libpurple 32502:66dc0da8257b: Credit Jacob Appelbaum, Jurre van ...
commits at adium.im
commits at adium.im
Thu Feb 21 22:08:04 UTC 2013
details: http://hg.adium.im/libpurple/rev/66dc0da8257b
revision: 32502:66dc0da8257b
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Tue Feb 12 11:24:43 2013 -0500
Credit Jacob Appelbaum, Jurre van Bergen and Dieter Verfaillie in the ChangeLog
for their assistance with the win32 security fixes.
Subject: libpurple 32503:9562462b6963: Update with the final released sha1sum for gtk-runtime-2.16.6.1.zip
details: http://hg.adium.im/libpurple/rev/9562462b6963
revision: 32503:9562462b6963
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Tue Feb 12 23:52:57 2013 -0500
Update with the final released sha1sum for gtk-runtime-2.16.6.1.zip
* This should have been done before the 2.10.7 tarballs were made :(
Subject: libpurple 32504:a8aef1d340f2: Fix a bug where a remote MXit user could possibly specify a local
details: http://hg.adium.im/libpurple/rev/a8aef1d340f2
revision: 32504:a8aef1d340f2
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 11 01:03:34 2013 -0800
Fix a bug where a remote MXit user could possibly specify a local
file path to be written to.
This is CVE-2013-0271.
The problem was reported to us by Chris Wysopal of Veracode.
Subject: libpurple 32505:879db2a9a59c: Fix a bug where the MXit server or a man-in-the-middle could
details: http://hg.adium.im/libpurple/rev/879db2a9a59c
revision: 32505:879db2a9a59c
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 11 01:09:30 2013 -0800
Fix a bug where the MXit server or a man-in-the-middle could
potentially send specially crafted data that could overflow a buffer
and lead to a crash or remote code execution.
This is CVE-2013-0272.
The problem was detected by Coverity static analysis, and Daniel Atallah
brought it to everyone's attention and got us to fix it.
Subject: libpurple 32506:c31cf8de31cd: Fix a crash in Sametime when a malicious server sends us an abnormally
details: http://hg.adium.im/libpurple/rev/c31cf8de31cd
revision: 32506:c31cf8de31cd
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 11 01:11:47 2013 -0800
Fix a crash in Sametime when a malicious server sends us an abnormally
long user ID.
This is CVE-2013-0273.
The problem was detected by Coverity static analysis and fixed by
Daniel Atallah.
Subject: libpurple 32507:ad7e7fb98db3: Fix a crash when receiving UPnP responses with abnormally long values.
details: http://hg.adium.im/libpurple/rev/ad7e7fb98db3
revision: 32507:ad7e7fb98db3
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 11 01:13:50 2013 -0800
Fix a crash when receiving UPnP responses with abnormally long values.
This is CVE-2013-0274.
The problem was detected by Coverity static analysis and fixed by
Daniel Atallah.
This should fix CIDs 731954, 731953, 731952, 731951, and 731950
Subject: libpurple 32508:b8c823f37692: Added tag v2.10.7 for changeset ad7e7fb98db3
details: http://hg.adium.im/libpurple/rev/b8c823f37692
revision: 32508:b8c823f37692
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 11 01:16:34 2013 -0800
Added tag v2.10.7 for changeset ad7e7fb98db3
Subject: libpurple 32509:89ba88e5d36f: Slightly more accurate ChangeLog.
details: http://hg.adium.im/libpurple/rev/89ba88e5d36f
revision: 32509:89ba88e5d36f
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Wed Feb 13 06:59:16 2013 -0800
Slightly more accurate ChangeLog.
Subject: libpurple 32510:47c90e633067: Merge with no conflicts
details: http://hg.adium.im/libpurple/rev/47c90e633067
revision: 32510:47c90e633067
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Wed Feb 13 06:59:45 2013 -0800
Merge with no conflicts
Subject: libpurple 32511:41d15beb309a: Activate development mode for 2.10.8
details: http://hg.adium.im/libpurple/rev/41d15beb309a
revision: 32511:41d15beb309a
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Wed Feb 13 07:13:30 2013 -0800
Activate development mode for 2.10.8
Subject: libpurple 32512:a8672a4a3a13: installer: Fix CheckSHA1Sum restoring the stack - this was broken in 51473787ff4f.
details: http://hg.adium.im/libpurple/rev/a8672a4a3a13
revision: 32512:a8672a4a3a13
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Wed Feb 13 22:30:55 2013 -0500
installer: Fix CheckSHA1Sum restoring the stack - this was broken in 51473787ff4f.
* This ends up causing the downloaded file not to be extracted because the reference to the file is overwritten
* Also, fix the downloading to download to a file with a space in the path
Subject: libpurple 32513:fb9baad00cbd: installer: remove Baltimore_CyberTrust_Root.pem, ValiCert_Class_2_VA.pem when uninstalling
details: http://hg.adium.im/libpurple/rev/fb9baad00cbd
revision: 32513:fb9baad00cbd
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Wed Feb 13 22:44:08 2013 -0500
installer: remove Baltimore_CyberTrust_Root.pem, ValiCert_Class_2_VA.pem when uninstalling
* Also delete stray backup files created by mono signcode
Subject: libpurple 32514:75999131f023: installer: update installer deps with a fixed NSIS SHA1Sum plugin that works on Windows XP
details: http://hg.adium.im/libpurple/rev/75999131f023
revision: 32514:75999131f023
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Thu Feb 14 00:42:20 2013 -0500
installer: update installer deps with a fixed NSIS SHA1Sum plugin that works on Windows XP
Subject: libpurple 32515:a860609d9c9e: Fix from David Walser for a crash in the CAP plugin.
details: http://hg.adium.im/libpurple/rev/a860609d9c9e
revision: 32515:a860609d9c9e
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Thu Feb 14 21:58:02 2013 +0000
Fix from David Walser for a crash in the CAP plugin.
Subject: libpurple 32516:81c1f235dce6: tcl: Fix dynamically loaded Tcl/Tk functions to be called using cdecl calling conventions.
details: http://hg.adium.im/libpurple/rev/81c1f235dce6
revision: 32516:81c1f235dce6
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Mon Feb 18 18:24:08 2013 -0500
tcl: Fix dynamically loaded Tcl/Tk functions to be called using cdecl calling conventions.
Fixes #15520
Subject: libpurple 32517:910bab8c9dac: win32: Use the libssp-0.dll from the gcc bin directory instead of based on a separate dependency.
details: http://hg.adium.im/libpurple/rev/910bab8c9dac
revision: 32517:910bab8c9dac
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Mon Feb 18 22:10:12 2013 -0500
win32: Use the libssp-0.dll from the gcc bin directory instead of based on a separate dependency.
