SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libpurple-branding-upstream-2.14.8-150400.3.3.1.noarch.rpm :

* Mon May 09 2022 songchuan.kangAATTsuse.com- Add pidgin-CVE-2022-26491.patch: Remove _xmppconnect support (bsc#1199025, CVE-2022-26491).
* Sat Nov 13 2021 andreas.stiegerAATTgmx.de- pidgin 2.14.8:
* Fix a regression in purple_str_to_time- drop pidgin-fix-double-free-crash.patch, now included
* Sun Oct 24 2021 egdfreeAATTopensuse.org- Extract libpurple.so.
* and libpurple-client.so.
* to own packages (boo#1191780).
* Tue Oct 12 2021 expeehaaAATToutlook.com- Add pidgin-fix-double-free-crash.patch: fix double free crash
* Mon Sep 20 2021 sbrabecAATTsuse.com- Remove obsolete translation-update-upstream support (jsc#SLE-21105).
* Sun Sep 19 2021 andreas.stiegerAATTgmx.de- update to 2.14.7:
* Fix leak in purple_markup_find_tag on error
* Fix an assert in purple_markup_html_to_xhtml
* Correctly free parse tags at end of purple_html_to_xhtml
* Fix leak that may occur when xmlnode_from_str fails
* Port purple_str_to_time to use a regular expressions
* Fri Jul 09 2021 infoAATTpaolostivanin.com- Update to 2.14.6: General:
* Update references to point to our current websites.
* Add a donate link to the help menu. Finch:
* Check pkg-config for ncurses before looking for it manually. Pidgin:
* Replace newlines in topics with spaces. libpurple:
* Added support for the no_proxy environment variable.
* Added infrastructure for fuzzing as well as some initial fuzzers.
* Fix an out of bounds write in purple_markup_linkify. XMPP:
* Enable session management after binding a resource. Zephyr:
* Fix a clang logical-not-parentheses warning.- Drop pidgin-add-no_proxy-support.patch
* Thu Jun 24 2021 alynx.zhouAATTsuse.com- Add pidgin-add-no_proxy-support.patch: add support of no_proxy environment variable. (jsc#SLE-17111, pidgin.im#17518)
* Sun Jun 13 2021 andreas.stiegerAATTgmx.de- update to 2.14.5:
* static code analysis fixes
* Disable UPnP and NAT-PMP by default for new user
* IRC: Change the default server to irc.libera.chat
* Sat May 08 2021 dmuellerAATTsuse.com- update to 2.14.4:
* Use LT_LIB_M to find the math library. This should simplify things for various distros including the BSD\'s. (RR #608) (and, Justin Lechner) libpurple:
* Update purple-remote and purple-url-handler to have a Python 3 shebang. Pidgin:
* Install our AppData file into the $prefix/share/metainfo. Windows-Specific Changes:
* Output pkg-config files so that our Windows builds can be seen by meson. Grim owes a blog post on how this works.
* Update the debug symbols download in the installer to the inetc plugin.
* Make sure the uninstaller removes all files that we install. libpurple:
* Removed the AIM protocol plugin. AIM has been shut down since December 15th of 2017. We left it around because of a third party server, but our plugin no longer works with it. (RR #598) (Gary Kramlich)
* Standardize on wprintf in pidgin/win32/winpidgin.c
* Use the inetc nsis plugin that supports https
* If building under msys2 copy libgcc_s_dw2-1.dll and libwinpthread to the install directory. (RR #593) (PIDGIN-17511) (Gary Kramlich)
* Fix a build issue when compiling with gstreamer but without voice and video.
* Enable cyrus-sasl by default.
* Fix an issue with opening link in Firefox.
* Fix a regression from 2.14.0 where extra whitespace would be displayed when pasting

elements from HTML.
* Require Python 3 for generating the D-Bus bindings.
* Fix an issue where pasting


\'s and other HTML elements would eventually lead to a crash.
