| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
CVE-2011-3184.
While here, better fix for PR#45190.
chat/finch itself does not depend on devel/nspr.
chat/libpurple without gnutls option, libpurple is linked with nspr,
so it must be handle in libpurple/buildlink3.mk.
version 2.10.0 (08/18/2011):
Pidgin:
* Make the max size of incoming smileys a pref instead of hardcoding it.
(Quentin Brandon) (#5231)
* Added a plugin information dialog to show information for plugins
that aren't otherwise visible in the plugins dialog.
* Fix building with GTK+ earlier than 2.14.0 (GTK+ 2.10 is still the
minimum supported) (#14261)
libpurple:
* Fix a potential crash in the Log Reader plugin when reading QIP logs.
* Fix a large number of strcpy() and strcat() invocations to use
strlcpy() and strlcat(), etc., forestalling an entire class of
string buffer overrun bugs.
(The Electronic Frontier Foundation, Dan Auerbach, Chris Palmer,
Jacob Appelbaum)
* Change some filename manipulations in filectl.c to use MAXPATHLEN
instead of arbitrary length constants. (The Electronic Frontier
Foundation, Dan Auerbach, Chris Palmer, Jacob Appelbaum)
* Fix endianness-related crash in NTLM authentication (Jon Goldberg)
(#14163)
Gadu-Gadu:
* Fixed searching for buddies in public directory. (Tomasz Wasilczyk)
(#5242)
* Better status message handling. (Tomasz Wasilczyk) (#14314)
* Merged two buddy blocking methods. (Tomasz Wasilczyk) (#5303)
* Fix building of the bundled libgadu library with older versions
of GnuTLS. (patch plucked from upstream) (#14365)
ICQ:
* Fix crash selecting Tools->Set Mood when you're online with an
ICQ account that is configured as an AIM account. (#14437)
IRC:
* Fix a crash when remote users have certain characters in their
nicknames. (Discovered by Djego Ibanez) (#14341)
* Fix the handling of formatting following mIRC ^O (#14436)
* Fix crash when NAMES is empty. (James McLaughlin) (#14518)
MSN:
* Fix incorrect handling of HTTP 100 responses when using the HTTP
connection method. This can lead to a crash. (Discovered by Marius
Wachtler)
* Fix seemingly random crashing. (#14307)
* Fix a crash when the account is disconnected at the time we are doing a
SB request. (Hanzz, ported by shlomif) (#12431)
XMPP:
* Do not generate malformed XML ("</>") when setting an empty mood.
(#14342)
* Fix the /join <room> behavior. (Broken when adding support for
<room>@<server>) (#14205)
Yahoo!/Yahoo! JAPAN:
* Fix coming out of idle while in an unavailable state
* Fix logging into Yahoo! JAPAN. (#14259)
Windows-Specific Changes:
* Open an explorer.exe window at the location of the file when clicking
on a file link instead of executing the file, because executing a file
can be potentially dangerous. (Discovered by James Burton of
Insomnia Security) (Fixed by Eion Robb)
|
|
|
|
|
|
|
|
|
|
|
|
and add a dependency on Python for the two installed Python scripts. No
version bump since this hasn't been buildable in a long time.
|
|
|
|
PKGREV++
|
|
|
|
|
|
so pull it in.
|
|
(gnutls used to pull it in for us, but this will be cleaned up)
|
|
- Fixed Twitter compatibility. (The API call used to get the following list
was deprecated.)
- Twitter: Enable the show_ids setting to assign a two-digit short ID to
recent tweets to use for retweets and replies (so you can RT/reply to more
than just a person's last message).
- Some other Twitter fixes/improvements.
- "otr reconnect" command and some other fixes.
- GnuTLS 2.12 compatibility fix.
- Include "FLOOD=0/9999" in the 005/ISUPPORT line at login to hint the IRC
client that rate limiting is not required. (Next step: Get IRC clients to
parse it.)
- Other stuff too small to mention.
Finished 2 Jun 2011
Version 3.0.2:
- Fixed MSN login issues with @msn.com accounts.