* Fixes #15521
Subject: libpurple 32518:49eb0136f2ec: jabber: avoid possible heap overflow when a very small file has been chosen for
details: http://hg.adium.im/libpurple/rev/49eb0136f2ec
revision: 32518:49eb0136f2ec
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Mon Feb 18 22:46:53 2013 -0500
jabber: avoid possible heap overflow when a very small file has been chosen for
your own avatar
* Thanks goes to Jacob Appelbaum for noticing this
* The way this works is certainly not ideal, but libpurple doesn't depend on
any image libraries.
Subject: libpurple 32519:624cf59658dc: CID 732106: Arguments in wrong order
details: http://hg.adium.im/libpurple/rev/624cf59658dc
revision: 32519:624cf59658dc
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Mon Feb 18 23:23:12 2013 -0500
CID 732106: Arguments in wrong order
Subject: libpurple 32520:96f89e35d24d: Fix various "Dereference before null check" issues
details: http://hg.adium.im/libpurple/rev/96f89e35d24d
revision: 32520:96f89e35d24d
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Mon Feb 18 23:44:29 2013 -0500
Fix various "Dereference before null check" issues
* Nothing problematic, just unnecessary NULL checks
Subject: libpurple 32521:6625cbf09e08: Fix various other minor issues identified in the coverity scan.
details: http://hg.adium.im/libpurple/rev/6625cbf09e08
revision: 32521:6625cbf09e08
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Tue Feb 19 00:32:22 2013 -0500
Fix various other minor issues identified in the coverity scan.
Subject: libpurple 32522:0508b089c8ee: Add a missing break. I think maybe this was found by Coverity.
details: http://hg.adium.im/libpurple/rev/0508b089c8ee
revision: 32522:0508b089c8ee
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 18 21:37:00 2013 -0800
Add a missing break. I think maybe this was found by Coverity.
I'm not sure if this caused harm. If it did, it would be something like:
1. You tried adding a buddy on oscar
2. It failed because you have too many items in your list
3. We sent an authorization request to the buddy
But maybe the auth request would have been ignored? Auth requests
aren't used for AIM, and for ICQ you maybe would have already sent
an auth request, or you would need to send one in the future anyway,
so not a big deal.
Subject: libpurple 32523:5e1a2b90561c: Merge with no conflicts
details: http://hg.adium.im/libpurple/rev/5e1a2b90561c
revision: 32523:5e1a2b90561c
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Mon Feb 18 21:44:40 2013 -0800
Merge with no conflicts
Subject: libpurple 32524:a9afd31ab55f: German translation update
details: http://hg.adium.im/libpurple/rev/a9afd31ab55f
revision: 32524:a9afd31ab55f
branch: release-2.x.y
author: Bjoern Voigt <bjoern at cs.tu-berlin.de>
date: Tue Feb 19 12:14:18 2013 +0100
German translation update
Subject: libpurple 32525:0d4e3eb3b383: Fix same issue as be5378bae40e on the finch side.
details: http://hg.adium.im/libpurple/rev/0d4e3eb3b383
revision: 32525:0d4e3eb3b383
branch: release-2.x.y
author: Daniel Atallah <datallah at pidgin.im>
date: Tue Feb 19 19:41:05 2013 -0500
Fix same issue as be5378bae40e on the finch side.
Subject: libpurple 32526:bd4fb691871f: Fix compile error from 0d4e3eb3b383
details: http://hg.adium.im/libpurple/rev/bd4fb691871f
revision: 32526:bd4fb691871f
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Wed Feb 20 00:45:40 2013 -0800
Fix compile error from 0d4e3eb3b383
g_strncpy doesn't so much exist. I think g_strlcpy was intended.
Subject: libpurple 32527:28e546e29689: Add Paulo's email address.
details: http://hg.adium.im/libpurple/rev/28e546e29689
revision: 32527:28e546e29689
branch: release-2.x.y
author: Mark Doliner <mark at kingant.net>
date: Wed Feb 20 00:46:03 2013 -0800
Add Paulo's email address.
Subject: libpurple 32528:401c01066268: German translation update
details: http://hg.adium.im/libpurple/rev/401c01066268
revision: 32528:401c01066268
branch: release-2.x.y
author: Bjoern Voigt <bjoern at cs.tu-berlin.de>
date: Wed Feb 20 22:13:23 2013 +0100
German translation update
- always translate "Authentication" as "Authentifizierung", not as
"Authentifikation"
- fixed a typo
diffs (931 lines):
diff -r 261e15fb8b91 -r 401c01066268 .hgtags
--- a/.hgtags Mon Feb 11 23:15:34 2013 -0500
+++ b/.hgtags Wed Feb 20 22:13:23 2013 +0100
@@ -1,2 +1,3 @@
a3d157700972b48cf0a23b300261a5ab0c6e165b v2.10.5
4992bd90d8ad78ebdd324dd90d3e9d443f7dd002 v2.10.6
+ad7e7fb98db3bbd7bf9ab49072fd34cd4fa25dd9 v2.10.7
diff -r 261e15fb8b91 -r 401c01066268 ChangeLog
--- a/ChangeLog Mon Feb 11 23:15:34 2013 -0500
+++ b/ChangeLog Wed Feb 20 22:13:23 2013 +0100
@@ -1,5 +1,9 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
+version 2.10.8:
+ Stock market:
+ * Didn't really increase, but didn't plummet, either.
+
version 2.10.7 (02/13/2013):
Alien hatchery:
* No changes
@@ -10,6 +14,8 @@
--with-dynamic-prpls arguments. (Michael Fiedler) (#15316)
libpurple:
+ * Fix a crash when receiving UPnP responses with abnormally long values.
+ (CVE-2013-0274)
* Don't link directly to libgcrypt when building with GnuTLS support.
(Bartosz Brachaczek) (#15329)
* Fix UPnP mappings on routers that return empty <URLBase/> elements
@@ -37,6 +43,11 @@
Barfield) (#15217)
MXit:
+ * Fix two bugs where a remote MXit user could possibly specify a local
+ file path to be written to. (CVE-2013-0271)
+ * Fix a bug where the MXit server or a man-in-the-middle could
+ potentially send specially crafted data that could overflow a buffer
+ and lead to a crash or remote code execution. (CVE-2013-0272)
* Display farewell messages in a different colour to distinguish
them from normal messages.
* Add support for typing notification.
@@ -50,6 +61,10 @@
* Increase the maximum file size that can be transferred to 1 MB.
* When setting an avatar image, no longer downscale it to 96x96.
+ Sametime:
+ * Fix a crash in Sametime when a malicious server sends us an abnormally
+ long user ID. (CVE-2013-0273)
+
Yahoo!:
* Fix a double-free in profile/picture loading code. (Mihai Serban)
(#15053)
@@ -64,11 +79,14 @@
such as MacPorts' +no_x11 variant.