* Fri Apr 16 2021 dmuellerAATTsuse.com- don\'t package directories owned by filesystem rpm (bsc#1184786)
* Fri Feb 12 2021 mgorseAATTsuse.com- Add pidgin-always-enable-intltool.patch: always enable intltool. Fixes the build with autoconf 2.71.
* Thu Jun 11 2020 sor.alexeiAATTmeowr.ru- Update to version 2.14.1:
* Fix an issue that caused the Mercurial revision in the About box to be \"unknown\".
* Wed Jun 10 2020 sor.alexeiAATTmeowr.ru- Update to version 2.14.0: + General:
* Fixed a memory leak in search results (pidgin.im#17292).
* Support SNI with GnuTLS (pidgin.im#17300 tiagosalem).
* Add additional error handling to NSS and GnuTLS. + libpurple:
* Add invisible buddy support to support presence/name/photos for non-buddies (pidgin.im#17295).
* Make purple-remote compatible with both Python 2 and Python 3.
* Fix some leaky deprecation warnings.
* Fix HTML logs which were writing invalid HTML (pidgin.im#17280).
* Fix use after free in purple_smiley_set_data_impl.
* Added the chat_send_file ability to protocol plugins. + Pidgin:
* Treat

tags as line breaks when pasting.
* Reverted pidgin.im#17232. It caused more harm than good. + Bonjour:
* Always use port fallback for IPv4 addresses. + XMPP:
* Support for XEP-0198 Stream Management.
* Decrease delay for file transfer using streamhosts. + Voice & Video:
* Improve webcam failure handling.
* Show error when creating media pipeline fails.
* Clip audio level reporting (pidgin.im#14426).
* Keep track of devices managed by GstDeviceMonitor.
* Ignore PulseAudio monitors.
* Backport native Voice & Video prefs from 3.0.
* Fix building against GStreamer 0.10.
* Fix initial delay on incoming audio.
* Properly cleanup timeouts.
* Add an audio mixer so mixed sources don\'t cause a pipe failure.
* Add screen share support for Wayland via XDP Portal.
* Handle unplug and replug events of selected media device.- Rebase pidgin-nonblock-common.patch.- Drop pidgin-enable-sni-gnutls.patch, pidgin-Leaky-deprecation-clean-ups.patch: fixed upstream.- Drop pidgin-ncurses-6.0-accessors.patch: moved to the libgnt package.- Drop support for openSUSE older than Leap 15.0.
* Sat Jan 25 2020 dimstarAATTopensuse.org- No longer recommend -lang: supplements are in use
* Tue Oct 22 2019 fezhangAATTsuse.com- Add pidgin-Leaky-deprecation-clean-ups.patch: Fix warnings of deprecation of GParameter that result in build failures of plugins that build with -Werror (pidgin.im#17415).
* Tue Apr 17 2018 dimstarAATTopensuse.org- Drop pkgconfig(NetworkManager) BuildRequires and Requires: this legacy symbol is no longer maintained and pidgin is not yet ready to move to libnm. As a side-effect, we no longer depend on NM for all situations, even if the system were to run wicked.- Replace --enable-nm configure parameter with --disable-nm.
* Thu Apr 12 2018 fezhangAATTsuse.com- Add pidgin-enable-sni-gnutls.patch: Enable SNI for gnutls to avoid SSL handshake failure, patch written by Tiago Herrmann (therrmannAATTsuse.com) (bsc#1086439, pidgin.im#17300).
* Thu Mar 15 2018 sor.alexeiAATTmeowr.ru- Instead of removing the libjabber.so, liboscar.so symlinks, move them to the devel package.
* Fri Mar 09 2018 sor.alexeiAATTmeowr.ru- Update to version 2.13.0: + libpurple:
* Unified string comparison.
* Properlly shell escape URI\'s when opening them.
* Fix a one byte buffer overread in function purple_markup_linkify.