- /CTCP support: You can CTCP VERSION Jabber contacts, and CTCP NUDGE MSN
contacts. More may come later, ideas are welcome.
- By default, leave Twitter turned on for libpurple builds.
- Allow using /OPER to identify/register as well. (Password security hack.)
- Fixed proxy support with libpurple.
- Some minor changes/fixes.
|
|
|
|
It does not support python27 and python31, but basically pkgsrc pass python
path as PYTHON configure environment variable, so no need to add python
variants here.
* Pass mozilla-rootcerts path as default CA certifcates file path to configure
script like other packeges, or failed to configure if default expected
files does not exist.
* On more care for in-tree *.pc file, or fail to configure.
configure script add in-tree path to PKG_CONFIG, but pkgsrc pkg-config wrapper
will overwrite and hide it.
* Set LICENSE as "gnu-lgpl-v2.1 AND mit" from COPYING file.
|
|
|
|
|
|
version 2.9.0 (06/23/2011):
Pidgin:
* Fix a potential remote denial-of-service bug related to displaying
buddy icons.
* Significantly improved performance of larger IRC channels (regression
introduced in 2.8.0).
* Fix Conversation->Add on AIM and MSN.
* Entries in the chat user list are sorted properly again. This was
inadvertenly broken in 2.8.0.
Finch:
* Fix logging in to ICQ.
libpurple:
* media: Actually use the specified TCP port from the TURN configuration to
create a TCP relay candidate.
AIM and ICQ:
* Fix crashes on some non-mainstream OSes when attempting to
printf("%s", NULL). (Clemens Huebner) (#14297)
Plugins:
* The Evolution Integration plugin compiles again.
version 2.8.0 (06/07/2011):
General:
* Implement simple silence suppression for voice calls, preventing
wasted bandwidth for silent periods during a call. (Jakub Adam)
(half of #13180)
* Added the DigiCert High Assurance CA-3 intermediate CA, needed for
validation of the Facebook XMPP interface's certificate.
* Removed the QQ protocol plugin. It hasn't worked in a long time and
isn't being maintained, therefore we no longer want it.
Pidgin:
* Duplicate code cleanup. (Gabriel Schulhof) (#10599)
* Voice/Video call window adapts correctly to adding or removing
streams on the fly. (Jakub Adam) (half of #13535)
* Don't cancel an ongoing call when rejecting the addition of a
stream to the existing call. (Jakub Adam) (#13537)
* Pidgin plugins can now override tab completion and detect clicks on
usernames in the chat userlist. (kawaii.neko) (#12599)
* Fix the tooltip being destroyed when it is full of information and
cover the mouse (dliang) (#10510)
libpurple:
* media: Allow obtaining active local and remote candidates. (Jakub
Adam) (#11830)
* media: Allow getting/setting video capabilities. (Jakub Adam) (half
of #13095)
* Simple Silence Suppression is optional per-account. (Jakub Adam)
(half of #13180)
* Fix purple-url-handler being unable to find an account.
* media: Allow adding/removing streams on the fly. (Jakub Adam)
(half of #13535)
* Support new connection states in NetworkManager 0.9. (Dan Williams)
(#13505)
* When removing a buddy, delete the pounces associated with it.
(Kartik Mohta) (#1131)
* media: Allow libpurple and plugins to set SDES properties for RTP
conferences. (Jakub Adam) (#12981)
* proxy: Add new "Tor/Privacy" proxy type that can be used to
restrict operations that could leak potentially sensitive data
(e.g. DNS queries). (#11110, #13928)
* media: Add support for using TCP relaying with TURN (will only work with
libnice 0.1.0 and later).