Windows-Specific Changes:
- * Compile with secure flags (#15290)
+ * Compile with secure flags (Jurre van Bergen) (#15290)
* Installer downloads GTK+ Runtime and Debug Symbols more securely.
- (#15277)
+ Thanks goes to Jacob Appelbaum of the Tor Project for identifying
+ this issue and suggesting solutions. (#15277)
* Updates to a number of dependencies, some of which have security
- related fixes. (#14571, #15285, #15286)
+ related fixes. Thanks again to Jacob Appelbaum and Jurre van Bergen
+ for identifying the vulnerable libraries and to Dieter Verfaillie
+ for helping getting the libraries updated. (#14571, #15285, #15286)
* ATK 1.32.0-2
* Cyrus SASL 2.1.25
* expat 2.1.0-1
diff -r 261e15fb8b91 -r 401c01066268 ChangeLog.API
--- a/ChangeLog.API Mon Feb 11 23:15:34 2013 -0500
+++ b/ChangeLog.API Wed Feb 20 22:13:23 2013 +0100
@@ -1,5 +1,8 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
+version 2.10.8:
+ * No changes
+
version 2.10.7:
* No changes
diff -r 261e15fb8b91 -r 401c01066268 Makefile.mingw
--- a/Makefile.mingw Mon Feb 11 23:15:34 2013 -0500
+++ b/Makefile.mingw Wed Feb 20 22:13:23 2013 +0100
@@ -38,14 +38,14 @@
-a sha1 -$$ commercial \
-n "$(2)" -i "https://pidgin.im" \
-t "http://timestamp.verisign.com/scripts/timstamp.dll" -tr 10 \
- $(1)
+ $(1) && rm -f $(1).bak
gpg_sign = $(GPG_SIGN) -ab $(1) && $(GPG_SIGN) --verify $(1).asc
STRIPPED_RELEASE_DIR = $(PIDGIN_TREE_TOP)/pidgin-$(PIDGIN_VERSION)-win32bin
DEBUG_SYMBOLS_DIR = $(PIDGIN_TREE_TOP)/pidgin-$(PIDGIN_VERSION)-dbgsym
-PIDGIN_INST_DEP_DIR="$(WIN32_DEV_TOP)/pidgin-inst-deps-20120910"
+PIDGIN_INST_DEP_DIR="$(WIN32_DEV_TOP)/pidgin-inst-deps-20130214"
# Any *.dll or *.exe files included in win32-install-dir that we don't compile
# should be included in this list so they don't get stripped
@@ -109,7 +109,7 @@
cp $(ENCHANT_TOP)/bin/libenchant.dll $(PIDGIN_INSTALL_DIR)/spellcheck
cp -R $(ENCHANT_TOP)/lib/enchant/*.dll $(PIDGIN_INSTALL_DIR)/spellcheck/lib/enchant
cp $(PIDGIN_INST_DEP_DIR)/exchndl.dll $(PIDGIN_INSTALL_DIR)
- cp $(GCC_SSP_TOP)/bin/libssp-0.dll $(PIDGIN_INSTALL_DIR)
+ cp $(GCC_SSP_TOP)/libssp-0.dll $(PIDGIN_INSTALL_DIR)
gtk_runtime_zip:
pidgin/win32/nsis/generate_gtk_zip.sh "`pwd`" "$(GPG_SIGN)"
diff -r 261e15fb8b91 -r 401c01066268 configure.ac
--- a/configure.ac Mon Feb 11 23:15:34 2013 -0500
+++ b/configure.ac Wed Feb 20 22:13:23 2013 +0100
@@ -46,8 +46,8 @@
m4_define([purple_lt_current], [10])
m4_define([purple_major_version], [2])
m4_define([purple_minor_version], [10])
-m4_define([purple_micro_version], [7])
-m4_define([purple_version_suffix], [])
+m4_define([purple_micro_version], [8])
+m4_define([purple_version_suffix], [devel])
m4_define([purple_version],
[purple_major_version.purple_minor_version.purple_micro_version])
m4_define([purple_display_version], purple_version[]m4_ifdef([purple_version_suffix],[purple_version_suffix]))
@@ -55,8 +55,8 @@
m4_define([gnt_lt_current], [8])
m4_define([gnt_major_version], [2])
m4_define([gnt_minor_version], [8])
-m4_define([gnt_micro_version], [9])
-m4_define([gnt_version_suffix], [])
+m4_define([gnt_micro_version], [10])
+m4_define([gnt_version_suffix], [devel])
m4_define([gnt_version],
[gnt_major_version.gnt_minor_version.gnt_micro_version])
m4_define([gnt_display_version], gnt_version[]m4_ifdef([gnt_version_suffix],[gnt_version_suffix]))
diff -r 261e15fb8b91 -r 401c01066268 finch/gntlog.c
--- a/finch/gntlog.c Mon Feb 11 23:15:34 2013 -0500
+++ b/finch/gntlog.c Wed Feb 20 22:13:23 2013 +0100
@@ -248,7 +248,7 @@
NULL);
gnt_tree_set_expanded(GNT_TREE(lv->tree), month, FALSE);
- strncpy(prev_top_month, month, sizeof(prev_top_month));
+ g_strlcpy(prev_top_month, month, sizeof(prev_top_month));
}
/* sub */
diff -r 261e15fb8b91 -r 401c01066268 libpurple/buddyicon.c
--- a/libpurple/buddyicon.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/buddyicon.c Wed Feb 20 22:13:23 2013 +0100
@@ -407,7 +407,7 @@
icon_to_set = icon->img ? icon : NULL;
/* Ensure that icon remains valid throughout */
- if (icon) purple_buddy_icon_ref(icon);
+ purple_buddy_icon_ref(icon);
buddies = purple_find_buddies(account, username);
while (buddies != NULL)
diff -r 261e15fb8b91 -r 401c01066268 libpurple/certificate.c
--- a/libpurple/certificate.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/certificate.c Wed Feb 20 22:13:23 2013 +0100
@@ -516,8 +516,8 @@
g_return_val_if_fail(pool->name, NULL);
/* Escape all the elements for filesystem-friendliness */
- esc_scheme_name = pool ? g_strdup(purple_escape_filename(pool->scheme_name)) : NULL;
- esc_name = pool ? g_strdup(purple_escape_filename(pool->name)) : NULL;
+ esc_scheme_name = g_strdup(purple_escape_filename(pool->scheme_name));
+ esc_name = g_strdup(purple_escape_filename(pool->name));
esc_id = id ? g_strdup(purple_escape_filename(id)) : NULL;
path = g_build_filename(purple_user_dir(),
diff -r 261e15fb8b91 -r 401c01066268 libpurple/log.c
--- a/libpurple/log.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/log.c Wed Feb 20 22:13:23 2013 +0100
@@ -1146,7 +1146,7 @@
}
/* Determine if this (account, name) combination exists as a buddy. */
- if (account != NULL && name != NULL && *name != '\0')
+ if (account != NULL && *name != '\0')
set->buddy = (purple_find_buddy(account, name) != NULL);
else
set->buddy = FALSE;
diff -r 261e15fb8b91 -r 401c01066268 libpurple/plugin.c
--- a/libpurple/plugin.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/plugin.c Wed Feb 20 22:13:23 2013 +0100
@@ -587,11 +587,8 @@
if (plugin->native_plugin)
{
- if (plugin->info != NULL && plugin->info->load != NULL)
- {
- if (!plugin->info->load(plugin))
- return FALSE;
- }
+ if (plugin->info->load != NULL && !plugin->info->load(plugin))
+ return FALSE;
}
else {
PurplePlugin *loader;
diff -r 261e15fb8b91 -r 401c01066268 libpurple/plugins/tcl/tcl.c
--- a/libpurple/plugins/tcl/tcl.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/plugins/tcl/tcl.c Wed Feb 20 22:13:23 2013 +0100
@@ -422,8 +422,8 @@
};
#ifdef _WIN32
-typedef Tcl_Interp* (CALLBACK* LPFNTCLCREATEINTERP)(void);
-typedef void (CALLBACK* LPFNTKINIT)(Tcl_Interp*);
+typedef Tcl_Interp* (__cdecl* LPFNTCLCREATEINTERP)(void);
+typedef void (__cdecl* LPFNTKINIT)(Tcl_Interp*);
LPFNTCLCREATEINTERP wtcl_CreateInterp = NULL;
LPFNTKINIT wtk_Init = NULL;
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/jabber/bosh.c
--- a/libpurple/protocols/jabber/bosh.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/jabber/bosh.c Wed Feb 20 22:13:23 2013 +0100
@@ -348,10 +348,8 @@
* sent immediately), queue up the data and start a timer to flush
* the buffer.
