summaryrefslogtreecommitdiff
path: root/games/lgeneral
diff options
context:
space:
mode:
authorbsiegert <bsiegert@pkgsrc.org>2017-03-23 23:50:14 +0000
committerbsiegert <bsiegert@pkgsrc.org>2017-03-23 23:50:14 +0000
commit82727989218516b9465e2280f7056077e24778a1 (patch)
tree1b4a6fc86ec1e53c74d8b3b14deed363403ae367 /games/lgeneral
parent5fdbaa184438fd8ce83601a3f18af25fdb734350 (diff)
downloadpkgsrc-82727989218516b9465e2280f7056077e24778a1.tar.gz
Pullup ticket #5224 - requested by khorben
chat/libpurple: security fix Revisions pulled up: - chat/finch/Makefile 1.67 - chat/libpurple/Makefile 1.80 - chat/libpurple/Makefile.common 1.47-1.48 - chat/libpurple/PLIST 1.32-1.33 - chat/libpurple/buildlink3.mk 1.43 - chat/libpurple/distinfo 1.47-1.49 - chat/libpurple/patches/patch-libpurple_protocols_mxit_profile.c deleted - chat/pidgin-sametime/Makefile 1.48 - chat/pidgin-silc/Makefile 1.51 - chat/pidgin/Makefile 1.70 - chat/pidgin/PLIST 1.23-1.24 --- Module Name: pkgsrc Committed By: khorben Date: Sat Mar 11 03:02:40 UTC 2017 Modified Files: pkgsrc/chat/libpurple: Makefile.common PLIST buildlink3.mk distinfo pkgsrc/chat/pidgin: PLIST Log Message: Update chat/{libpurple,pidgin} to version 2.11.0 version 2.11.0 (06/21/2016): General: * 2.10.12 was accidentally released with new additions to the API and should have been released as 2.11.0. Unfortunately, we did not catch the mistake until after 2.10.12 was released, but we're fixing it now. See ChangeLog.API for more information. * Include the Mozilla certificate bundle. This fixes connecting to servers with certificates from Let's Encrypt. * Remove all 1024-bit CAs libpurple: * media: fix an issue with ximagesink displaying only a corner cut-out of a larger webcam video (Jakub Adam) * mediamanager: update output window destruction so that it reflects recent changes in the media pipeline structure (Jakub Adam) * Ported Instantbird's CommandUiOps to libpurple (Dequis) Pidgin: * Fixed #14962 * Fixed alignment of incoming right-to-left messages in protocols that don't support rich text * Fix a potential crash while exiting pidgin Windows-Specific Changes: * Use getaddrinfo for DNS to enable IPv6 (#1075) * Updates to dependencies: * NSS 3.24 and NSPR 4.12. AIM: * Add support for the newer kerberos-based authentication of AIM 8.x Bonjour * Fixed building on Mac OSX (Patrick Cloke) (#16883) ICQ: * Stop truncating passwords to 8 characters like old ICQ clients did. (#16692). If you actually needed this, truncate your password manually by pressing backspace a few times. IRC: * Base64-decode SASL messages before passing to libsasl (#16268) MXit * Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0120) * Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0140) * Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0138, TALOS-CAN-0135) * Fixed an invalid read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0118) * Fixed a remote buffer overflow vulnerability. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0119) * Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0123) * Fixed a directory traversal issue. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0128) * Fixed a remote denial of service vulnerability that could result in a null pointer dereference. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0133) * Fixed a remote denial of service that could result in an out-of-bounds read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134) * Fixed multiple remote buffer overflows. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0136) * Fixed a remote NULL pointer dereference. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0137) * Fixed a remote code execution issue discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0142) * Fixed a remote denial of service vulnerability in contact mood handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141) * Fixed a remote out-of-bounds write vulnerability. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0139) * Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco Talos. (TALOS-CAN-0143) --- Module Name: pkgsrc Committed By: wiz Date: Sat Mar 11 07:15:25 UTC 2017 Modified Files: pkgsrc/chat/finch: Makefile pkgsrc/chat/libpurple: Makefile pkgsrc/chat/pidgin: Makefile pkgsrc/chat/pidgin-sametime: Makefile pkgsrc/chat/pidgin-silc: Makefile Log Message: Reset PKGREVISION after update. --- Module Name: pkgsrc Committed By: khorben Date: Mon Mar 20 18:42:51 UTC 2017 Modified Files: pkgsrc/chat/libpurple: Makefile.common PLIST distinfo pkgsrc/chat/pidgin: PLIST Removed Files: pkgsrc/chat/libpurple/patches: patch-libpurple_protocols_mxit_profile.c Log Message: Update chat/{libpurple,pidgin} to version 2.12.0 version 2.12.0 (03/09/2017): libpurple: * Fix an out of bounds memory read in purple_markup_unescape_entity. CVE-2017-2640 * Fix use of uninitialised memory if running non-debug-enabled versions of glib * Updated AIM dev and dist ID's to new ones that were assigned by AOL. * TLS certificate verification now uses SHA-256 checksums. * Fixed SASL external auth for Freenode. * Removed the MSN protocol plugin. It has been unusable and dormant for some time. MSNP18 has been discontinued and the protocol plugin would require a large update to start working again. See: http://ismsndeadyet.com/ The third-party Pidgin SkypeWeb plugin, however, should provide enough functionality as a replacement if people still want to use MSN: https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb * Removed Mxit protocol plugin. The service was closed at the end of September 2016. See https://pidgin.im/pipermail/devel/2016-September/024078.htm * Removed the MySpaceIM protocol plugin. The service has been defunct for a long time. (#15356) * Remove the Yahoo! protocol plugin. Yahoo has completely reimplemented their protocol, so this version is no longer operable as of August 5th, 2016: https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product A new protocol plugin has been written to support the new protocol. It can be found here: https://github.com/EionRobb/funyahoo-plusplus This also removes support for Yahoo! Japan. According to http://messenger.yahoo.co.jp/ the service ended March 26th, 2014. * Remove the Facebook (XMPP) account option. According to https://developers.facebook.com/docs/chat the XMPP Chat API service ended April 30th, 2015. A new protocol plugin has been written, using a different method, to support Facebook. It can be found at https://github.com/dequis/purple-facebook/wiki * Fixed gnutls certificate validation errors that mainly affected google (Dequis) General * Replaced instances of d.pidgin.im with developer.pidgin.im and updated the urls to use https. (#17036) IRC * Fixed issue of messages being silently cut off at 500 characters. Large messages are now split into parts and sent one by one. (#4753) --- Module Name: pkgsrc Committed By: joerg Date: Wed Mar 22 09:46:11 UTC 2017 Modified Files: pkgsrc/chat/libpurple: distinfo Log Message: Regenerate to match actual patches.
Diffstat (limited to 'games/lgeneral')
0 files changed, 0 insertions, 0 deletions