--- a/htdocs/ChangeLog Fri Jan 01 21:22:46 2016 -0500
+++ b/htdocs/ChangeLog Mon Jun 20 19:46:11 2016 -0500
@@ -1,5 +1,80 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
+version 2.11.0 (06/21/16): + * 2.10.12 was accidentally released with new additions to the API and + should have been released as 2.11.0. Unfortunately, we did not catch + the mistake until after 2.10.12 was released, but we're fixing it now. + See ChangeLog.API for more information. + * Include the Mozilla certificate bundle. This fixes connecting to servers + with certificates from Let's Encrypt. + * Remove all 1024-bit CAs + * media: fix an issue with ximagesink displaying only a corner cut-out of + a larger webcam video (Jakub Adam) + * mediamanager: update output window destruction so that it reflects recent + changes in the media pipeline structure (Jakub Adam) + * Ported Instantbird's CommandUiOps to libpurple (Dequis) + * Fixed alignment of incoming right-to-left messages in protocols that + don't support rich text + * Fix a potential crash while exiting pidgin + * Add support for the newer kerberos-based authentication of AIM 8.x + Windows-Specific Changes: + * Use getaddrinfo for DNS to enable IPv6 (#1075) + * Updates to dependencies: + * NSS 3.24 and NSPR 4.12. + * Fixed building on Mac OSX (Patrick Cloke) (#16883) + * Stop truncating passwords to 8 characters like old ICQ clients did. + (#16692). If you actually needed this, truncate your password + manually by pressing backspace a few times. + * Base64-decode SASL messages before passing to libsasl (#16268) + * Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos. + * Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco + Talos. (TALOS-CAN-0140) + * Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco + Talos. (TALOS-CAN-0138, TALOS-CAN-0135) + * Fixed an invalid read. Discovered by Yves Younan of Cisco Talos + * Fixed a remote buffer overflow vulnerability. Discovered by Yves + Younan of Cisco Talos. (TALOS-CAN-0119) + * Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos. + * Fixed a directory traversal issue. Discovered by Yves Younan of Cisco + * Fixed a remote denial of service vulnerability that could result in + a null pointer dereference. Discovered by Yves Younan of Cisco Talos. + * Fixed a remote denial of service that could result in an out-of-bounds + read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134) + * Fixed multiple remote buffer overflows. Discovered by Yves Younan of + Cisco Talos. (TALOS-CAN-0136) + * Fixed a remote NULL pointer dereference. Discovered by Yves Younan of + Cisco Talos (TALOS-CAN-0137) + * Fixed a remote code execution issue discovered by Yves Younan of Cisco + Talos. (TALOS-CAN-0142) + * Fixed a remote denial of service vulnerability in contact mood + handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141) + * Fixed a remote out-of-bounds write vulnerability. Discovered by Yves + Younan of Cisco Talos. (TALOS-CAN-0139) + * Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco + Talos. (TALOS-CAN-0143) version 2.10.12 (12/31/15):
* purple-url-handler now works with Python 3.x (Daniƫl van Eeden)
@@ -13,7 +88,7 @@
* Updates to dependencies:
- * NSS 3.17.3 and NSPR 4.10.7
+ * NSS 3.20.1 and NSPR 4.10.10 * Remove support for Tcl plugins