*/
- if (data) {
- int len = data ? strlen(data) : 0;
- purple_circ_buffer_append(conn->pending, data, len);
- }
+ if (data)
+ purple_circ_buffer_append(conn->pending, data, strlen(data));
if (purple_debug_is_verbose())
purple_debug_misc("jabber", "bosh: %p has %" G_GSIZE_FORMAT " bytes in "
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/jabber/useravatar.c
--- a/libpurple/protocols/jabber/useravatar.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/jabber/useravatar.c Wed Feb 20 22:13:23 2013 +0100
@@ -113,6 +113,7 @@
* and width.
*/
/* A PNG header, including the IHDR, but nothing else */
+ /* ATTN: this is in network byte order! */
const struct {
guchar signature[8]; /* must be hex 89 50 4E 47 0D 0A 1A 0A */
struct {
@@ -126,10 +127,13 @@
guchar filter;
guchar interlace;
} ihdr;
- } *png = purple_imgstore_get_data(img); /* ATTN: this is in network byte order! */
+ } *png = NULL;
+
+ if (purple_imgstore_get_size(img) > sizeof(*png))
+ png = purple_imgstore_get_data(img);
/* check if the data is a valid png file (well, at least to some extent) */
- if(png->signature[0] == 0x89 &&
+ if(png && png->signature[0] == 0x89 &&
png->signature[1] == 0x50 &&
png->signature[2] == 0x4e &&
png->signature[3] == 0x47 &&
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/msn/msn.c
--- a/libpurple/protocols/msn/msn.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/msn/msn.c Wed Feb 20 22:13:23 2013 +0100
@@ -2764,7 +2764,7 @@
}
/* Try to put the photo in there too, if there's one and is readable */
- if (user_data && url_text && len != 0)
+ if (url_text && len != 0)
{
if (strstr(url_text, "400 Bad Request")
|| strstr(url_text, "403 Forbidden")
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/mxit/formcmds.c
--- a/libpurple/protocols/mxit/formcmds.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/mxit/formcmds.c Wed Feb 20 22:13:23 2013 +0100
@@ -405,19 +405,29 @@
guchar* rawimg;
gsize rawimglen;
char* dir;
+ char* escfrom;
+ char* escname;
+ char* escvalidator;
char* filename;
/* base64 decode the image data */
rawimg = purple_base64_decode(tmp, &rawimglen);
/* save it to a file */
- dir = g_strdup_printf("%s/mxit/imagestrips", purple_user_dir());
+ dir = g_build_filename(purple_user_dir(), "mxit", "imagestrips", NULL);
purple_build_dir(dir, S_IRUSR | S_IWUSR | S_IXUSR); /* ensure directory exists */
- filename = g_strdup_printf("%s/%s-%s-%s.png", dir, from, name, validator);
+ escfrom = g_strdup(purple_escape_filename(from));
+ escname = g_strdup(purple_escape_filename(name));
+ escvalidator = g_strdup(purple_escape_filename(validator));
+ filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s-%s-%s.png", dir, escfrom, escname, escvalidator);
+
purple_util_write_data_to_file_absolute(filename, (char*) rawimg, rawimglen);
g_free(dir);
+ g_free(escfrom);
+ g_free(escname);
+ g_free(escvalidator);
g_free(filename);
}
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/mxit/http.c
--- a/libpurple/protocols/mxit/http.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/mxit/http.c Wed Feb 20 22:13:23 2013 +0100
@@ -116,11 +116,12 @@
buflen = session->rx_i;
/* read bytes from the socket */
- len = read( session->fd, buf + buflen, sizeof( buf ) - buflen );
+ len = read( session->fd, buf + buflen, sizeof( buf ) - ( buflen + 1 ) );
if ( len <= 0 ) {
/* connection has been terminated, or error occurred */
goto done;
}
+ buf[buflen+len] = '\0';
//nextpacket:
@@ -181,7 +182,11 @@
g_free( tmp );
tmp = NULL;
- if ( buflen > ( ( body - buf ) + bodylen ) ) {
+ if ( buflen + bodylen >= CP_MAX_PACKET ) {
+ /* this packet is way to big */
+ goto done;
+ }
+ else if ( buflen > ( ( body - buf ) + bodylen ) ) {
/* we have a second packet here */
next = body + bodylen;
session->rx_res = 0;
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/mxit/splashscreen.c
--- a/libpurple/protocols/mxit/splashscreen.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/mxit/splashscreen.c Wed Feb 20 22:13:23 2013 +0100
@@ -121,10 +121,10 @@
splash_remove(session);
/* Save the new splash image */
- dir = g_strdup_printf("%s/mxit", purple_user_dir());
+ dir = g_strdup_printf("%s" G_DIR_SEPARATOR_S "mxit", purple_user_dir());
purple_build_dir(dir, S_IRUSR | S_IWUSR | S_IXUSR); /* ensure directory exists */
- filename = g_strdup_printf("%s/%s.png", dir, splashId);
+ filename = g_strdup_printf("%s" G_DIR_SEPARATOR_S "%s.png", dir, purple_escape_filename(splashId));
if (purple_util_write_data_to_file_absolute(filename, data, datalen)) {
/* Store new splash-screen ID to settings */
purple_account_set_string(session->acc, MXIT_CONFIG_SPLASHID, splashId);
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/oscar/family_icbm.c
--- a/libpurple/protocols/oscar/family_icbm.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/oscar/family_icbm.c Wed Feb 20 22:13:23 2013 +0100
@@ -156,7 +156,7 @@
