pidgin/pidgin
Clone
Summary
Browse
Changes
Graph
Fix a remotely-triggerable null pointer dereference.
release-2.x.y
2014-01-18, Mark Doliner
852014ae74a0
Gadu-Gadu: disable password change and account registration. Fixes the crash when trying to register new account. Both functions will probably been reimplemented in 3.0.0
release-2.x.y
2014-01-16, Tomasz Wasilczyk
07e827917960
IRC: fill required command parameter counts (part 3)
release-2.x.y
2014-01-16, Tomasz Wasilczyk
6b0e0566af20
IRC: fill required command parameter counts (part 2)
release-2.x.y
2014-01-16, Tomasz Wasilczyk
5845d9fa7084
IRC: fill required command parameter counts (part 1)
release-2.x.y
2014-01-16, Tomasz Wasilczyk
9f132a6855cd
Clean merge.
release-2.x.y
2014-01-15, Mark Doliner
900c8ac8b4fb
Fill in real CVE identifiers assigned to us by our contact at Red Hat.
release-2.x.y
2014-01-15, Mark Doliner
5dc2969a0578
IRC: implement support for required args checking in message parser
release-2.x.y
2014-01-16, Tomasz Wasilczyk
a167504359e5
Fix a crash when hovering over an exceptionally long URL (4074 characters,
release-2.x.y
2014-01-13, Mark Doliner
2bb66ef1475e
Add a line for datallah's cd529e1158d3.
release-2.x.y
2014-01-13, Mark Doliner
57da02a6ff77
Add datallah's 4d139ce8f7ec to ChangeLog.
release-2.x.y
2014-01-13, Mark Doliner
6cbf33689402
Bring back the URL escaping code, but use a better character whitelist.
release-2.x.y
2014-01-13, Mark Doliner
dc08416b884f
Stop using g_uri_escape_string() to escape the URI before launching it.
release-2.x.y
2014-01-13, Mark Doliner
41e1147347a5
Update attribution for the four vulnerabilities discovered by Sourcefire VRT
release-2.x.y
2014-01-13, Mark Doliner
4577ec83135a
Merge with no conflicts.
release-2.x.y
2014-01-13, Mark Doliner
3214e5d99b41
Fix conditional.
release-2.x.y
2014-01-13, Mark Doliner
c03eefbf89a8
List three security vulnerability fixes in the ChangeLog.
release-2.x.y
2014-01-12, Mark Doliner
6bafdcde2b55
Prevent spoofing of iq replies by verifying that the 'from' address
release-2.x.y
2014-01-12, Mark Doliner
93d4bff19574
I guess we should get a CVE for this?
release-2.x.y
2014-01-12, Mark Doliner
ed1f9a0c0979
Add ChangeLog entry for datallah's 932b985540e9.
release-2.x.y
2014-01-12, Mark Doliner
fb25998221c2
Fix tiny memleak when custom browser command doesn't work.
release-2.x.y
2014-01-12, Mark Doliner
0394d984580f
g_strfreev checks for NULL itself, so we don't need to do it.
release-2.x.y
2014-01-12, Mark Doliner
98f3f47f8382
Improve how our HTTP proxy code reads the content-length header.
release-2.x.y
2014-01-12, Mark Doliner
dd8ee564e065
Add ChangeLog entry for datallah's 2a77da513a03
release-2.x.y
2014-01-12, Mark Doliner
82ec5fb22ce9
Add ChangeLog entry for c9e5aba2dafd
release-2.x.y
2014-01-12, Mark Doliner
712a68049062
Change how we handle clicking on file:// links on Windows.
release-2.x.y
2014-01-12, Mark Doliner
b2571530fa8b
Add Tomasz's fixes to the ChangeLog. I'll hopefully remember to fill in the
release-2.x.y
2014-01-11, Mark Doliner
4e2416683223
Ignore incoming sip messages with bodies longer than 30 MB.
release-2.x.y
2014-01-11, Mark Doliner
179a49ea2a4b
Clean merge.
release-2.x.y
2014-01-11, Mark Doliner
dfe26ea283ee
g_malloc segfaults if it can't allocate the requested memory, so this
release-2.x.y
2014-01-11, Mark Doliner
cda30ef360d0
Merge with no conflicts.