* Fix an issue were utf8 was incorrectly truncated which could lead to crashes as we were potentially feeding garbage into glib/gtk. + libgnt:
* Partially fix building against curses 6.0 with opaque structs set (pidgin.im#16764).
* Fix a crash when resizing the window (pidgin.im#16680). + General:
* Fix a bashism in autotools (pidgin.im#16836). + XMPP:
* Show XEP-0066 OOB URLs in any message, not just headlines.
* Fix a user after free (pidgin.im#17200).
* Remove pipelining from BOSH connections (pidgin.im#17025).
* Don\'t try to TLS already secured BOSH connections (pidgin.im#17270). + IRC:
* Fix \"Registration timeout\" on SASL auth with InspIRCd servers (and possibly others not based on charybdis/ratbox/ircd-seven).
* Fix issues with plugins that modify outgoing messages (such as the custom PART/QUIT feature of the IRC More plugin).
* Fix IRC buffer handling (pidgin.im#12562).
* Properly handle AUTHENTICATE as a normal command with server prefix.
* Fix a crash caused by a use after free of the MOTD.
* Fix an out of bounds read in irc_nick_skip_mode.
* Fix a write of a single byte before the start of a buffer in irc_parse_ctcp. + Pidgin:
* Better support for dark themes (pidgin.im#12572).
* Fix IPv6 links by not escaping []\'s. (pidgin.im#16391).
* Only write buddy icons to the cache if they\'re not already cached.
* Rejoin persistent chats after reconnect (pidgin.im#15687).
* Make the WIN32 Transparency plugin work on all platforms (pidgin.im#3124).
* Ensure search results buttons are labelled.
* Fix matching unicode emoticons (pidgin.im#17232).
* Correctly update mute/unmute status when the remote side mutes/unmutes us (pidgin.im#17273).
* Rework the status icon blinking to not use deprecated API (pidgin.im#17174).
* Do not allow adding a buddy to protocols that don\'t have an add_buddy callback. + Finch:
* Fix handling of search results (pidgin.im#17238). + Voice & Video:
* Port backend-fs to newer api for farstream relay-info property (pidgin.im#17274).- Rebase pidgin-ncurses-6.0-accessors.patch.- Remove pidgin-2.10.11-purple-remote-python3.patch: fixed upstream.
* Tue Mar 06 2018 mgorseAATTsuse.com- Add pidgin-2.10.11-purple-remote-python3.patch: port purple-remote to python 3 (bsc#1084147).- Export PYTHON=python3 in %build.- Adjust scripts to invoke python3, not python2.
* Tue Mar 06 2018 sor.alexeiAATTmeowr.ru- Drop support for SLE 11 and openSUSE older than 42.x.- Remove pidgin-gnome-keyring.patch: was only useful for SLE 11.
* Tue Mar 06 2018 dimstarAATTopensuse.org- Update pidgin-ncurses-6.0-accessors.patch to cope with ncurses enabling opaque-panels. Pidgin should not access internal structures of ncurses.
* Fri Dec 29 2017 sor.alexeiAATTmeowr.ru- Remove pidgin-crash-missing-gst-registry.patch: is useless now and is potentially harmful.- Merge pidgin-nonblock-common2.patch to pidgin-nonblock-common.patch.
* Tue Nov 21 2017 fezhangAATTsuse.com- Add purple-import-empathy Recommends for SLE15 (FATE#322984).
* Tue Nov 07 2017 sor.alexeiAATTmeowr.ru- Correct the licence to GPL-2.0.
* Thu Nov 02 2017 mpluskalAATTsuse.com- Explicitly require python2
* Sat Jul 22 2017 tchvatalAATTsuse.com- Drop dependency over silc-toolkit-devel as we want to remove it from the distribution
* Fri Mar 10 2017 sor.alexeiAATTmeowr.ru- Update to version 2.12.0 (FATE#323136): + libpurple: - Fix an out of bounds memory read in purple_markup_unescape_entity (CVE-2017-2640, bsc#1028835). - Fix the use of uninitialised memory if running non-debug-enabled versions of glib. - Update AIM dev and dist ID\'s to new ones that were assigned by AOL. - TLS certificate verification now uses SHA-256 checksums. - Fix the SASL external auth for Freenode (boo#1009974). - Remove the MSN protocol plugin. It has been unusable and dormant for some time. - Remove the Mxit protocol plugin. The service was closed at the end ofSeptember 2016. - Remove the MySpaceIM protocol plugin. The service has been defunct for a long time (pidgin.im#15356). - Remove the Yahoo! protocol plugin. Yahoo has completely reimplemented their protocol, so this version is no longer operable as of August 5th, 2016. - Remove the Facebook (XMPP) account option. According to https://developers.facebook.com/docs/chat the XMPP Chat API service ended April 30th, 2015. - Fix gnutls certificate validation errors that mainly affected Google. + General: - Replace instances of d.pidgin.im with developer.pidgin.im and update the urls to use https (pidgin.im#17036). + IRC: - Fix an issue of messages being silently cut off at 500 characters. Large messages are now split into parts and sent one by one (pidgin.im#4753).- Rebase pidgin-nonblock-common.patch.- Remove pidgin-sasl-skip-external.patch.- Remove pidgin-NLD-smiley-theme.tar.bz2, deprecated.- Remove pidgin-Tango-smiley-theme.tar.bz2, deprecated
* Thu Dec 08 2016 sor.alexeiAATTmeowr.ru- Make libpurple require libpurple-branding.- Correctly remove
*.so files for plugins (fixes devel-file-in-non-devel-package).- Rename libpurple-meanwhile to libpurple-plugin-sametime.- Remove generation of a plugin list to package, simply add it all in %files with exclusions.
* Wed Dec 07 2016 sor.alexeiAATTmeowr.ru- Build with GStreamer 1.x on SLE 12 SP2.- Apply pidgin-use-default-alsa.patch for SLE 12+ only properly.- Provide libpurple-branding-upstream for SLE 11 as well.
* Tue Nov 22 2016 fezhangAATTsuse.com- Add pidgin-sasl-skip-external.patch: Backport upstream commit 6106566. Makes Freenode and other servers that prefer SASL EXTERNAL fingerprint authentication work again (bsc#1009974).
* Fri Jul 22 2016 jengelhAATTinai.de- Drop additional pkgconfig require (already implicitly detected), but explicitly buildrequire it for /usr/lib/rpm/pkgconfigdeps.sh.
* Mon Jul 04 2016 fezhangAATTsuse.com- Update to GNOME 3.20.2 Fate#318572 + Drop pidgin-CVE-2014-3695 (bsc#902409): fixed upstream. + Drop pidgin-CVE-2014-3696 (bsc#902410): fixed upstream. + Drop pidgin-CVE-2014-3698 (bsc#902408): fixed upstream.