purple_debug_error("oscar",
"Message error with bn %s and reason %hu and errcode %hu\n",
- (bn != NULL ? bn : ""), reason, errcode);
+ bn, reason, errcode);
#ifdef TODOFT
/* If this was a file transfer request, bn is a cookie */
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/oscar/family_locate.c
--- a/libpurple/protocols/oscar/family_locate.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/oscar/family_locate.c Wed Feb 20 22:13:23 2013 +0100
@@ -1355,7 +1355,7 @@
aim_snacid_t snacid;
GSList *tlvlist = NULL;
- if (!od || !(conn = flap_connection_findbygroup(od, SNAC_FAMILY_LOCATE)))
+ if (!(conn = flap_connection_findbygroup(od, SNAC_FAMILY_LOCATE)))
return -EINVAL;
aim_tlvlist_add_caps(&tlvlist, 0x0005, caps, mood);
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/oscar/oscar.c
--- a/libpurple/protocols/oscar/oscar.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/oscar/oscar.c Wed Feb 20 22:13:23 2013 +0100
@@ -4180,7 +4180,7 @@
if ((retval->name != NULL) && !purple_conv_present_error(retval->name, purple_connection_get_account(gc), buf))
purple_notify_error(gc, NULL, _("Unable to Add"), buf);
g_free(buf);
- }
+ } break;
case 0x000e: { /* buddy requires authorization */
if ((retval->action == SNAC_SUBTYPE_FEEDBAG_ADD) && (retval->name))
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/sametime/sametime.c
--- a/libpurple/protocols/sametime/sametime.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/sametime/sametime.c Wed Feb 20 22:13:23 2013 +0100
@@ -4977,7 +4977,7 @@
data. wtf? */
static char buf[BUF_LEN];
- strncpy(buf, id, sizeof(buf));
+ g_strlcpy(buf, id, sizeof(buf));
return buf;
}
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/silc/ft.c
--- a/libpurple/protocols/silc/ft.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/silc/ft.c Wed Feb 20 22:13:23 2013 +0100
@@ -222,8 +222,6 @@
if (purple_xfer_get_status(x) != PURPLE_XFER_STATUS_ACCEPTED)
return;
- if (!xfer)
- return;
silc_socket_stream_get_info(silc_packet_stream_get_stream(xfer->sg->conn->stream),
&sock, NULL, NULL, NULL);
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/silc/wb.c
--- a/libpurple/protocols/silc/wb.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/silc/wb.c Wed Feb 20 22:13:23 2013 +0100
@@ -192,7 +192,7 @@
/* Update whiteboard if its dimensions changed */
if (width != wbs->width || height != wbs->height)
- silcpurple_wb_set_dimensions(wb, height, width);
+ silcpurple_wb_set_dimensions(wb, width, height);
if (command == SILCPURPLE_WB_DRAW) {
/* Parse data and draw it */
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/silc10/wb.c
--- a/libpurple/protocols/silc10/wb.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/silc10/wb.c Wed Feb 20 22:13:23 2013 +0100
@@ -191,7 +191,7 @@
/* Update whiteboard if its dimensions changed */
if (width != wbs->width || height != wbs->height)
- silcpurple_wb_set_dimensions(wb, height, width);
+ silcpurple_wb_set_dimensions(wb, width, height);
if (command == SILCPURPLE_WB_DRAW) {
/* Parse data and draw it */
diff -r 261e15fb8b91 -r 401c01066268 libpurple/protocols/yahoo/yahoo_profile.c
--- a/libpurple/protocols/yahoo/yahoo_profile.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/protocols/yahoo/yahoo_profile.c Wed Feb 20 22:13:23 2013 +0100
@@ -1035,7 +1035,7 @@
#if PHOTO_SUPPORT
/* Try to put the photo in there too, if there's one and is readable */
- if (data && url_text && len != 0) {
+ if (url_text && len != 0) {
if (strstr(url_text, "400 Bad Request")
|| strstr(url_text, "403 Forbidden")
|| strstr(url_text, "404 Not Found")) {
diff -r 261e15fb8b91 -r 401c01066268 libpurple/theme-loader.c
--- a/libpurple/theme-loader.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/theme-loader.c Wed Feb 20 22:13:23 2013 +0100
@@ -63,6 +63,7 @@
switch (param_id) {
case PROP_TYPE:
g_value_set_string(value, purple_theme_loader_get_type_string(theme_loader));
+ break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID(obj, param_id, psec);
break;
diff -r 261e15fb8b91 -r 401c01066268 libpurple/upnp.c
--- a/libpurple/upnp.c Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/upnp.c Wed Feb 20 22:13:23 2013 +0100
@@ -409,7 +409,7 @@
: PURPLE_UPNP_STATUS_UNABLE_TO_DISCOVER;
control_info.lookup_time = time(NULL);
control_info.control_url = control_url;
- strncpy(control_info.service_type, dd->service_type,
+ g_strlcpy(control_info.service_type, dd->service_type,
sizeof(control_info.service_type));
fire_discovery_callbacks(control_url != NULL);
@@ -601,9 +601,9 @@
sentSuccess = FALSE;
if((dd->retry_count % 2) == 0) {
- strncpy(dd->service_type, WAN_IP_CONN_SERVICE, sizeof(dd->service_type));
+ g_strlcpy(dd->service_type, WAN_IP_CONN_SERVICE, sizeof(dd->service_type));
} else {
- strncpy(dd->service_type, WAN_PPP_CONN_SERVICE, sizeof(dd->service_type));
+ g_strlcpy(dd->service_type, WAN_PPP_CONN_SERVICE, sizeof(dd->service_type));