release-2.x.y
2014-01-09, Mark Doliner
6057ecea67bf
Simple: fix a possible NULL-pointer dereference and add some input filtering. Fixes VRT-2013-1004
release-2.x.y
2014-01-10, Tomasz Wasilczyk
6bd2dd10e5da
Manual merge. Only 1 conflict, in ChangeLog.
release-2.x.y
2014-01-09, Mark Doliner
89678e04a7ac
Manual merge. Only 1 conflict, in ChangeLog
release-2.x.y
2014-01-09, Mark Doliner
829e8731d60c
Fix grammar.
release-2.x.y
2014-01-09, Mark Doliner
a097920dffcf
Manual merge. Only 1 conflict, in ChangeLog.
release-2.x.y
2014-01-09, Mark Doliner
188b3b588b6d
Mention my previous commit in ChangeLog
release-2.x.y
2013-04-14, Mark Doliner
1ea7627d768d
Mxit: fix a possible segfault, refs VRT-2013-1002
release-2.x.y
2014-01-09, Tomasz Wasilczyk
4c897372b5a4
Gadu-Gadu: fix a possible HTTP Content-Length integer overflow (VRT-2013-1001)
release-2.x.y
2013-11-25, Tomasz Wasilczyk
ec15aa187aa0
msn: prevent potential heap overflow when constructing a message to be sent
release-2.x.y
2013-11-09, Daniel Atallah
2a77da513a03
Merge
release-2.x.y
2013-11-09, Daniel Atallah
4180f5333fab
Correct HTTP chunked transfers code (not fixed in rev ebe3fb4a3bc2)
release-2.x.y
2013-08-20, Tomasz Wasilczyk
c9e5aba2dafd
Yahoo: fix potential NULL pointer dereference
release-2.x.y
2013-07-05, Tomasz Wasilczyk
e111ec8dcb3f
Fix security-related url notification issues: xdg-open remote execution, replacing g_spawn_command_line_ with g_spawn_ and opera 'open in current tab' bug
release-2.x.y
2013-06-22, Tomasz Wasilczyk
0f7e07af75fc
Fix non-nul terminated buffer during oscar direct connect negotiation.
release-2.x.y
2013-04-14, Mark Doliner
fe36722f772e
Add max download size change to ChangeLog.
release-2.x.y
2013-04-14, Mark Doliner
0b8bec51e84b
"unlimited" is not a valid value when fetching an http document.
release-2.x.y
2013-04-14, Mark Doliner
e9c97bff3701
Merge from /pidgin/main using "hg pull https://hg.pidgin.im/pidgin/main"
release-2.x.y
2013-04-03, Mark Doliner
74bc66c67211
Fix purple_util_fetch_url_request variants to avoid implicitly trusting the
release-2.x.y
2013-02-21, Daniel Atallah
cd529e1158d3
msn: Fix fault handling NUL-pointer derefs
release-2.x.y
2013-03-16, Daniel Atallah
68d6df7dc69c
msn: Fix NUL-pointer deref issue parsing mail notifications
release-2.x.y
2013-03-16, Daniel Atallah
ef836278304b
msn: Fix NUL-pointer deref issue parsing Message Headers
release-2.x.y
2013-03-16, Daniel Atallah
23cbfff68a0c
CID 732047 Negative array index write
release-2.x.y
2013-03-16, Daniel Atallah
932b985540e9
yahoo: Fix reading memory locations past the buffer bounds
release-2.x.y
2013-03-16, Daniel Atallah
4d139ce8f7ec
Strip trailing whitespace from AUTHORS.
2014-01-27, Mark Doliner
6f9d71f2ee07
Update AUTHORS to match pidgin/gtkdialogs.c
2014-01-27, Mark Doliner
41f169523a10
Revert changeset 2b3fba3cf555 (Reduce JSON-GLib requirement to 0.10)
2014-01-28, Ankit Vani
4e8497f23b7c
Add g_signal_handlers_disconnect_by_data to glibcompat.h and use it
2014-01-28, Ankit Vani
7f7d87c04ab1
pidgin: Fix build and warnings with glib 2.24
2014-01-27, Ankit Vani
9a0203562da5
webkit_web_inspector_inspect_node requires webkit 1.3.7
2014-01-27, Ankit Vani
11152544c1e0