Path to this page:
Subject: CVS commit: [pkgsrc-2022Q2] pkgsrc/chat
From: S.P.Zeidler
Date: 2022-07-27 21:05:37
Message id: 20220727190537.B6332FB1A@cvs.NetBSD.org
Log Message:
Pullup ticket #6659 - requested by khorben
chat/libpurple: security update
chat/finch: security update
chat/pidgin: security update
chat/pidgin-sametime: security update
chat/pidgin-silc: security update
Revisions pulled up:
- chat/finch/Makefile 1.87
- chat/libpurple/Makefile 1.117
- chat/libpurple/Makefile.common 1.56
- chat/libpurple/distinfo 1.56
- chat/pidgin-sametime/Makefile 1.67
- chat/pidgin-silc/Makefile 1.70
- chat/pidgin/Makefile 1.97
- chat/pidgin/PLIST 1.27
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: khorben
Date: Wed Jul 20 02:14:13 UTC 2022
Modified Files:
pkgsrc/chat/finch: Makefile
pkgsrc/chat/libpurple: Makefile Makefile.common distinfo
pkgsrc/chat/pidgin: Makefile PLIST
pkgsrc/chat/pidgin-sametime: Makefile
pkgsrc/chat/pidgin-silc: Makefile
Log Message:
libpurple, finch, pidgin: update to 2.14.10
This notably fixes security issues (CVE-2012-1257, CVE-2022-26491).
Tested on NetBSD/amd64.
XXX pull-up to the pkgsrc-2022Q2 branch
The complete changelog for the new versions is reproduced here:
version 2.14.10 (06/02/2022):
General:
* Audit and correct the COPYRIGHT file. (RR 1425) (Richard Laager)
* Fix a spelling error in a debug message for proxies. (RR 1426) (Richard
Laager)
* Install some emojis already in the theme but not being installed.
(RR 1428) (Richard Laager)
* Drop the QQ smileys as we don't ship QQ anymore. (PIDGIN-14385) (RR 1429)
(Richard Laager)
* Modernize the desktop file. (RR 1433) (Richard Laager)
* Modernize the appdata file. (RR 1431) (Richard Laager)
* Make privacy settings persist. (PIDGIN-17137) (RR 1463) (Belgin Știrbu)
Pidgin:
* Fix a use after free that was introduced in 2.14.9. (RR 1488) (ivanhoe)
IRC:
* Fix a crash if the server sends a short form JOIN message. (PIDGIN-17375)
(RR 1484) (Belgin Știrbu)
XMPP:
* Fix a regression from 2.14.9 where XMPP accounts state would get lost
after failing to connect. (PIDGIN-17621) (RR 1455) (Belgin Știrbu)
* Fix a crash when requesting your own info in an XMPP conference. (RR 1465)
(Belgin Știrbu)
* Fix hang when completing a file transfer over XMPP. (RR 1466) (Belgin
Știrbu)
* Fix updating custom smileys. (PIDGIN-17153) (RR 1477) (Belgin Știrbu)
* Fix unblocking users. (PIDGIN-16414) (RR 1479) (Belgin Știrbu)
* Fix a crash when cancelling a file transfer. (PIDGIN-17189) (RR 1485)
(Belgin Știrbu)
version 2.14.9 (04/28/2022):
Security:
* Remove _xmppconnect support. (RR 1357) (CVE-2022-26491) (Gary Kramlich)
libpurple:
* Fix a GLib CRITICAL message with typing time outs. (RR 1123) (Mohammed
Sadiq)
* Fix an issue where the unit tests for purple_str_to_time would fail.
(GENTOO-819774) (RR 1238) (Gary Kramlich)
Pidgin:
* Fix a memory leak in pidgin_conversations_set_tab_colors. (RR 1244)
(ivanhoe)
* Fixed the majority of the infinite resizing issues in the input box.
(PIDGIN-16753, PIDGIN-16999, PIDGIN-17287, PIDGIN-17413, PIDGIN-17430,
PIDGIN-17568, PIDGIN-17602) (RR 1342) (Belgin Știrbu)
* Add transient-buddy back which is used to show some context menus and
other things. (PIDGIN-17523) (RR 1381) (Belgin Știrbu)
Windows:
* Fix the download of dictionaries in the Windows installer. (PIDGIN-14618,
PIDGIN-15648, PIDGIN-15540, PIDGIN-14612, PIDGIN-14893) (RR 1303) (Gary
Kramlich)
Translations:
* Fix a typo in the German translations. (PIDGIN-17575) (RR 1242) (ivanhoe)
* Synced all of the translations with Transifex.
IRC:
* Fix IRC file transfers on Windows. (PIDGIN-17175) (RR 1382) (Belgin
Știrbu)
* Fix file transfers failing at 99% on IRC. (PIDGIN-15893) (RR 1385) (Belgin
Știrbu)
* Default realname and ident name in IRC to the username (nickname) of the
account. (PIDGIN-17610) (RR 1386) (Belgin Știrbu)
* Add an advanced account option to IRC accounts for explicitly setting the
SASL login name. (PIDGIN-15451) (RR 1388) (Belgin Știrbu)
* Added a rate limiter that should make it impossible to excess flood.
(RR 1391) (Gary Kramlich)
SIMPLE:
* Fix an issue with the CSeq numbers in SIMPLE. (PIDGIN-9675) (RR 1379)
(dohmniq)
XMPP:
* Fix XMPP attention messages being sent to incorrect JIDs. (PIDGIN-14714)
(RR 1387) (itsnotabigtruck, Belgin Știrbu)
To generate a diff of this commit:
cvs rdiff -u -r1.86 -r1.87 pkgsrc/chat/finch/Makefile
cvs rdiff -u -r1.116 -r1.117 pkgsrc/chat/libpurple/Makefile
cvs rdiff -u -r1.55 -r1.56 pkgsrc/chat/libpurple/Makefile.common \
pkgsrc/chat/libpurple/distinfo
cvs rdiff -u -r1.96 -r1.97 pkgsrc/chat/pidgin/Makefile
cvs rdiff -u -r1.26 -r1.27 pkgsrc/chat/pidgin/PLIST
cvs rdiff -u -r1.66 -r1.67 pkgsrc/chat/pidgin-sametime/Makefile
cvs rdiff -u -r1.69 -r1.70 pkgsrc/chat/pidgin-silc/Makefile
Files: