bfa7bd103095

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

applied/ubuntu/oneiric-updates 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-...

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: e3134d7bdc0cba15f50312a1965d560415c707f5
Unapplied parent: 725f7020ef3d62de49d392ce5c6ec12422413486

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

applied/ubuntu/oneiric-devel 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-...

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: e3134d7bdc0cba15f50312a1965d560415c707f5
Unapplied parent: 725f7020ef3d62de49d392ce5c6ec12422413486

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

applied/ubuntu/oneiric-security 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-...

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-applied version 1:2.10.0-0ubuntu2.2 to applied/ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: e3134d7bdc0cba15f50312a1965d560415c707f5
Unapplied parent: 725f7020ef3d62de49d392ce5c6ec12422413486

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

applied/ubuntu/lucid-devel 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 1076e90e378fc15ee7eb7b8c24f7935fd81e110c
Unapplied parent: 5e6a65bc975f92e94641b0f14451310696b365e0

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

applied/ubuntu/lucid-security 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-sec...

Author: Marc Deslauriers
Author Date: 2013-02-21 18:07:35 UTC

Import patches-applied version 1:2.6.6-1ubuntu4.6 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 1076e90e378fc15ee7eb7b8c24f7935fd81e110c
Unapplied parent: 5e6a65bc975f92e94641b0f14451310696b365e0

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/oneiric-updates 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: cbe2b8b74d368d9d760ca6aeb492b4b49249cbae

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/oneiric-security 2013-02-25 14:03:23 UTC 2013-02-25
Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Author: Marc Deslauriers
Author Date: 2013-02-21 17:54:47 UTC

Import patches-unapplied version 1:2.10.0-0ubuntu2.2 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: cbe2b8b74d368d9d760ca6aeb492b4b49249cbae

New changelog entries:
  * SECURITY UPDATE: file overwrite via MXit crafted pathname
    - debian/patches/CVE-2013-0271.patch: properly escape filenames in
      libpurple/protocols/mxit/formcmds.c,
      libpurple/protocols/mxit/splashscreen.c.
    - CVE-2013-0271
  * SECURITY UPDATE: arbitrary code execution via long HTTP header in MXit
    - debian/patches/CVE-2013-0272.patch: properly check lengths in
      libpurple/protocols/mxit/http.c.
    - CVE-2013-0272
  * SECURITY UPDATE: denial of service via long user ID in Sametime
    - debian/patches/CVE-2013-0273.patch: use g_strlcpy in
      libpurple/protocols/sametime/sametime.c.
    - CVE-2013-0273
  * SECURITY UPDATE: denial of service via long UPnP responses
    - debian/patches/CVE-2013-0274.patch: use g_strlcpy in libpurple/upnp.c.
    - CVE-2013-0274

ubuntu/precise-proposed 2013-02-11 21:03:37 UTC 2013-02-11
Import patches-unapplied version 1:2.10.3-0ubuntu1.2 to ubuntu/precise-proposed

Author: Ritesh Khadgaray
Author Date: 2013-01-09 12:20:06 UTC

Import patches-unapplied version 1:2.10.3-0ubuntu1.2 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 67108bedaed9fe9e17b48e5a88c34e047695310b

New changelog entries:
  * debian/patches/pounce-webview.patch (LP: #1026442)
    - Buddy pounce - send message window too short

applied/ubuntu/precise-proposed 2013-02-11 21:03:37 UTC 2013-02-11
Import patches-applied version 1:2.10.3-0ubuntu1.2 to applied/ubuntu/precise-...

Author: Ritesh Khadgaray
Author Date: 2013-01-09 12:20:06 UTC

Import patches-applied version 1:2.10.3-0ubuntu1.2 to applied/ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: ba1db3cccdf0afbcbd796de7e000d69f6d9162b5
Unapplied parent: 03dcaed7168b594c80e12cddce35d1518c8f31a8

New changelog entries:
  * debian/patches/pounce-webview.patch (LP: #1026442)
    - Buddy pounce - send message window too short

applied/ubuntu/quantal-proposed 2013-01-31 19:11:05 UTC 2013-01-31
Import patches-applied version 1:2.10.6-0ubuntu2.1 to applied/ubuntu/quantal-...