}
sendMessage = g_strdup_printf(SEARCH_REQUEST_STRING, dd->service_type);
@@ -746,7 +746,6 @@
purple_upnp_get_public_ip()
{
if (control_info.status == PURPLE_UPNP_STATUS_DISCOVERED
- && control_info.publicip
&& strlen(control_info.publicip) > 0)
return control_info.publicip;
@@ -787,7 +786,7 @@
}
*temp2 = '\0';
- strncpy(control_info.publicip, temp + 1,
+ g_strlcpy(control_info.publicip, temp + 1,
sizeof(control_info.publicip));
purple_debug_info("upnp", "NAT Returned IP: %s\n", control_info.publicip);
@@ -805,7 +804,6 @@
purple_upnp_get_internal_ip(void)
{
if (control_info.status == PURPLE_UPNP_STATUS_DISCOVERED
- && control_info.internalip
&& strlen(control_info.internalip) > 0)
return control_info.internalip;
@@ -822,7 +820,7 @@
looked_up_internal_ip_cb(gpointer data, gint source, const gchar *error_message)
{
if (source != -1) {
- strncpy(control_info.internalip,
+ g_strlcpy(control_info.internalip,
purple_network_get_local_system_ip(source),
sizeof(control_info.internalip));
purple_debug_info("upnp", "Local IP: %s\n",
@@ -975,7 +973,7 @@
ar->cb_data = cb_data;
ar->add = TRUE;
ar->portmap = portmap;
- strncpy(ar->protocol, protocol, sizeof(ar->protocol));
+ g_strlcpy(ar->protocol, protocol, sizeof(ar->protocol));
/* If we're waiting for a discovery, add to the callbacks list */
if(control_info.status == PURPLE_UPNP_STATUS_DISCOVERING) {
@@ -1022,7 +1020,7 @@
ar->cb_data = cb_data;
ar->add = FALSE;
ar->portmap = portmap;
- strncpy(ar->protocol, protocol, sizeof(ar->protocol));
+ g_strlcpy(ar->protocol, protocol, sizeof(ar->protocol));
/* If we're waiting for a discovery, add to the callbacks list */
if(control_info.status == PURPLE_UPNP_STATUS_DISCOVERING) {
diff -r 261e15fb8b91 -r 401c01066268 libpurple/win32/global.mak
--- a/libpurple/win32/global.mak Mon Feb 11 23:15:34 2013 -0500
+++ b/libpurple/win32/global.mak Wed Feb 20 22:13:23 2013 +0100
@@ -22,7 +22,7 @@
SILC_TOOLKIT ?= $(WIN32_DEV_TOP)/silc-toolkit-1.1.10
TCL_LIB_TOP ?= $(WIN32_DEV_TOP)/tcl-8.4.5
GSTREAMER_TOP ?= $(WIN32_DEV_TOP)/gstreamer-0.10.13
-GCC_SSP_TOP ?= $(WIN32_DEV_TOP)/gcc-core-4.4.0-mingw32-dll
+GCC_SSP_TOP ?= $(shell dirname $(shell which $(CC)))
CYRUS_SASL_TOP ?= $(WIN32_DEV_TOP)/cyrus-sasl-2.1.25
# Where we installing this stuff to?
diff -r 261e15fb8b91 -r 401c01066268 pidgin/gtkconv.c
--- a/pidgin/gtkconv.c Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/gtkconv.c Wed Feb 20 22:13:23 2013 +0100
@@ -6546,7 +6546,7 @@
gtk_widget_show(win->menu.unblock);
}
- if ((account == NULL) || purple_find_buddy(account, purple_conversation_get_name(conv)) == NULL) {
+ if (purple_find_buddy(account, purple_conversation_get_name(conv)) == NULL) {
gtk_widget_show(win->menu.add);
gtk_widget_hide(win->menu.remove);
} else {
diff -r 261e15fb8b91 -r 401c01066268 pidgin/gtkdialogs.c
--- a/pidgin/gtkdialogs.c Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/gtkdialogs.c Wed Feb 20 22:13:23 2013 +0100
@@ -227,7 +227,7 @@
{N_("Punjabi"), "pa", "Amanpreet Singh Alam", "aalam at users.sf.net"},
{N_("Polish"), "pl", "Piotr DrÄ
g", "piotrdrag at gmail.com"},
{N_("Polish"), "pl", "Piotr Makowski", "pmakowski at aviary.pl"},
- {N_("Portuguese"), "pt", "Paulo Ribeiro", NULL},
+ {N_("Portuguese"), "pt", "Paulo Ribeiro", "paulo at diffraction.pt"},
{N_("Portuguese-Brazil"), "pt_BR", "Renato Silva", "br.renatosilva at gmail.com"},
{N_("Pashto"), "ps", "Kashif Masood", "masudmails at yahoo.com"},
{N_("Romanian"), "ro", "Mișu Moldovan", "dumol at gnome.org"},
diff -r 261e15fb8b91 -r 401c01066268 pidgin/gtkimhtml.c
--- a/pidgin/gtkimhtml.c Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/gtkimhtml.c Wed Feb 20 22:13:23 2013 +0100
@@ -2353,10 +2353,11 @@
if (!g_ascii_strncasecmp(string, "!--", strlen ("!--"))) {
gchar *e = strstr (string + strlen("!--"), "-->");
if (e) {
- if (len)
+ if (len) {
*len = e - string + strlen ("-->");
- if (tag)
- *tag = g_strndup (string + strlen ("!--"), *len - strlen ("!---->"));
+ if (tag)
+ *tag = g_strndup (string + strlen ("!--"), *len - strlen ("!---->"));
+ }
return TRUE;
}
}
diff -r 261e15fb8b91 -r 401c01066268 pidgin/plugins/cap/cap.c
--- a/pidgin/plugins/cap/cap.c Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/plugins/cap/cap.c Wed Feb 20 22:13:23 2013 +0100
@@ -43,7 +43,7 @@
int threshold = purple_prefs_get_int("/plugins/gtk/cap/threshold");
int min_minute = (current_minute - threshold) % 1440;
int max_minute = (current_minute + threshold) % 1440;
- char *sql, sta_id = NULL;
+ char *sql, *sta_id = NULL;
sqlite3_stmt *stmt = NULL;
const char *tail = NULL;
int rc;
diff -r 261e15fb8b91 -r 401c01066268 pidgin/win32/nsis/generate_gtk_zip.sh
--- a/pidgin/win32/nsis/generate_gtk_zip.sh Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/win32/nsis/generate_gtk_zip.sh Wed Feb 20 22:13:23 2013 +0100
@@ -17,7 +17,7 @@
#This needs to be changed every time there is any sort of change.
