-
ad440e9...
by
Tyler Hicks
on 2012-07-08
-
Import patches-unapplied version 1:2.7.11-1ubuntu2.2 to ubuntu/natty-security
Imported using git-ubuntu import.
Changelog parent: 645d5c463d961d93cce9752f9c431761b6a695e8
New changelog entries:
* SECURITY UPDATE: Remote denial of service via specially crafted AIM or ICQ
messages (LP: #958208)
- debian/patches/CVE-2011-4601.patch: Validate incoming messages to
enforce proper UTF-8 encoding. Based on upstream patch.
- CVE-2011-4601
* SECURITY UPDATE: Remote denial of service via specially crafted XMPP voice
and video chat requests (LP: #958208)
- debian/patches/CVE-2011-4602.patch: Validate fields in incoming voice
and video chat requests. Based on upstream patch.
- CVE-2011-4602
* SECURITY UPDATE: Remote denial of service via specially crafted SILC
messages (LP: #958208)
- debian/patches/CVE-2011-4603.patch: Validate incoming messages to
enforce proper UTF-8 encoding. Based on upstream patch.
- CVE-2011-4603
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
offline messages (LP: #958208)
- debian/patches/CVE-2012-1178.patch: Convert incoming offline messages to
UTF-8 if they are not already UTF-8. Based on upstream patch.
- CVE-2012-1178
* SECURITY UPDATE: Remote denial of service via specially crafted MSN
messages (LP: #996691)
- debian/patches/CVE-2012-2318.patch: Convert incoming messages to UTF-8,
then validate the messages. Based on upstream patch.
- CVE-2012-2318
* SECURITY UPDATE: Remote denial of service via specially crafted MXit
messages (LP: #1022012)
- debian/patches/CVE-2012-3374.patch: Use dynamically allocated memory
instead of a fixed size buffer. Based on upstream patch.
- CVE-2012-3374
-
645d5c4...
by
Marc Deslauriers
on 2011-11-18
-
Import patches-unapplied version 1:2.7.11-1ubuntu2.1 to ubuntu/natty-security
Imported using git-ubuntu import.
Changelog parent: 4d31d933e35847ac86bdf536191a77633fa91164
New changelog entries:
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
response size
- debian/patches/70_CVE-2011-3184.patch: properly calculate size in
libpurple/protocols/msn/httpconn.c.
- CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
sequence
- debian/patches/71_CVE-2011-3594.patch: properly handle utf-8 in
libpurple/protocols/silc/ops.c.
- CVE-2011-3594
-
4d31d93...
by
Micah Gersten
on 2011-04-11
-
Import patches-unapplied version 1:2.7.11-1ubuntu2 to ubuntu/natty
Imported using git-ubuntu import.
Changelog parent: a166676c13843847dc07c3ef84f2083fdba7b4f8
New changelog entries:
* Symbols were removed from libpurple-client.so.0 and are now only found in
libpurple.so.0 (LP: #757311)
- update debian/libpurple0.symbols
-
a166676...
by
Micah Gersten
on 2011-04-11
-
Import patches-unapplied version 1:2.7.11-1ubuntu1 to ubuntu/natty
Imported using git-ubuntu import.
Changelog parent: 44c13bbb808630a2fa6ae7d01921aa231b258108
New changelog entries:
* Merge from Debian unstable (LP: #757146), remaining changes:
+ debian/control:
- Add libtool and liblaunchpad-integration-dev build depends
- Bump standards version
- Relax binary depends on pidgin versions
- Add pidgin-libnotify as Recommends for pidgin binary
- Fix description of pidgin binary
- Don't have libpurple-bin depend on libpurple0
+ debian/libpurple0.symbols: add epoch to appropriate symbols
+ Add debian/patches:
- 02_lpi.patch
- 04_let_crasher_for_apport.patch
- 05_default_to_irc_ubuntu_com.patch
- 10_docklet_default_off.patch
- 11_buddy_list_really_show.patch
- 13_sounds_and_timers.patch
- 60_1024x600_gtkpounce.c.patch
- 60_1024x600_gtkprefs.c.patch
+ debian/prefs.xml: add notification prefs
+ debian/rules:
- Add translation domain to desktop file with gettext
- Add the launcher for pidgin
* Add configure check for launchpad integration attached to the gtk check since
upstream dropped the startup notification check which is where this check was
previously
- update debian/patches/02_lpi.patch
-
44c13bb...
by
Ari Pollak
on 2011-03-13
-
Import patches-unapplied version 2.7.11-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: eed9ad5487bc3bfcd403cab43d611a3137ff5fd7
New changelog entries:
* Imported Upstream version 2.7.11
- fixes a crash in Voice/Video settings plugin (Closes: #611678)
- fixes a remote DoS in Yahoo protocol (CVE-2011-1091)
-
eed9ad5...
by
Ari Pollak
on 2011-01-02
-
Import patches-unapplied version 2.7.9-2 to debian/sid
Imported using git-ubuntu import.
Changelog parent: f1e913d10fd825a7b4eadeebad0d8965bafc0b15
New changelog entries:
* Remove old Replaces/Conflicts
* pidgin-data now Breaks/Replaces pidgin-facebookchat since we now
provide facebook.png (Closes: #608685)
-
f1e913d...
by
Ari Pollak
on 2011-01-01
-
Import patches-unapplied version 2.7.9-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 198d76acc5a76d0ba929a5096df873e2668fb6ff
New changelog entries:
* Imported Upstream version 2.7.9 (Closes: #608331)
- fixes a potential DoS vulnerability in MSN protocol
-
198d76a...
by
Ari Pollak
on 2010-11-24
-
Import patches-unapplied version 2.7.7-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 26178ea831179a23439d0adaad56ccc930291ff9
New changelog entries:
* Imported Upstream version 2.7.7
-
26178ea...
by
Ari Pollak
on 2010-11-22
-
Import patches-unapplied version 2.7.6-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 18587d8cff311d7a4f58614f16a79523e424d6cb
New changelog entries:
* Imported Upstream version 2.7.6
- Adds new MSN SSL certificates (Closes: #603911)
* Call dh_perl with -d to avoid Perl dependency. (Closes: #602928)
- thanks to Martin Pitt
-
18587d8...
by
Ari Pollak
on 2010-11-05
-
Import patches-unapplied version 2.7.5-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: c39fa2be1dea411097db7452d6b7d249f7414b48
New changelog entries:
* Imported Upstream version 2.7.5
- Fixes AIM/ICQ regressions (Closes: #602541)