Author: Ritesh Khadgaray
Author Date: 2013-01-09 14:07:14 UTC

Import patches-applied version 1:2.10.6-0ubuntu2.1 to applied/ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: c721ac8f114d849ed8fb5619fa0087070e1ece2b
Unapplied parent: 168f0cf64ad88086416dd01a20047953f026b1e5

New changelog entries:
  * debian/patches/pounce-webview.patch (LP: #1026442)
    - Buddy pounce - send message window too short

ubuntu/quantal-proposed 2013-01-31 19:11:05 UTC 2013-01-31
Import patches-unapplied version 1:2.10.6-0ubuntu2.1 to ubuntu/quantal-proposed

Author: Ritesh Khadgaray
Author Date: 2013-01-09 14:07:14 UTC

Import patches-unapplied version 1:2.10.6-0ubuntu2.1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 94bc7aca80240cb3ada39121669a18f309343ac5

New changelog entries:
  * debian/patches/pounce-webview.patch (LP: #1026442)
    - Buddy pounce - send message window too short

applied/ubuntu/quantal 2012-09-18 14:33:23 UTC 2012-09-18
Import patches-applied version 1:2.10.6-0ubuntu2 to applied/ubuntu/quantal

Author: John Kim
Author Date: 2012-09-12 01:51:33 UTC

Import patches-applied version 1:2.10.6-0ubuntu2 to applied/ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: d99d0458bc2b0bac334ae32c0d8146700be80103
Unapplied parent: a12562f0d9f3eae739173761b07f0edd1f1f88be

New changelog entries:
  * debian/control: fixed a typo for tcl and tk (LP: #1022935)

ubuntu/quantal 2012-09-18 14:33:23 UTC 2012-09-18
Import patches-unapplied version 1:2.10.6-0ubuntu2 to ubuntu/quantal

Author: John Kim
Author Date: 2012-09-12 01:51:33 UTC

Import patches-unapplied version 1:2.10.6-0ubuntu2 to ubuntu/quantal

Imported using git-ubuntu import.

Changelog parent: 9ad4498263d5e496ffa632298d40c5eede266dbd

New changelog entries:
  * debian/control: fixed a typo for tcl and tk (LP: #1022935)

applied/ubuntu/natty-security 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-se...

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 15c428d9e679fe83c784ab79f1ad5220f74b5650
Unapplied parent: 1fc339922db6b176c54a39e747224f3a1cdd4851

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

applied/ubuntu/natty-devel 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-se...

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 15c428d9e679fe83c784ab79f1ad5220f74b5650
Unapplied parent: 1fc339922db6b176c54a39e747224f3a1cdd4851

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

ubuntu/natty-updates 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 645d5c463d961d93cce9752f9c431761b6a695e8

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

ubuntu/natty-security 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 645d5c463d961d93cce9752f9c431761b6a695e8

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

ubuntu/natty-devel 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 645d5c463d961d93cce9752f9c431761b6a695e8

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

applied/ubuntu/natty-updates 2012-07-09 18:35:26 UTC 2012-07-09
Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-se...

Author: Tyler Hicks
Author Date: 2012-07-08 23:14:21 UTC

Import patches-applied version 1:2.7.11-1ubuntu2.2 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 15c428d9e679fe83c784ab79f1ad5220f74b5650
Unapplied parent: 1fc339922db6b176c54a39e747224f3a1cdd4851

New changelog entries:
  * SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
    messages (LP: #958208)
    - debian/patches/CVE-2011-4601.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4601
  * SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
    and video chat requests (LP: #958208)
    - debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
      and video chat requests. Based on upstream patch.
    - CVE-2011-4602
  * SECURITY UPDATE: Remote denial of service via specially crafted SILC
    messages (LP: #958208)
    - debian/patches/CVE-2011-4603.patch: Validate incoming messages to
      enforce proper UTF-8 encoding. Based on upstream patch.
    - CVE-2011-4603
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    offline messages (LP: #958208)
    - debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
      UTF-8 if they are not already UTF-8. Based on upstream patch.
    - CVE-2012-1178
  * SECURITY UPDATE: Remote denial of service via specially crafted MSN
    messages (LP: #996691)
    - debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
      then validate the messages. Based on upstream patch.
    - CVE-2012-2318
  * SECURITY UPDATE: Remote denial of service via specially crafted MXit
    messages (LP: #1022012)
    - debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
      instead of a fixed size buffer. Based on upstream patch.
    - CVE-2012-3374

applied/ubuntu/precise 2012-04-07 20:33:57 UTC 2012-04-07
Import patches-applied version 1:2.10.3-0ubuntu1 to applied/ubuntu/precise

