Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: <email address hidden>
Revision Date: 2012-09-12 01:52:07 UTC

debian/control: fixed a typo for tcl and tk (LP: #1022935)

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-06 15:41:35 UTC

releasing version 1:2.10.3-0ubuntu1

Author: Ken VanDine
Revision Date: 2012-04-04 21:03:54 UTC

releasing version 1:2.10.2-1ubuntu2

Author: Aditya V
Revision Date: 2012-03-26 02:09:04 UTC

Fix the patch formatting n' all

Author: Ken VanDine
Revision Date: 2012-03-05 20:14:01 UTC

releasing version 1:2.10.1-1ubuntu2~build1

Author: Prateek Karandikar
Revision Date: 2012-02-22 12:58:52 UTC

Add a Unity Quicklist

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:25:23 UTC

* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/70_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/71_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:25:23 UTC

* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/70_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/71_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:48:36 UTC

* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
  YMSG message
  - debian/patches/97_CVE-2011-1091.patch: validate messages in
    libpurple/protocols/yahoo/libymsg.c.
  - CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/97_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/97_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:48:36 UTC

* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
  YMSG message
  - debian/patches/97_CVE-2011-1091.patch: validate messages in
    libpurple/protocols/yahoo/libymsg.c.
  - CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/97_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/97_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:40:50 UTC

* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
  YMSG message
  - debian/patches/64_CVE-2011-1091.patch: validate messages in
    libpurple/protocols/yahoo/libymsg.c.
  - CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Marc Deslauriers
Revision Date: 2011-11-18 14:40:50 UTC

* SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
  YMSG message
  - debian/patches/64_CVE-2011-1091.patch: validate messages in
    libpurple/protocols/yahoo/libymsg.c.
  - CVE-2011-1091
* SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
  response size
  - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
    libpurple/protocols/msn/httpconn.c.
  - CVE-2011-3184
* SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
  sequence
  - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
    libpurple/protocols/silc/ops.c.
  - CVE-2011-3594

Author: Mathieu Trudel-Lapierre
Revision Date: 2011-09-23 22:00:52 UTC

debian/patches/irc_disable_periodic_who.patch: work around spontaneous
disconnects from IRC due to 'Max SendQ exceeded' errors caused by periodic
/who checks. (LP: #856631)

Author: Micah Gersten
Revision Date: 2011-04-11 04:31:49 UTC

* Symbols were removed from libpurple-client.so.0 and are now only found in
  libpurple.so.0 (LP: #757311)
  - update debian/libpurple0.symbols

Author: Micah Gersten
Revision Date: 2011-02-06 04:48:45 UTC

* Merge from Debian unstable, remaining changes:
  - Add pidgin-libnotify as recommends
* Remove old Replaces/Conflicts
* pidgin-data now Breaks/Replaces pidgin-facebookchat since we now
  provide facebook.png (Closes: #608685)

Author: Chris Coulson
Revision Date: 2010-12-13 10:21:49 UTC

* Apply upstream patch related to ICQ server changes. Thanks to
  Stephen Leavitt for digging out the patch (LP: #683076)
  - add debian/patches/95_icq_server_split_fix.patch
  - add debian/patches/96_icq_server_migration.patch

Author: Felix Geyer
Revision Date: 2010-11-20 13:37:00 UTC

[ Chow Loong Jin ]
* debian/patches/workaround-msn-ssl-failure.patch: Workaround SSL
  connectivity issues with MSN (LP: #676972)

[ Felix Geyer ]
* debian/patches/62_icq_server_changes.patch: Adapt to ICQ server changes.
* debian/patches/63_icq_server_migration.patch: Migrate existing accounts to
  the new login server names. (LP: #675903)

Author: Marc Deslauriers
Revision Date: 2010-11-03 09:36:41 UTC

* SECURITY UPDATE: denial of service via custom emoticon
  - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
    valid in libpurple/protocols/{msn,msnp9}/slp.c.
  - CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
  - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
    purple_base64_decode return codes in libpurple/ntlm.c,
    libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
    myspace/message.c,yahoo/yahoo.c}.
  - CVE-2010-3711

Author: Marc Deslauriers
Revision Date: 2010-11-03 09:02:12 UTC

* SECURITY UPDATE: denial of service via custom emoticon
  - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
    libpurple/protocols/msn/slp.c.
  - CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
  - debian/patches/69_CVE-2010-3711.patch: correctly handle
    purple_base64_decode return codes in libpurple/ntlm.c,
    libpurple/plugins/perl/common/Util.xs,
    libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
    oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
  - CVE-2010-3711