AIM:
* Fix setting icons with dimensions greater than 64x64 pixels by scaling
them down to at most 64x64. (#12874, #13165)
Gadu-Gadu:
* Allow showing your status only to buddies. (Mateusz Piękos) (#13358)
* Updated internal libgadu to version 1.10.1. (Robert Matusewicz,
Krzysztof Klinikowski) (#13525)
* Updated internal libgadu to version 1.11.0. (Tomasz Wasilczyk)
(#14248)
* Suppress blank messages that happen when receiving inline
images. (Tomasz Wasilczyk) (#13554)
* Fix sending inline images to remote users, don't crash when
trying to send large (> 256kB) images. (Tomasz Wasilczyk) (#13580)
* Support typing notifications. (Jan Zachorowski, Tomasz Wasilczyk,
Krzysztof Klinikowski) (#13362, #13590)
* Require libgadu 1.11.0 to avoid using internal libgadu.
* Optional SSL connection support for GNUTLS users (not on Windows
yet!). (Tomasz Wasilczyk) (#13613, #13894)
* Don't count received messages or statuses when determining whether
to send a keepalive packet. (Jan Zachorowski) (#13699)
* Fix a crash when receiving images on Windows or an incorrect
timestamp in the log when receiving images on Linux. (Tomasz
Wasilczyk) (#10268)
* Support XML events, resulting in immediate update of other users'
buddy icons. (Tomasz Wasilczyk) (#13739)
* Accept poorly formatted URLs from other third-party clients in
the same manner as the official client. (Tomasz Wasilczyk)
(#13886)
ICQ:
* Fix setting icons with dimensions greater than 64x64 pixels by scaling
them down to at most 64x64. (#12874, #13165)
* Fix unsetting your mood when "None" is selected. (Dustin Gathmann)
(#11895)
* Ignore Daylight Saving Time when performing calculations related to
birthdays. (Dustin Gathmann) (#13533)
* It is now possible to specify multiple encodings on the Advanced
tab of an ICQ account's settings by using a comma-delimited list.
(Dmitry Utkin) (#13496)
IRC:
* Add "authserv" service command. (tomos) (#13337)
MSN:
* Fix a hard-to-exploit crash in the MSN protocol when using the
HTTP connection method (Reported by Marius Wachtler).
MXit:
* Support for an Invite Message when adding a buddy.
* Fixed bug in splitting-up of messages that contain a lot of links.
* Fixed crash caused by timer not being disabled on disconnect.
(introduced in 2.7.11)
* Clearing of the conversation window now works.
* When receiving an invite you can display the sender's profile
information, avatar image, invite message.
* The Change PIN option was moved into separate action.
* New profile attributes added and shown.
* Update to protocol v6.3.
* Added the ability to view and invite your Suggested Friends,
and to search for contacts.
* Also display the Status Message of offline contacts in their
profile information.
XMPP:
* Remember the previously entered user directory when searching.
(Keith Moyer) (#12451)
* Correctly handle a buddy's unsetting his/her vCard-based avatar.
(Matthew W.S. Bell) (#13370)
* Squash one more situation that resulted in duplicate entries in
the roster (this one where the server reports the buddy as being
in the same (empty) group. (Reported by Danny Mayer)
Plugins:
* The Voice/Video Settings plugin now includes the ability to test
microphone settings. (Jakub Adam) (#13182)
* Fix a crash when handling some saved settings in the Voice/Video
Settings plugin. (Pat Erley) (13290, #13774)
Windows-Specific Changes:
* Fix building libpurple with Visual C++ .NET 2005. This was
accidentally broken in 2.7.11. (Florian Quèze)
* Build internal libgadu using packed structs, fixing several
long-standing Gadu-Gadu issues. (#11958, #6297)
|
|
Just a small release for you this time, with a handful of bugfixes.
Thanks to '@eoranged' and the other PostgreSQL users who helped with
feedback and testing of the SQL fixes (the PostgreSQL server we use
for testing is now behaving properly!).
A summary of changes in this release:
* mod_storage_sql: Fix compatibility with PostgreSQL databases (0.8.1 issue)
* mod_bosh: Fix for sessions not timing out after inactivity in some cases
* mod_dialback: Fix multiple concurrent dialback requests for the same
domain (was sometimes causing s2s failure with certain ejabberds)
|
|
REPLACE_PYTHON on it. New deps, so PKGREVISION -> 5.
|
|
|
|
|
|
|
|
A security and bug fix release. The security aspect is to mitigate the
"billion laughs" denial-of-service attack against XML parsers and XMPP
servers.
Other changes:
- Reject XML DTDs, comments and processing instructions, preventing
the "billion laughs" attack
- Switch to MEDIUMTEXT in the schema for MySQL to avoid truncating
large data (such as large avatars)
Prosody automatically upgrades the table in-place if possible, see:
http://prosody.im/doc/mysql
- Fix for endless loop when parsing certain invalid JSON
- Fix PostgreSQL compatibility in prosody-migrator
- Fix timestamp parsing for DST (affecting MUC scrollback retrieval)
- mod_legacyauth now correctly disabled for unencrypted connections by default
- Components properly inherit SSL settings and certificates from their
'parent' hosts
- Prevent startup with no VirtualHost entries in the config file
|
|
Small list of changes:
2.1.7
* BOSH: Keep the order of stanzas when BOSH sends several
* CAPTCHA in MUC: New whitelist option
* CAPTCHA: New captcha_limit option
* Core: Disable all entity expansions
* Core: Do not accept XML with undefined prefixes
* ejabberdctl: New DIST_USE_INTERFACE restricts IP erlang listen
* ejabberdctl: New ERL_EPMD_ADDRESS that works since Erlang/OTP R14B03
* extauth: If script crashes, ejabberd should restart it
* If a module start fails during server start, stop erlang
* mod_blocking: New XEP-0191 Simple Communications Blocking
* mod_pres_counter: Prevent subscription flood
* mod_register: Access now also controls account unregistrations
* mod_shared_roster: Fix support for anonymous accounts in @all@
* mod_shared_roster: New @online@ directive
* New Indonesian translation
* Pubsub: Apply filtered notification to PEP last items
* Pubsub: Owner can delete any items from its own node
2.1.6
* BOSH: Fix rare loop, support vhosts, allow module restart
* Config: Default configuration allows registrations only from localhost
* Config: Support to change loglevel per module at runtime
* Erlang/OTP: Fix compatibility from R10B-9 to R14B01
* ODBC: Compatibility with PostgreSQL 9.0
* Privacy lists: Fix to allow block by group and subscription again
* Pubsub: Fix cross domain eventing
* Register: Added CAPTCHA, password strength and ip_access to mod_register
* Register: New mod_register_web, with CAPTCHA support
* S2S: New options to require encryption, and verify certificates
* Shared Rosters: Added mod_shared_roster_ldap
* Bind listener ports early and start accepting connections later
|
|
|
|
* Prevent the "billion laughs" attack against expat by disabling internal
entity expansion.
* Shortcut DNS resolution failure in cases when given domain name is invalid
* Explicitly link libcrypt to authreg_mysql
* Removed xconfig - it's not used anywhere
|
|
* require python builtin sqlite3 module, PR#44968.
* require python>=25.
* drop avahi option from suggested. it require avahi-python, but python option
of net/avahi is disabled by default.
Bump PKGREVISION.
|
|
in gnutls-2.12 -- add constraint and URL reference (from gls)
|
|
|
|
|
|
|
|
|
|
- warn the user if the IRCHOST may be wrong
- make /save save /ignore'd things
- remove K&R C support
- remove many old UNIX platforms support
- avoid a spurious SIGALRM
- avoid printing some 8-bit unprintable chars
- add support for modern qnx
|
|
|
|
|
|
XXX package name doesn't match directory
|
|
|
|
without the file
|
|
This is a major update, too much to list here.
|
|
This is a major update, too much to list here.
|
|
changes:
-Implements SASL channel
-bugfixes
|
|
changes:
- Emit the NewActiveTransportPair signal
- Emit CodecsUpdated more often
- Various bug fixes
|
|
This switches to the 2.34 release branch.
|
|
This switches to the 0.2 release branch (not API compatible),
needed by upcoming telepathy/empathy stuff
|
|
telepathy/empathy framework
|