Author: Alexander Fougner
Author Date: 2012-04-06 08:03:13 UTC

Import patches-applied version 1:2.10.3-0ubuntu1 to applied/ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 0f557a96d1b4095e88430ff608dee7e7ae82f2a1
Unapplied parent: 4d98ef4cf18d2a8b19e335fb4f5ea4d90e6ec30c

New changelog entries:
  * update to new stable release, fixes (LP: #964210)

ubuntu/precise 2012-04-07 20:33:57 UTC 2012-04-07
Import patches-unapplied version 1:2.10.3-0ubuntu1 to ubuntu/precise

Author: Alexander Fougner
Author Date: 2012-04-06 08:03:13 UTC

Import patches-unapplied version 1:2.10.3-0ubuntu1 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: b1daca458f4ae41a6931ef435c7e6178f8ca5df7

New changelog entries:
  * update to new stable release, fixes (LP: #964210)

applied/debian/experimental 2012-04-01 09:28:43 UTC 2012-04-01
Import patches-applied version 2.10.2-1.1 to applied/debian/experimental

Author: Laurent Bigonville
Author Date: 2012-03-31 18:36:59 UTC

Import patches-applied version 2.10.2-1.1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: 3146cb28b99d78df7e6779b923d9966cfa5fef29
Unapplied parent: 5c24b8383308bcb0b56ebc1523dce6310895d479

New changelog entries:
  * Non-maintainer upload with Ari approval.
  * Add debian/patches/port-to-farstream.patch: Use farstream instead of
    farsight (Closes: #664527)

debian/experimental 2012-04-01 09:28:43 UTC 2012-04-01
Import patches-unapplied version 2.10.2-1.1 to debian/experimental

Author: Laurent Bigonville
Author Date: 2012-03-31 18:36:59 UTC

Import patches-unapplied version 2.10.2-1.1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: ceef1272171e5e3b1679420a67e4f7c7e9b41290

New changelog entries:
  * Non-maintainer upload with Ari approval.
  * Add debian/patches/port-to-farstream.patch: Use farstream instead of
    farsight (Closes: #664527)

applied/ubuntu/maverick-devel 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-...

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: bdedcc9b1d62831e078ac8a41d70b01edc69e17e
Unapplied parent: 7cf7b055ed365704767a12804aecaca4b2a1f44b

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

applied/ubuntu/maverick-updates 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-...

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: bdedcc9b1d62831e078ac8a41d70b01edc69e17e
Unapplied parent: 7cf7b055ed365704767a12804aecaca4b2a1f44b

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

ubuntu/maverick-devel 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 4b1e6cfcb1375cae556ff549e3cb9e7fe3aa14ae

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

ubuntu/maverick-security 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 4b1e6cfcb1375cae556ff549e3cb9e7fe3aa14ae

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

ubuntu/maverick-updates 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-unapplied version 1:2.7.3-1ubuntu3.3 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 4b1e6cfcb1375cae556ff549e3cb9e7fe3aa14ae

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

applied/ubuntu/maverick-security 2011-11-21 20:07:27 UTC 2011-11-21
Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-...

Author: Marc Deslauriers
Author Date: 2011-11-18 19:40:50 UTC

Import patches-applied version 1:2.7.3-1ubuntu3.3 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: bdedcc9b1d62831e078ac8a41d70b01edc69e17e
Unapplied parent: 7cf7b055ed365704767a12804aecaca4b2a1f44b

New changelog entries:
  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

ubuntu/oneiric 2011-09-24 06:03:30 UTC 2011-09-24
Import patches-unapplied version 1:2.10.0-0ubuntu2 to ubuntu/oneiric

Author: Mathieu Trudel-Lapierre
Author Date: 2011-09-24 02:00:52 UTC

Import patches-unapplied version 1:2.10.0-0ubuntu2 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 67b74d04efdcafa482084ab96ba4a2c4120f0b93

New changelog entries:
  * debian/patches/irc_disable_periodic_who.patch: work around spontaneous
    disconnects from IRC due to 'Max SendQ exceeded' errors caused by periodic
    /who checks. (LP: #856631)

applied/ubuntu/oneiric 2011-09-24 06:03:30 UTC 2011-09-24
Import patches-applied version 1:2.10.0-0ubuntu2 to applied/ubuntu/oneiric

