* Tue Oct 22 2019 Felix Zhang <email@example.com>
- Add pidgin-Leaky-deprecation-clean-ups.patch: Fix warnings of
deprecation of GParameter that result in build failures of
plugins that build with -Werror (pidgin.im#17415).
* Tue Apr 17 2018 firstname.lastname@example.org
- Drop pkgconfig(NetworkManager) BuildRequires and Requires: this
legacy symbol is no longer maintained and pidgin is not yet
ready to move to libnm. As a side-effect, we no longer depend on
NM for all situations, even if the system were to run wicked.
- Replace --enable-nm configure parameter with --disable-nm.
* Thu Apr 12 2018 email@example.com
- Add pidgin-enable-sni-gnutls.patch: Enable SNI for gnutls to
avoid SSL handshake failure, patch written by Tiago Herrmann
(firstname.lastname@example.org) (bsc#1086439, pidgin.im#17300).
* Thu Mar 15 2018 email@example.com
- Instead of removing the libjabber.so, liboscar.so symlinks, move
them to the devel package.
* Fri Mar 09 2018 firstname.lastname@example.org
- Update to version 2.13.0:
* Unified string comparison.
* Properlly shell escape URI's when opening them.
* Fix a one byte buffer overread in function
* Fix an issue were utf8 was incorrectly truncated which could
lead to crashes as we were potentially feeding garbage into
* Partially fix building against curses 6.0 with opaque
structs set (pidgin.im#16764).
* Fix a crash when resizing the window (pidgin.im#16680).
* Fix a bashism in autotools (pidgin.im#16836).
* Show XEP-0066 OOB URLs in any message, not just headlines.
* Fix a user after free (pidgin.im#17200).
* Remove pipelining from BOSH connections (pidgin.im#17025).
* Don't try to TLS already secured BOSH connections
* Fix "Registration timeout" on SASL auth with InspIRCd
servers (and possibly others not based on
* Fix issues with plugins that modify outgoing messages (such
as the custom PART/QUIT feature of the IRC More plugin).
* Fix IRC buffer handling (pidgin.im#12562).
* Properly handle AUTHENTICATE as a normal command with server
* Fix a crash caused by a use after free of the MOTD.
* Fix an out of bounds read in irc_nick_skip_mode.
* Fix a write of a single byte before the start of a buffer in
* Better support for dark themes (pidgin.im#12572).
* Fix IPv6 links by not escaping 's. (pidgin.im#16391).
* Only write buddy icons to the cache if they're not already
* Rejoin persistent chats after reconnect (pidgin.im#15687).
* Make the WIN32 Transparency plugin work on all platforms
* Ensure search results buttons are labelled.
* Fix matching unicode emoticons (pidgin.im#17232).
* Correctly update mute/unmute status when the remote side
mutes/unmutes us (pidgin.im#17273).
* Rework the status icon blinking to not use deprecated API
* Do not allow adding a buddy to protocols that don't have an
* Fix handling of search results (pidgin.im#17238).
+ Voice & Video:
* Port backend-fs to newer api for farstream relay-info
- Rebase pidgin-ncurses-6.0-accessors.patch.
- Remove pidgin-2.10.11-purple-remote-python3.patch: fixed
* Tue Mar 06 2018 email@example.com
- Add pidgin-2.10.11-purple-remote-python3.patch: port
purple-remote to python 3 (bsc#1084147).
- Export PYTHON=python3 in %build.
- Adjust scripts to invoke python3, not python2.
* Tue Mar 06 2018 firstname.lastname@example.org
- Drop support for SLE 11 and openSUSE older than 42.x.
- Remove pidgin-gnome-keyring.patch: was only useful for SLE 11.
* Tue Mar 06 2018 email@example.com
- Update pidgin-ncurses-6.0-accessors.patch to cope with ncurses
enabling opaque-panels. Pidgin should not access internal
structures of ncurses.
* Fri Dec 29 2017 firstname.lastname@example.org
- Remove pidgin-crash-missing-gst-registry.patch: is useless now
and is potentially harmful.
- Merge pidgin-nonblock-common2.patch to
* Tue Nov 21 2017 email@example.com
- Add purple-import-empathy Recommends for SLE15 (FATE#322984).
* Tue Nov 07 2017 firstname.lastname@example.org
- Correct the licence to GPL-2.0.
* Thu Nov 02 2017 email@example.com
- Explicitly require python2
* Sat Jul 22 2017 firstname.lastname@example.org
- Drop dependency over silc-toolkit-devel as we want to remove
it from the distribution
* Fri Mar 10 2017 email@example.com
- Update to version 2.12.0 (FATE#323136):
- Fix an out of bounds memory read in
purple_markup_unescape_entity (CVE-2017-2640, bsc#1028835).
- Fix the use of uninitialised memory if running
non-debug-enabled versions of glib.
- Update AIM dev and dist ID's to new ones that were assigned
- TLS certificate verification now uses SHA-256 checksums.