* Tue Jun 21 2016 sor.alexeiAATTmeowr.ru- Update to version 2.11.0: + General: - 2.10.12 was accidentally released with new additions to the API and should have been released as 2.11.0. Unfortunately, we did not catch the mistake until after 2.10.12 was released, but we\'re fixing it now. See ChangeLog.API for more information. - Include the Mozilla certificate bundle. This fixes connecting to servers with certificates from Let\'s Encrypt. - Remove all 1024-bit CAs. + libpurple: - media: Fix an issue with ximagesink displaying only a corner cut-out of a larger webcam video. - mediamanager: Update output window destruction so that it reflects recent changes in the media pipeline structure. - Ported Instantbird\'s CommandUiOps to libpurple. + Pidgin: - Fix pidgin.im#14962. - Fix alignment of incoming right-to-left messages in protocols that don\'t support rich text. - Fix a potential crash while exiting Pidgin. + AIM: Add support for the newer kerberos-based authentication of AIM 8.x. + ICQ: Stop truncating passwords to 8 characters like old ICQ clients did (pidgin.im#16692). If you actually needed this, truncate your password manually by pressing backspace a few times. + IRC: Base64-decode SASL messages before passing to libsasl (pidgin.im#16268). + MXit: - Fix a buffer overflow (TALOS-CAN-0120). - Fix a remote out-of-bounds read (TALOS-CAN-0123, TALOS-CAN-0140). - Fix a remote out-of-band read (TALOS-CAN-0138, TALOS-CAN-0135). - Fix an invalid read (TALOS-CAN-0118). - Fix a remote buffer overflow vulnerability (TALOS-CAN-0119). - Fix a directory traversal issue (TALOS-CAN-0128). - Fix a remote denial of service vulnerability that could result in a null pointer dereference (TALOS-CAN-0133). - Fix a remote denial of service that could result in an out-of-bounds read (TALOS-CAN-0134). - Fix multiple remote buffer overflows (TALOS-CAN-0136). - Fix a remote null pointer dereference (TALOS-CAN-0137). - Fix a remote code execution issue discovered (TALOS-CAN-0142). - Fix a remote denial of service vulnerability in contact mood handling (TALOS-CAN-0141). - Fix a remote out-of-bounds write vulnerability (TALOS-CAN-0139). - Fix a remote out-of-bounds read (TALOS-CAN-0143).- Clean pidgin-gnome-keyring.patch up a bit.
* Sat Jan 02 2016 sor.alexeiAATTmeowr.ru- Update to 2.10.12: + General: - purple-url-handler now works with Python 3.x. - Fix an issue where transient startup statuses could be deleted (pidgin.im#16762). + Pidgin: The shout smile now matches the default theme. + Gadu-Gadu: Update internal libgadu to version 1.12.1.- Use tarball signing.- Rebase pidgin-gnome-keyring.patch.- Remove pidgin-2.10.11-add-dtmf-support.patch, pidgin-2.10.11-gst-references.patch, pidgin-2.10.11-send-video-enum.patch, pidgin-2.10.11-application-media.patch, pidgin-2.10.11-init-media-optional.patch, pidgin-2.10.11-fix-sound-play-fd-leak.patch, pidgin-2.10.11-private-media.patch and pidgin-port-to-gst-1.0.patch: added upstream.
* Wed Sep 09 2015 dimstarAATTopensuse.org- Add pidgin-ncurses-6.0-accessors.patch: Fix build with NCurses 6.0 with WINDOW_OPAQUE set to 1 (pidgin.im#16764).
* Fri Aug 28 2015 sor.alexeiAATTmeowr.ru- Add pidgin-2.10.11-fix-sound-play-fd-leak.patch: fix a file desriptor leak while playing sound files (pidgin.im#16752, boo#942818).- Remove GConf schemas generation: GConf is considered obsolete.- Make perl dependency less strict.
* Mon Aug 17 2015 sor.alexeiAATTmeowr.ru- Fix build with earlier openSUSE.
* Tue Aug 11 2015 zaitorAATTopensuse.org- Add a Recommends: gstreamer-plugins-good, this plugin provides wav support that pidgin needs.
* Tue Jun 30 2015 dimstarAATTopensuse.org- Re-attempt port to GStreamer 1.0 (based on work by David): + Add patches, from upstream: - pidgin-port-to-gst-1.0.patch - pidgin-2.10.11-gst-references.patch - pidgin-2.10.11-add-dtmf-support.patch - pidgin-2.10.11-application-media.patch - pidgin-2.10.11-init-media-optional.patch - pidgin-2.10.11-send-video-enum.patch - pidgin-2.10.11-private-media.patch + Replace gstreamer-0_10-devel and gstreamer-0_10-plugins-base-devel BuildRequires with pkgconfig(gstreamer-1.0), pkgconfig(gstreamer-video-1.0) and pkgconfig(farstream-0.2). + Switch --disable-vv configure paramter to --enable-vv. + Pass --with-gstreamer=1.0 to configure.