Author: Mathieu Trudel-Lapierre
Author Date: 2011-09-24 02:00:52 UTC

Import patches-applied version 1:2.10.0-0ubuntu2 to applied/ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 54271445714c76fc8e472bab013618dd9344ffdb
Unapplied parent: 4305b29a497a9fb44bcc523dfa780bda746748e1

New changelog entries:
  * debian/patches/irc_disable_periodic_who.patch: work around spontaneous
    disconnects from IRC due to 'Max SendQ exceeded' errors caused by periodic
    /who checks. (LP: #856631)

applied/ubuntu/natty 2011-04-11 11:05:07 UTC 2011-04-11
Import patches-applied version 1:2.7.11-1ubuntu2 to applied/ubuntu/natty

Author: Micah Gersten
Author Date: 2011-04-11 09:31:49 UTC

Import patches-applied version 1:2.7.11-1ubuntu2 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 23fccb64144b5e9c5e783609a012e7698a231a37
Unapplied parent: b6c8c49f83222f9713e54e8dbd36aebc41d5a116

New changelog entries:
  * Symbols were removed from libpurple-client.so.0 and are now only found in
    libpurple.so.0 (LP: #757311)
    - update debian/libpurple0.symbols

ubuntu/natty 2011-04-11 11:05:07 UTC 2011-04-11
Import patches-unapplied version 1:2.7.11-1ubuntu2 to ubuntu/natty

Author: Micah Gersten
Author Date: 2011-04-11 09:31:49 UTC

Import patches-unapplied version 1:2.7.11-1ubuntu2 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: a166676c13843847dc07c3ef84f2083fdba7b4f8

New changelog entries:
  * Symbols were removed from libpurple-client.so.0 and are now only found in
    libpurple.so.0 (LP: #757311)
    - update debian/libpurple0.symbols

ubuntu/lucid-proposed 2010-12-15 12:06:19 UTC 2010-12-15
Import patches-unapplied version 1:2.6.6-1ubuntu4.3 to ubuntu/lucid-proposed

Author: Chris Coulson
Author Date: 2010-12-13 10:21:49 UTC

Import patches-unapplied version 1:2.6.6-1ubuntu4.3 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 5d91e0f8d98baac66d4f4e46d3daef2d7950b868

New changelog entries:
  * Apply upstream patch related to ICQ server changes. Thanks to
    Stephen Leavitt for digging out the patch (LP: #683076)
    - add debian/patches/95_icq_server_split_fix.patch
    - add debian/patches/96_icq_server_migration.patch

applied/ubuntu/lucid-proposed 2010-12-15 12:06:19 UTC 2010-12-15
Import patches-applied version 1:2.6.6-1ubuntu4.3 to applied/ubuntu/lucid-pro...

Author: Chris Coulson
Author Date: 2010-12-13 10:21:49 UTC

Import patches-applied version 1:2.6.6-1ubuntu4.3 to applied/ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 01be0db90c1a9211218d2fbeb998a75be844486a
Unapplied parent: b168ffd19059842e8c3b55e9d835b15d254c76c2

New changelog entries:
  * Apply upstream patch related to ICQ server changes. Thanks to
    Stephen Leavitt for digging out the patch (LP: #683076)
    - add debian/patches/95_icq_server_split_fix.patch
    - add debian/patches/96_icq_server_migration.patch

debian/lenny 2010-11-27 21:11:39 UTC 2010-11-27
Import patches-unapplied version 2.4.3-4lenny8 to debian/lenny

Author: Ari Pollak
Author Date: 2010-11-07 00:02:10 UTC

Import patches-unapplied version 2.4.3-4lenny8 to debian/lenny

Imported using git-ubuntu import.

Changelog parent: e23e51ae4cbcaa83008645915b03ee826ef407f9

New changelog entries:
  * Move package VCS to git
  * Re-enable SILC, SIMPLE, and Yahoo, which have all apparently been
    disabled since 2.4.3-4lenny6, and which is a grave regression.

applied/debian/lenny 2010-11-27 21:11:39 UTC 2010-11-27
Import patches-applied version 2.4.3-4lenny8 to applied/debian/lenny

Author: Ari Pollak
Author Date: 2010-11-07 00:02:10 UTC

Import patches-applied version 2.4.3-4lenny8 to applied/debian/lenny

Imported using git-ubuntu import.