- Fix the SASL external auth for Freenode (boo#1009974).
- Remove the MSN protocol plugin. It has been unusable and
dormant for some time.
- Remove the Mxit protocol plugin. The service was closed at
the end ofSeptember 2016.
- Remove the MySpaceIM protocol plugin. The service has been
defunct for a long time (pidgin.im#15356).
- Remove the Yahoo! protocol plugin. Yahoo has completely
reimplemented their protocol, so this version is no longer
operable as of August 5th, 2016.
- Remove the Facebook (XMPP) account option. According to
https://developers.facebook.com/docs/chat the XMPP Chat API
service ended April 30th, 2015.
- Fix gnutls certificate validation errors that mainly
- Replace instances of d.pidgin.im with developer.pidgin.im and
update the urls to use https (pidgin.im#17036).
- Fix an issue of messages being silently cut off at 500
characters. Large messages are now split into parts and sent
one by one (pidgin.im#4753).
- Rebase pidgin-nonblock-common.patch.
- Remove pidgin-sasl-skip-external.patch.
- Remove pidgin-NLD-smiley-theme.tar.bz2, deprecated.
- Remove pidgin-Tango-smiley-theme.tar.bz2, deprecated
* Thu Dec 08 2016 firstname.lastname@example.org
- Make libpurple require libpurple-branding.
- Correctly remove *.so files for plugins
- Rename libpurple-meanwhile to libpurple-plugin-sametime.
- Remove generation of a plugin list to package, simply add it all
in %files with exclusions.
* Wed Dec 07 2016 email@example.com
- Build with GStreamer 1.x on SLE 12 SP2.
- Apply pidgin-use-default-alsa.patch for SLE 12+ only properly.
- Provide libpurple-branding-upstream for SLE 11 as well.
* Tue Nov 22 2016 firstname.lastname@example.org
- Add pidgin-sasl-skip-external.patch:
Backport upstream commit 6106566. Makes Freenode and other
servers that prefer SASL EXTERNAL fingerprint authentication
work again (bsc#1009974).
* Fri Jul 22 2016 email@example.com
- Drop additional pkgconfig require (already implicitly detected),
but explicitly buildrequire it for /usr/lib/rpm/pkgconfigdeps.sh.
* Mon Jul 04 2016 firstname.lastname@example.org
- Update to GNOME 3.20.2 Fate#318572
+ Drop pidgin-CVE-2014-3695 (bsc#902409): fixed upstream.
+ Drop pidgin-CVE-2014-3696 (bsc#902410): fixed upstream.
+ Drop pidgin-CVE-2014-3698 (bsc#902408): fixed upstream.
* Tue Jun 21 2016 email@example.com
- Update to version 2.11.0:
- 2.10.12 was accidentally released with new additions to the
API and should have been released as 2.11.0. Unfortunately,
we did not catch the mistake until after 2.10.12 was released,
but we're fixing it now.
See ChangeLog.API for more information.
- Include the Mozilla certificate bundle. This fixes connecting
to servers with certificates from Let's Encrypt.
- Remove all 1024-bit CAs.
- media: Fix an issue with ximagesink displaying only a corner
cut-out of a larger webcam video.
- mediamanager: Update output window destruction so that it
reflects recent changes in the media pipeline structure.
- Ported Instantbird's CommandUiOps to libpurple.
- Fix pidgin.im#14962.
- Fix alignment of incoming right-to-left messages in protocols
that don't support rich text.
- Fix a potential crash while exiting Pidgin.
+ AIM: Add support for the newer kerberos-based authentication of
+ ICQ: Stop truncating passwords to 8 characters like old ICQ
clients did (pidgin.im#16692).
If you actually needed this, truncate your password manually by
pressing backspace a few times.
+ IRC: Base64-decode SASL messages before passing to libsasl
- Fix a buffer overflow (TALOS-CAN-0120).
- Fix a remote out-of-bounds read (TALOS-CAN-0123, TALOS-CAN-0140).
- Fix a remote out-of-band read (TALOS-CAN-0138, TALOS-CAN-0135).
- Fix an invalid read (TALOS-CAN-0118).
- Fix a remote buffer overflow vulnerability (TALOS-CAN-0119).
- Fix a directory traversal issue (TALOS-CAN-0128).
- Fix a remote denial of service vulnerability that could result
in a null pointer dereference (TALOS-CAN-0133).
- Fix a remote denial of service that could result in an
out-of-bounds read (TALOS-CAN-0134).
- Fix multiple remote buffer overflows (TALOS-CAN-0136).
- Fix a remote null pointer dereference (TALOS-CAN-0137).
- Fix a remote code execution issue discovered (TALOS-CAN-0142).
- Fix a remote denial of service vulnerability in contact mood
- Fix a remote out-of-bounds write vulnerability
- Fix a remote out-of-bounds read (TALOS-CAN-0143).
- Clean pidgin-gnome-keyring.patch up a bit.