Author: Marc Deslauriers
Revision Date: 2010-11-03 09:36:41 UTC

* SECURITY UPDATE: denial of service via custom emoticon
  - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
    valid in libpurple/protocols/{msn,msnp9}/slp.c.
  - CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
  - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
    purple_base64_decode return codes in libpurple/ntlm.c,
    libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
    myspace/message.c,yahoo/yahoo.c}.
  - CVE-2010-3711

Author: Marc Deslauriers
Revision Date: 2010-11-03 09:02:12 UTC

* SECURITY UPDATE: denial of service via custom emoticon
  - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
    libpurple/protocols/msn/slp.c.
  - CVE-2010-1624
* SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
  - debian/patches/69_CVE-2010-3711.patch: correctly handle
    purple_base64_decode return codes in libpurple/ntlm.c,
    libpurple/plugins/perl/common/Util.xs,
    libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
    oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
  - CVE-2010-3711

Author: Stéphane Graber
Revision Date: 2010-09-21 08:31:16 UTC

Include upstream bugfix (bug 12629) for Bonjour support (LP: #641344)

Author: Marc Deslauriers
Revision Date: 2010-03-09 12:48:28 UTC

* debian/patches/92_gtkstatusicon_blink.patch: add blink support to
  GtkStatusIcon backport.
* debian/patches/62_tray_icon_size_kde.patch: removed as no longer
  needed with GtkStatusIcon support.

Author: Marc Deslauriers
Revision Date: 2010-02-18 14:45:12 UTC

* SECURITY UPDATE: denial of service via malformed SLP message
  - debian/patches/93_security_CVE-2010-0277.patch: validate input in
    libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
  - CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
  - debian/patches/93_security_CVE-2010-0420.patch: properly unescape
    text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
    libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
  - CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
  - debian/patches/93_security_CVE-2010-0423.patch: limit the number of
    smileys in pidgin/gtkimhtml.c.
  - CVE-2010-0423

Author: Marc Deslauriers
Revision Date: 2010-02-18 14:45:12 UTC

* SECURITY UPDATE: denial of service via malformed SLP message
  - debian/patches/93_security_CVE-2010-0277.patch: validate input in
    libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
  - CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
  - debian/patches/93_security_CVE-2010-0420.patch: properly unescape
    text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
    libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
  - CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
  - debian/patches/93_security_CVE-2010-0423.patch: limit the number of
    smileys in pidgin/gtkimhtml.c.
  - CVE-2010-0423

Author: Marc Deslauriers
Revision Date: 2010-02-18 14:37:45 UTC

* SECURITY UPDATE: denial of service via malformed SLP message
  - debian/patches/85_security_CVE-2010-0277.patch: validate input in
    libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
  - CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
  - debian/patches/86_security_CVE-2010-0420.patch: properly unescape
    text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
    libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
  - CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
  - debian/patches/87_security_CVE-2010-0423.patch: limit the number of
    smileys in pidgin/gtkimhtml.c.
  - CVE-2010-0423

Author: Marc Deslauriers
Revision Date: 2010-02-18 14:37:45 UTC

* SECURITY UPDATE: denial of service via malformed SLP message
  - debian/patches/85_security_CVE-2010-0277.patch: validate input in
    libpurple/protocols/msn/{slp.c,slpcall.c,slplink.c,slpmsg.h}.
  - CVE-2010-0277
* SECURITY UPDATE: denial of service via certain nicknames in Finch
  - debian/patches/86_security_CVE-2010-0420.patch: properly unescape
    text in finch/libgnt/gnttree.c, libpurple/protocols/bonjour/parser.c,
    libpurple/protocols/jabber/parser.c, libpurple/xmlnode.c.
  - CVE-2010-0420
* SECURITY UPDATE: denial of service via large number of smileys
  - debian/patches/87_security_CVE-2010-0423.patch: limit the number of
    smileys in pidgin/gtkimhtml.c.
  - CVE-2010-0423

Author: Philip Wyett
Revision Date: 2009-11-30 12:03:02 UTC

Add 87_yahoo_15_fix.patch: Backport upstream changes to use version 16 of
the Yahoo! Messenger Protocol. The old authentication mechanism was
disabled, meaning that it can no longer be used for signing in to Yahoo!
services (LP: #389322)