Changelog parent: 4e12e7a5fbf11971dbbfbdd20855ffb00101f489
Unapplied parent: 02174679d530298ffeadf67aa59ae6b6d9e7d039

New changelog entries:
  * Move package VCS to git
  * Re-enable SILC, SIMPLE, and Yahoo, which have all apparently been
    disabled since 2.4.3-4lenny6, and which is a grave regression.

applied/ubuntu/maverick-proposed 2010-11-22 10:05:03 UTC 2010-11-22
Import patches-applied version 1:2.7.3-1ubuntu3.2 to applied/ubuntu/maverick-...

Author: Felix Geyer
Author Date: 2010-11-20 12:37:00 UTC

Import patches-applied version 1:2.7.3-1ubuntu3.2 to applied/ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: fb58f2d38ddf4070e0ba83762db857bc130723ff
Unapplied parent: 4b1e6cfcb1375cae556ff549e3cb9e7fe3aa14ae

New changelog entries:
  [ Chow Loong Jin ]
  * debian/patches/workaround-msn-ssl-failure.patch: Workaround SSL
    connectivity issues with MSN (LP: #676972)
  [ Felix Geyer ]
  * debian/patches/62_icq_server_changes.patch: Adapt to ICQ server changes.
  * debian/patches/63_icq_server_migration.patch: Migrate existing accounts to
    the new login server names. (LP: #675903)

ubuntu/maverick-proposed 2010-11-22 10:05:03 UTC 2010-11-22
Import patches-unapplied version 1:2.7.3-1ubuntu3.2 to ubuntu/maverick-proposed

Author: Felix Geyer
Author Date: 2010-11-20 12:37:00 UTC

Import patches-unapplied version 1:2.7.3-1ubuntu3.2 to ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: 5405de7f142be86f0c915335c278aced19f52e83

New changelog entries:
  [ Chow Loong Jin ]
  * debian/patches/workaround-msn-ssl-failure.patch: Workaround SSL
    connectivity issues with MSN (LP: #676972)
  [ Felix Geyer ]
  * debian/patches/62_icq_server_changes.patch: Adapt to ICQ server changes.
  * debian/patches/63_icq_server_migration.patch: Migrate existing accounts to
    the new login server names. (LP: #675903)

ubuntu/hardy-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: a8de9d26e08d3d1169cf5f50625e84cb1f014648

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

ubuntu/hardy-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: a8de9d26e08d3d1169cf5f50625e84cb1f014648

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

applied/ubuntu/hardy-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 449a17e2d81e55d8149459c74fd6df37a4679ec7
Unapplied parent: 673173fed2b22695c5a2cf411cb3fdd3f7947871

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

applied/ubuntu/karmic-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 160579e3dbd526d471ae45e3775a0997a6cd8ea6
Unapplied parent: 34a34a5bc56b2aa6bedbc814e2f410a46a65dfa6

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

ubuntu/hardy-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-unapplied version 1:2.4.1-1ubuntu2.10 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: a8de9d26e08d3d1169cf5f50625e84cb1f014648

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

applied/ubuntu/karmic-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 160579e3dbd526d471ae45e3775a0997a6cd8ea6
Unapplied parent: 34a34a5bc56b2aa6bedbc814e2f410a46a65dfa6

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

applied/ubuntu/hardy-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 449a17e2d81e55d8149459c74fd6df37a4679ec7
Unapplied parent: 673173fed2b22695c5a2cf411cb3fdd3f7947871

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

applied/ubuntu/karmic-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 160579e3dbd526d471ae45e3775a0997a6cd8ea6
Unapplied parent: 34a34a5bc56b2aa6bedbc814e2f410a46a65dfa6

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

applied/ubuntu/hardy-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-se...