* Tue Jan 20 2015 tbehrensAATTsuse.com- Remove pidgin-ssl-cache.patch: testing with the usual suspects in irc land suggests this workaround is no longer necessary
* Fri Nov 28 2014 dimstarAATTopensuse.org- Add patches to address CVE issues: + pidgin-CVE-2014-3698: bnc#902408: remote information leak via crafted XMPP message. + pidgin-CVE-2014-3696: bnc#902410: denial of service parsing Groupwise server message. + pidgin-CVE-2014-3695: bnc#902409: crash in MXit protocol plug-in.
* Mon Nov 24 2014 dimstarAATTopensuse.org- Update to version 2.10.11: + General: - Fix handling of Self-Signed SSL/TLS Certificates when using the NSS plugin (pidgin.im#16412). - Improve default cipher suites used with the NSS plugin (pidgin.im#16262). - Add NSS Preferences plugin which allows the SSL/TLS Versions and cipher suites to be configured (pidgin.im#8061). + Gadu-Gadu: - Fix a bug that prevented plugin to load when compiled without GnuTLS (pidgin.im#16431). - Fix build for platforms without AF_LOCAL definition (pidgin.im#16404). + MSN: - Fix broken login due to server change (pidgin.im#16451, pidgin.im#16455). - Fail early when buddy list is unavailable instead of wasting bandwidth endlessly re-trying.
* Sat Oct 25 2014 sor.alexeiAATTmeowr.ru- Remove pidgin-mono-buildfix.patch: Mono bindings are deprecated upstream and no plugin exists making use of them.- Rebase pidgin-gnome-keyring.patch.- Make openSUSE 11.1 (SLE 11) minimal requirement.- Remove obsoletions of gaim: incredibly old.- Move Tango and NLD emoticons to separate packages.- Spec cleanup.
* Fri Oct 24 2014 dimstarAATTopensuse.org- Update to version 2.10.10: + General: - Check the basic constraints extension when validating SSL/TLS certificates. This fixes a security hole that allowed a malicious man-in-the-middle to impersonate an IM server or any other https endpoint. This affected both the NSS and GnuTLS plugins (CVE-2014-3694, boo#902495). - Allow and prefer TLS 1.2 and 1.1 when using the NSS plugin for SSL (im#15909). + libpurple3 compatibility: - Encrypted account passwords are preserved until the new one is set. - Fix loading Google Talk and Facebook XMPP accounts. + Windows-Specific Changes: Don\'t allow overwriting arbitrary files on the file system when the user installs a smiley theme via drag-and-drop (CVE-2014-3697). + Finch: Fix build against Python 3 (im#15969). + Gadu-Gadu: Updated internal libgadu to version 1.12.0. + Groupwise: Fix potential remote crash parsing server message that indicates that a large amount of memory should be allocated (CVE-2014-3696, boo#902410). + IRC: Fix a possible leak of unencrypted data when using /me command with OTR (im#15750). + MXit: Fix potential remote crash parsing a malformed emoticon response (CVE-2014-3695, boo#902409). + XMPP: - Fix potential information leak where a malicious XMPP server and possibly even a malicious remote user could create a carefully crafted XMPP message that causes libpurple to send an XMPP message containing arbitrary memory (CVE-2014-3698, boo#902408). - Fix Facebook XMPP roster quirks (im#15041, im#15957). + Yahoo: Fix login when using the GnuTLS library for TLS connections (im#16172, boo#874606).- Drop pidgin-gstreamer1.patch: causes crashes and Video still does not work (boo#853038). Drop BuildRequires conditions switching to GStreamer 1.0.- Rebase pidgin-crash-missing-gst-registry.patch.

 
ICM