BUNDLE_VERSION=2.16.6.1
-BUNDLE_SHA1SUM=5e16b7efb11943e8c80bc390f6c38df904fd36ed
+BUNDLE_SHA1SUM=3e586e3f716f909ff6c11bf64c5ad23f1a0c98bf
ZIP_FILE="$PIDGIN_BASE/pidgin/win32/nsis/gtk-runtime-$BUNDLE_VERSION.zip"
#Download the existing file (so that we distribute the exact same file for all releases with the same bundle version)
diff -r 261e15fb8b91 -r 401c01066268 pidgin/win32/nsis/pidgin-installer.nsi
--- a/pidgin/win32/nsis/pidgin-installer.nsi Mon Feb 11 23:15:34 2013 -0500
+++ b/pidgin/win32/nsis/pidgin-installer.nsi Wed Feb 20 22:13:23 2013 +0100
@@ -258,7 +258,7 @@
retry:
StrCpy $R2 "${DOWNLOADER_URL}>k_version=${GTK_INSTALL_VERSION}&dl_pkg=gtk"
DetailPrint "Downloading GTK+ Runtime ... ($R2)"
- NSISdl::download /TIMEOUT=10000 $R2 $R1
+ NSISdl::download /TIMEOUT=10000 "$R2" "$R1"
Pop $R0
;StrCmp $R0 "cancel" done
StrCmp $R0 "success" 0 prompt_retry
@@ -453,7 +453,7 @@
retry:
StrCpy $R2 "${DOWNLOADER_URL}&dl_pkg=dbgsym"
DetailPrint "Downloading Debug Symbols... ($R2)"
- NSISdl::download /TIMEOUT=10000 $R2 $R1
+ NSISdl::download /TIMEOUT=10000 "$R2" "$R1"
Pop $R0
StrCmp $R0 "cancel" done
StrCmp $R0 "success" 0 prompt_retry
@@ -532,6 +532,7 @@
Delete "$INSTDIR\ca-certs\AddTrust_External_Root.pem"
Delete "$INSTDIR\ca-certs\America_Online_Root_Certification_Authority_1.pem"
Delete "$INSTDIR\ca-certs\AOL_Member_CA.pem"
+ Delete "$INSTDIR\ca-certs\Baltimore_CyberTrust_Root.pem"
Delete "$INSTDIR\ca-certs\CAcert_Class3.pem"
Delete "$INSTDIR\ca-certs\CAcert_Root.pem"
Delete "$INSTDIR\ca-certs\Deutsche_Telekom_Root_CA_2.pem"
@@ -549,7 +550,7 @@
Delete "$INSTDIR\ca-certs\StartCom_Free_SSL_CA.pem"
Delete "$INSTDIR\ca-certs\Thawte_Premium_Server_CA.pem"
Delete "$INSTDIR\ca-certs\Thawte_Primary_Root_CA.pem"
- Delete "$INSTDIR\ca-certs\ValiCert_Class_2_VA.crt"
+ Delete "$INSTDIR\ca-certs\ValiCert_Class_2_VA.pem"
Delete "$INSTDIR\ca-certs\VeriSign_Class3_Extended_Validation_CA.pem"
Delete "$INSTDIR\ca-certs\Verisign_Class3_Primary_CA.pem"
Delete "$INSTDIR\ca-certs\VeriSign_Class_3_Public_Primary_Certification_Authority_-_G2.pem"
@@ -1331,9 +1332,11 @@
IntOp $R1 0 + 0
done:
+ Exch $R1 ;$R1 has the return code
+ Exch
Pop $R2
+ Exch
Pop $R0
- Exch $R1 ;$R1 has the return code
FunctionEnd
!endif
diff -r 261e15fb8b91 -r 401c01066268 po/ChangeLog
--- a/po/ChangeLog Mon Feb 11 23:15:34 2013 -0500
+++ b/po/ChangeLog Wed Feb 20 22:13:23 2013 +0100
@@ -1,5 +1,8 @@
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
+version 2.10.8
+ No changes
+
version 2.10.7
* Burmese translation updated (Thura Hlaing)
* Dutch translation updated (Gideon van Melle)
diff -r 261e15fb8b91 -r 401c01066268 po/de.po
--- a/po/de.po Mon Feb 11 23:15:34 2013 -0500
+++ b/po/de.po Wed Feb 20 22:13:23 2013 +0100
@@ -2,7 +2,7 @@
# Pidgin German translation
# Copyright (C) 2001, Daniel Seifert <Pidgin-translation at dseifert.de>
# Copyright (C) 2002, Karsten Weiss <knweiss at gmx.de>
-# Copyright (C) 2002-2012, Björn Voigt <bjoern at cs.tu-berlin.de>,
+# Copyright (C) 2002-2013, Björn Voigt <bjoern at cs.tu-berlin.de>,
# Jochen Kemnade <jochenkemnade at web.de>
#
# This file is distributed under the same license as the Pidgin package.
@@ -11,9 +11,9 @@
msgstr ""
"Project-Id-Version: de\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2012-07-12 17:36+0200\n"
-"PO-Revision-Date: 2012-07-12 17:36+0200\n"
-"Last-Translator: Jochen Kemnade <jochenkemnade at web.de>\n"
+"POT-Creation-Date: 2013-02-20 22:11+0100\n"
+"PO-Revision-Date: 2013-02-20 22:10+0100\n"
+"Last-Translator: Björn Voigt <bjoern at cs.tu-berlin.de>\n"
"Language-Team: German <de at li.org>\n"
"Language: de\n"
"MIME-Version: 1.0\n"
@@ -3452,7 +3452,6 @@
msgid "Unable to connect: %s"
msgstr "Verbinden nicht möglich: %s"
-#, c-format
msgid "Server closed the connection"
msgstr "Der Server hat die Verbindung beendet"
@@ -3501,6 +3500,12 @@
msgid "Use SSL"
msgstr "Benutze SSL"
+msgid "Authenticate with SASL"
+msgstr "Mit SASL authentifizieren"
+
+msgid "Allow plaintext SASL auth over unencrypted connection"
+msgstr "Erlaube Klartext-Authentifizierung über einen unverschlüsselten Kanal"
+
msgid "Bad mode"
msgstr "Falscher Modus"
@@ -3563,6 +3568,10 @@
msgstr "Das Thema für %s ist: %s"
#, c-format
+msgid "Topic for %s set by %s at %s on %s"
+msgstr "Das Thema für %s gesetzt von %s um %s auf %s"
+
+#, c-format
msgid "Unknown message '%s'"
msgstr "Unbekannte Nachricht '%s'"
@@ -3676,6 +3685,37 @@
msgid "Wallops from %s"
msgstr "Wallops von %s"
+#, c-format
+msgid "Failed to initialize SASL authentication: %s"
+msgstr "Initialisierung der SASL-Authentifizierung fehlgeschlagen: %s"
+
+msgid "SASL authentication failed: No worthy authentication mechanisms found."
+msgstr ""
+"SASL-Authentifizierung fehlgeschlagen: Keine brauchbaren "
+"Authentifizierungsmechanismen gefunden."
+
+#, c-format
+msgid "SASL authentication failed: %s"
+msgstr "SASL-Authentifizierung fehlgeschlagen: %s"
+
+msgid ""
+"SASL authentication failed: Server does not support SASL authentication."
