ubuntu/+source/pidgin:applied/ubuntu/karmic-updates

Last commit made on 2010-11-04
Get this branch:
git clone -b applied/ubuntu/karmic-updates https://git.launchpad.net/ubuntu/+source/pidgin
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/karmic-updates
Repository:
lp:ubuntu/+source/pidgin

Recent commits

49a2029... by Marc Deslauriers on 2010-11-03

Import patches-applied version 1:2.6.2-1ubuntu7.3 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 160579e3dbd526d471ae45e3775a0997a6cd8ea6
Unapplied parent: 34a34a5bc56b2aa6bedbc814e2f410a46a65dfa6

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

34a34a5... by Marc Deslauriers on 2010-11-03

Import patches-unapplied version 1:2.6.2-1ubuntu7.3 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: febe2af72314d0429be7d68535b090defed1cb5f

New changelog entries:
  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711

160579e... by Marc Deslauriers on 2010-02-18

Import patches-applied version 1:2.6.2-1ubuntu7.2 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: d21636936b18a7a7dfbc676d05ecb69ea2aff21b
Unapplied parent: febe2af72314d0429be7d68535b090defed1cb5f

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/65_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/66_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/67_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

febe2af... by Marc Deslauriers on 2010-02-18

Import patches-unapplied version 1:2.6.2-1ubuntu7.2 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 02c34f5205efa3e9bbee360625bb3d8fa9fb0c26

New changelog entries:
  * SECURITY UPDATE: denial of service via malformed SLP message
    - debian/patches/65_security_CVE-2010-0277.patch: validate input in
      libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
    - CVE-2010-0277
  * SECURITY UPDATE: denial of service via certain nicknames in Finch
    - debian/patches/66_security_CVE-2010-0420.patch: properly unescape
      text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
      libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
    - CVE-2010-0420
  * SECURITY UPDATE: denial of service via large number of smileys
    - debian/patches/67_security_CVE-2010-0423.patch: limit the number of
      smileys in pidgin/gtkimhtml.c.
    - CVE-2010-0423

d216369... by Marc Deslauriers on 2010-01-14

Import patches-applied version 1:2.6.2-1ubuntu7.1 to applied/ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: 4d0c70ec0a2e1e77e874c8edfa203945f53d1d8a
Unapplied parent: 02c34f5205efa3e9bbee360625bb3d8fa9fb0c26

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted contact list data
    - debian/patches/63_security_CVE-2009-3615.patch: validate contact
      list structure in libpurple/protocols/oscar/oscar.c.
    - CVE-2009-3615
  * SECURITY UPDATE: directory traversal via custom smiley request
    (LP: #501089)
    - debian/patches/64_security_CVE-2010-0013.patch: ignore request for
      smileys that don't exist in the image store in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-0013

02c34f5... by Marc Deslauriers on 2010-01-14

Import patches-unapplied version 1:2.6.2-1ubuntu7.1 to ubuntu/karmic-security

Imported using git-ubuntu import.

Changelog parent: f68eeb282b82c3332292fff7be9337652cd552fe

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted contact list data
    - debian/patches/63_security_CVE-2009-3615.patch: validate contact
      list structure in libpurple/protocols/oscar/oscar.c.
    - CVE-2009-3615
  * SECURITY UPDATE: directory traversal via custom smiley request
    (LP: #501089)
    - debian/patches/64_security_CVE-2010-0013.patch: ignore request for
      smileys that don't exist in the image store in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-0013

4d0c70e... by Felix Geyer on 2009-10-09

Import patches-applied version 1:2.6.2-1ubuntu7 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 3a994cced28125be77ff43b04bdcb5db765d3121
Unapplied parent: f68eeb282b82c3332292fff7be9337652cd552fe

New changelog entries:
  * Don't stick the buddy list window to all desktops as some
    window managers have trouble to properly unstick it (LP: #346840)
    - debian/patches/11_buddy_list_really_show.patch
  * Always use default tray icon size on KDE (LP: #209440)
    - debian/patches/62_tray_icon_size_kde.patch
  * Use scrollbars in the preferences dialog if the screen height is
    below 700 px instead of 600 px
    - debian/patches/60_1024x600_gtkprefs.c.patch

f68eeb2... by Felix Geyer on 2009-10-09

Import patches-unapplied version 1:2.6.2-1ubuntu7 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 0bd6442ecd0050b798c91a8719388518e3600f2a

New changelog entries:
  * Don't stick the buddy list window to all desktops as some
    window managers have trouble to properly unstick it (LP: #346840)
    - debian/patches/11_buddy_list_really_show.patch
  * Always use default tray icon size on KDE (LP: #209440)
    - debian/patches/62_tray_icon_size_kde.patch
  * Use scrollbars in the preferences dialog if the screen height is
    below 700 px instead of 600 px
    - debian/patches/60_1024x600_gtkprefs.c.patch

3a994cc... by Loïc Minier on 2009-09-27

Import patches-applied version 1:2.6.2-1ubuntu6 to applied/ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: 47097e9549ee6e45023825ba94cad6a3adfeaf50
Unapplied parent: 0bd6442ecd0050b798c91a8719388518e3600f2a

New changelog entries:
  * Move the pidgin-libnotify recommends from libpurple0 to pidgin as this is
    a pidgin-specific plugin (calls pidgin_*()); ideally this plugin should be
    moved to a pidgin specific dir instead of /usr/lib/purple-2/, but
    /usr/lib/pidgin/ doesn't work.
  * Rename XS-Vcs-* to XS-Debian-Vcs-*.

0bd6442... by Loïc Minier on 2009-09-27

Import patches-unapplied version 1:2.6.2-1ubuntu6 to ubuntu/karmic

Imported using git-ubuntu import.

Changelog parent: c8964e87783d9e37f7e3e9cbaa7ab46980294e4a

New changelog entries:
  * Move the pidgin-libnotify recommends from libpurple0 to pidgin as this is
    a pidgin-specific plugin (calls pidgin_*()); ideally this plugin should be
    moved to a pidgin specific dir instead of /usr/lib/purple-2/, but
    /usr/lib/pidgin/ doesn't work.
  * Rename XS-Vcs-* to XS-Debian-Vcs-*.