Author: Marc Deslauriers
Author Date: 2010-11-03 13:36:41 UTC

Import patches-applied version 1:2.4.1-1ubuntu2.10 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 449a17e2d81e55d8149459c74fd6df37a4679ec7
Unapplied parent: 673173fed2b22695c5a2cf411cb3fdd3f7947871

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711

ubuntu/karmic-devel 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: febe2af72314d0429be7d68535b090defed1cb5f

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

ubuntu/karmic-security 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: febe2af72314d0429be7d68535b090defed1cb5f

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

ubuntu/karmic-updates 2010-11-04 13:12:44 UTC 2010-11-04
Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Author: Marc Deslauriers
Author Date: 2010-11-03 13:02:12 UTC

Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: febe2af72314d0429be7d68535b090defed1cb5f

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

applied/ubuntu/maverick 2010-09-21 18:04:36 UTC 2010-09-21
Import patches-applied version 1:2.7.3-1ubuntu3 to applied/ubuntu/maverick

Author: St├ęphane Graber
Author Date: 2010-09-21 12:31:16 UTC

Import patches-applied version 1:2.7.3-1ubuntu3 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: ae6c04ff6f55b0040fba64a7df6ff8347a5ce9fc
Unapplied parent: a34458e4877745ca63f9e35064730f364dd446b0

New changelog entries:
  * Include upstream bugfix (bug 12629) for Bonjour support (LP: #641344)

ubuntu/maverick 2010-09-21 18:04:36 UTC 2010-09-21
Import patches-unapplied version 1:2.7.3-1ubuntu3 to ubuntu/maverick

Author: St├ęphane Graber
Author Date: 2010-09-21 12:31:16 UTC

Import patches-unapplied version 1:2.7.3-1ubuntu3 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: ab4d6055363e054a3b18b213b9cd23d4756523bb

New changelog entries:
  * Include upstream bugfix (bug 12629) for Bonjour support (LP: #641344)

applied/ubuntu/lucid 2010-03-09 19:05:36 UTC 2010-03-09
Import patches-applied version 1:2.6.6-1ubuntu4 to applied/ubuntu/lucid

Author: Marc Deslauriers
Author Date: 2010-03-09 17:48:28 UTC

Import patches-applied version 1:2.6.6-1ubuntu4 to applied/ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 10ae215943a95b3a0136b9e00763a99be84d92cd
Unapplied parent: 70df5659d88fb839f3500cb9b1c159692b1fc6e7

New changelog entries:
  * debian/patches/92_gtkstatusicon_blink.patch: add blink support to
    GtkStatusIcon backport.
  * debian/patches/62_tray_icon_size_kde.patch: removed as no longer
    needed with GtkStatusIcon support.

ubuntu/lucid 2010-03-09 19:05:36 UTC 2010-03-09
Import patches-unapplied version 1:2.6.6-1ubuntu4 to ubuntu/lucid

Author: Marc Deslauriers
Author Date: 2010-03-09 17:48:28 UTC

Import patches-unapplied version 1:2.6.6-1ubuntu4 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 7ba6fc52dc46f07d6ea411b2abd16da9538213f0

New changelog entries:
  * debian/patches/92_gtkstatusicon_blink.patch: add blink support to
    GtkStatusIcon backport.
  * debian/patches/62_tray_icon_size_kde.patch: removed as no longer
    needed with GtkStatusIcon support.

ubuntu/jaunty-security 2010-02-22 16:07:38 UTC 2010-02-22
Import patches-unapplied version 1:2.5.5-1ubuntu8.6 to ubuntu/jaunty-security

Author: Marc Deslauriers
Author Date: 2010-02-18 19:37:45 UTC

Import patches-unapplied version 1:2.5.5-1ubuntu8.6 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: baf18c933dc975091bd97c3b0cfd29b6a7d66dca

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/85_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/86_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/87_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

ubuntu/intrepid-devel 2010-02-22 16:07:38 UTC 2010-02-22
Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2010-02-18 19:45:12 UTC

Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: d4ea0b7fb6d6e3cd31b1c8137ff806c7afc6335d

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/93_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/93_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/93_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

ubuntu/intrepid-security 2010-02-22 16:07:38 UTC 2010-02-22
Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2010-02-18 19:45:12 UTC

Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: d4ea0b7fb6d6e3cd31b1c8137ff806c7afc6335d

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/93_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/93_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/93_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

ubuntu/intrepid-updates 2010-02-22 16:07:38 UTC 2010-02-22
Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Author: Marc Deslauriers
Author Date: 2010-02-18 19:45:12 UTC

Import patches-unapplied version 1:2.5.2-0ubuntu1.7 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: d4ea0b7fb6d6e3cd31b1c8137ff806c7afc6335d

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/93_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/93_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/93_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

101200 of 234 results

Other repositories

Name Last Modified
lp:ubuntu/+source/pidgin 2019-05-23
11 of 1 result
You can't create new repositories for pidgin in Ubuntu.