+msgstr ""
+"SASL-Authentifizierung fehlgeschlagen: Der Server unterstützt keine SASL-"
+"Authentifizierung."
+
+msgid "SASL authentication failed: Initializing SASL failed."
+msgstr ""
+"SASL-Authentifizierung fehlgeschlagen: Initialisierung von SASL "
+"fehlgeschlagen."
+
+msgid "Incorrect Password"
+msgstr "Falsches Passwort"
+
+msgid "SASL authentication failed: No worthy mechanisms found"
+msgstr ""
+"SASL-Authentifizierung fehlgeschlagen: Keine brauchbaren Mechanismen gefunden"
+
msgid "action <action to perform>: Perform an action."
msgstr "action <Aktion>: Führe eine Aktion durch."
@@ -5850,10 +5890,10 @@
msgstr "nudge: Einen Kontakt anstoßen, um seine Aufmerksamkeit zu erhalten"
msgid "Windows Live ID authentication:Unable to connect"
-msgstr "Windows Live ID-Authentifikation:Kann nicht verbinden"
+msgstr "Windows Live ID-Authentifizierung:Kann nicht verbinden"
msgid "Windows Live ID authentication:Invalid response"
-msgstr "Windows Live ID-Authentifikation:Ungültige Antwort"
+msgstr "Windows Live ID-Authentifizierung:Ungültige Antwort"
msgid "The following users are missing from your addressbook"
msgstr "Die folgenden Benutzer fehlen in Ihrem Adressbuch"
@@ -6122,6 +6162,10 @@
msgid "Where I Live"
msgstr "Wo ich wohne"
+#. relationship status
+msgid "Relationship Status"
+msgstr "Beziehungsstatus"
+
#. mobile number
msgid "Mobile Number"
msgstr "Handynummer"
@@ -6340,10 +6384,6 @@
msgid "Rejection Message"
msgstr "Ablehnungsnachricht"
-#. hidden number
-msgid "Hidden Number"
-msgstr "Versteckte Nummer"
-
msgid "No profile available"
msgstr "Kein Profil verfügbar"
@@ -6368,6 +6408,33 @@
msgid "Enable splash-screen popup"
msgstr "Startbildschirm-Popup aktivieren"
+msgid "Don't want to say"
+msgstr "Das möchte ich nicht sagen"
+
+msgid "Single"
+msgstr "Ledig"
+
+msgid "In a relationship"
+msgstr "In einer Beziehung"
+
+msgid "Engaged"
+msgstr "Verlobt"
+
+msgid "Married"
+msgstr "Verheiratet"
+
+msgid "It's complicated"
+msgstr "Es ist kompliziert"
+
+msgid "Widowed"
+msgstr "Verwitwet"
+
+msgid "Separated"
+msgstr "Getrennt"
+
+msgid "Divorced"
+msgstr "Geschieden"
+
msgid "Last Online"
msgstr "Zuletzt online"
@@ -6427,6 +6494,12 @@
msgid "Message Error"
msgstr "Nachrichtenfehler"
+#. could not be decrypted
+msgid "An encrypted message was received which could not be decrypted."
+msgstr ""
+"Es wurde eine verschlüsselte Nachricht empfangen, die nicht entschlüsselt "
+"werden kann."
+
msgid "Cannot perform redirect using the specified protocol"
msgstr "Kann die Umleitung nicht mit dem angegebenen Protokoll durchführen"
@@ -8899,15 +8972,15 @@
"channel public keys are set then only users whose public keys are listed are "
"able to join."
msgstr ""
-"Die Kanalauthentifikation wird benutzt, um einen Kanal vor unbefugtem "
-"Zugriff zu schützen. Die Authentifikation kann auf Passphrasen und digitalen "
-"Signaturen basieren. Wenn die Passphrase-Variante gewählt wird, braucht man "
-"eine Passphrase, um den Kanal betreten zu können. Wenn digitale öffentliche "
-"Schlüssel gewählt werden, können nur solche Benutzer den Kanal betreten, "
-"deren Schlüssel aufgelistet sind."
+"Die Kanalauthentifizierung wird benutzt, um einen Kanal vor unbefugtem "
+"Zugriff zu schützen. Die Authentifizierung kann auf Passphrasen und "
+"digitalen Signaturen basieren. Wenn die Passphrase-Variante gewählt wird, "
+"braucht man eine Passphrase, um den Kanal betreten zu können. Wenn digitale "
+"öffentliche Schlüssel gewählt werden, können nur solche Benutzer den Kanal "
+"betreten, deren Schlüssel aufgelistet sind."
msgid "Channel Authentication"
-msgstr "Kanal-Authentifikation"
+msgstr "Kanal-Authentifizierung"
msgid "Add / Remove"
msgstr "Hinzufügen / Entfernen"
@@ -9951,7 +10024,6 @@
"Ihr Konto wurde aufgrund zu vieler fehlgeschlagener Login-Versuche gesperrt. "
"Bitte versuchen Sie sich auf der Yahoo!-Webseite anzumelden."
-#, c-format
msgid "Unknown error 52. Reconnecting should fix this."
msgstr "Unbekannter Fehler 52. Ein Neu-Verbinden sollte dies beheben."
@@ -11957,6 +12029,9 @@
msgid "Lao"
msgstr "Laotisch"
+msgid "Lithuanian"
+msgstr "Litauisch"
+
msgid "Maithili"
msgstr "Maithili"
@@ -12074,9 +12149,6 @@
msgid "Amharic"
msgstr "Amharisch"
-msgid "Lithuanian"
-msgstr "Litauisch"
-
msgid "T.M.Thanh and the Gnome-Vi Team"
msgstr "T.M.Thanh und das Gnome-Vi Team"
@@ -12110,7 +12182,6 @@
"\tIRC-Channel: #pidgin auf irc.freenode.net<BR>\tXMPP-MUC: devel at conference."
"pidgin.im<BR><BR>"
-#, c-format
msgid ""
"<font size=\"4\"><b>Help from other Pidgin users</b></font> is available by "
"e-mailing <a href=\"mailto:support at pidgin.im\">support at pidgin.im</a><br/"
@@ -14782,7 +14853,6 @@
msgid "Timestamp Format Options"
msgstr "Zeitstempelformat-Optionen"
-#, c-format
msgid "_Force timestamp format:"
msgstr "_Erzwinge Zeitformat:"
@@ -15162,6 +15232,9 @@
msgid "You do not have permission to uninstall this application."
msgstr "Sie haben keine Berechtigung, diese Anwendung zu deinstallieren."
+#~ msgid "Hidden Number"
+#~ msgstr "Versteckte Nummer"
+
#~ msgid "No Sametime Community Server specified"
#~ msgstr "Kein Sametime-Community Server angegeben"
More information about the commits
mailing list