Author: Chris Coulson
Revision Date: 2009-10-30 15:02:16 UTC

* debian/patches/86_yahoo_protocol_fix.patch:
  - Backport upstream changes to use version 16 of the Yahoo!
    Messenger Protocol. The old authentication mechanism was
    disabled, meaning that it can no longer be used for signing in
    to Yahoo! services (LP: #389322)

Author: Iain Lane
Revision Date: 2009-06-25 13:27:48 UTC

* debian/patches/50_yahoo_16_auth.patch: Add patch backported from upstream
  version 2.5.7 to fix connection problems connection to Yahoo! instant
  messenger. Previous versions of pidgin were using an old authentication
  method which was disabled by Yahoo!. This patch switches to using the new
  authentication method, version 16. (LP: #389322) References:
  - http://theflamingbanker.blogspot.com/2009/06/some-clarification-on-yahoo-issues.html
  - http://developer.pidgin.im/ticket/8853

Author: Felix Geyer
Revision Date: 2009-10-09 19:40:26 UTC

* Don't stick the buddy list window to all desktops as some
  window managers have trouble to properly unstick it (LP: #346840)
  - debian/patches/11_buddy_list_really_show.patch
* Always use default tray icon size on KDE (LP: #209440)
  - debian/patches/62_tray_icon_size_kde.patch
* Use scrollbars in the preferences dialog if the screen height is
  below 700 px instead of 600 px
  - debian/patches/60_1024x600_gtkprefs.c.patch

Author: Josh Holland
Revision Date: 2009-09-30 22:14:30 UTC

Change debian/control package description for pidgin (LP: #259793)

Author: kiko
Revision Date: 2009-09-28 23:10:11 UTC

Update README for luck

Author: Nicolas Valcarcel
Revision Date: 2009-07-03 12:16:59 UTC

Automated backport upload; no source changes.

Author: Martin Pitt
Revision Date: 2009-03-10 20:47:37 UTC

Add 80_fix_ICQ_new_protocol.patch: Backport upstream patch to fix
connection with new ICQ protocol. (LP: #340151)

Author: Sebastien Bacher
Revision Date: 2009-04-09 18:12:03 UTC

* debian/patches/72_upstream_change_fix_jabber_crasher.patch:
  - upstream change to fix crash on jabber when using a custom image
    (lp: #357949)

Author: Sebastien Bacher
Revision Date: 2008-10-22 21:51:41 UTC

* New upstream version
* debian/patches/06_ssl_null_pointer_deref.patch:
  - the change is in the new version

Author: Sebastien Bacher
Revision Date: 2008-04-09 22:29:03 UTC

rebuild due to liblaunchpad-integration soname change

Author: Martin Pitt
Revision Date: 2009-03-10 20:47:37 UTC

Add 80_fix_ICQ_new_protocol.patch: Backport upstream patch to fix
connection with new ICQ protocol. (LP: #340151)

Author: Marc Deslauriers
Revision Date: 2008-11-20 15:54:34 UTC

* SECURITY UPDATE: code execution via integer overflow in the MSN protocol
  handler (LP: #245770)
  - debian/patches/99_SECURITY_CVE-2008-2927.patch: fix
    msn_slplink_process_msg() in src/protocols/msn/slplink.c by checking
    against maximum size G_MAXSIZE.
  - CVE-2008-2927
* SECURITY UPDATE: denial of service via specially formulated long
  filename (LP: #245769)
  - debian/patches/99_SECURITY_CVE-2008-2955.patch: change
    src/protocols/msn/[slplink.c,slpcall.*] to make sure xfer structure still
    exists before putting dest_fp in it.
  - CVE-2008-2955
* SECURITY UPDATE: denial of service via resource exhaustion from arbitrary
  URL in UPnP functionality (LP: #245769)
  - debian/patches/99_SECURITY_CVE-2008-2957.patch: modified
    libpurple/[upnp.c,util.*] to add purple_util_fetch_url_request_len() in
    order to limit http downloads to 128k.
  - CVE-2008-2957
* SECURITY UPDATE: man in the middle attack from lack of certificate
  validation in nss plugin (LP: #251304)
  - debian/patches/99_SECURITY_CVE-2008-3532.patch: modified
    libpurple/plugins/ssl/ssl-nss.c to add certificate validation code.
  - CVE-2008-3532

Author: Sebastien Bacher
Revision Date: 2007-10-10 12:18:06 UTC

* debian/patches/80_from_upstream_fix_irc_formatting_issue.patch:
  - patch from upstream, fix an IRC formatting issue
    (LP: #141201)