Version 0.4.3:
- new command /print
- logical and/or for tags in /filter and hook_print
- gaps in buffer numbers
- support of italic text
- new options to customize default text search in buffers
- use of IRC monitor command for /notify (if available on server)
- new IRC server option "ssl_fingerprint"
- new option to smart-filter IRC mode messages
- new option for default IRC ban mask
- support of IPv6 for DCC chat/file
- auto check CRC32 of files received with DCC
- many bugs fixed.
Version 0.4.2:
- rename binary from "weechat-curses" to "weechat" (with symbolic link "weechat-curses" for compatibility)
- add secured data (encryption of passwords or private data), new command /secure, new file sec.conf
- search of regular expression in buffer with text emphasis, in prefixes, messages or both
- add option "scroll_beyond_end" for command /window
- add optional buffer context in bar items (for example to display bitlbee nicklist in a root bar)
- new options weechat.look.hotlist_{prefix|suffix}
- new option weechat.look.key_bind_safe to prevent any key binding error from user
- new option weechat.network.proxy_curl to use a proxy when downloading URLs with curl
- display day change message dynamically
- support of wildcards in IRC commands (de)op/halfop/voice
- new option irc.look.notice_welcome_redirect to redirect channel welcome notices to the channel buffer
- new option irc.look.nick_color_hash: new hash algorithm to find nick colors (variant of djb2)
- add info about things defined by a script in the detailed view of script (/script show)
- support of "enchant" library in aspell plugin
- many bugs fixed.
finch does not compile with python-3.3. Since libpurple is not versioned
and finch pulls it in, we have to mark libpurple too, and then pidgin
because of libpurple. It's all one codebase anyway...
version 2.10.8 (1/28/2014):
General:
* Python build scripts and example plugins are now compatible with
Python 3. (Ashish Gupta) (#15624)
libpurple:
* Fix potential crash if libpurple gets an error attempting to read a
reply from a STUN server. (Discovered by Coverity static analysis)
(CVE-2013-6484)
* Fix potential crash parsing a malformed HTTP response. (Discovered by
Jacob Appelbaum of the Tor Project) (CVE-2013-6479)
* Fix buffer overflow when parsing a malformed HTTP response with
chunked Transfer-Encoding. (Discovered by Matt Jones, Volvent)
(CVE-2013-6485)
* Better handling of HTTP proxy responses with negative Content-Lengths.
(Discovered by Matt Jones, Volvent)
* Fix handling of SSL certificates without subjects when using libnss.
* Fix handling of SSL certificates with timestamps in the distant future
when using libnss. (#15586)
* Impose maximum download size for all HTTP fetches.
Pidgin:
* Fix crash displaying tooltip of long URLs. (CVE-2013-6478)
* Better handling of URLs longer than 1000 letters.
* Fix handling of multibyte UTF-8 characters in smiley themes. (#15756)
Windows-Specific Changes:
* When clicking file:// links, show the file in Explorer rather than
attempting to run the file. This reduces the chances of a user
clicking on a link and mistakenly running a malicious file.
(Originally discovered by James Burton, Insomnia Security. Rediscovered
by Yves Younan of Sourcefire VRT.) (CVE-2013-6486)
* Fix Tcl scripts. (#15520)
* Fix crash-on-startup when ASLR is always on. (#15521)
* Updates to dependencies:
* NSS 3.15.4 and NSPR 4.10.2
* Pango 1.29.4-1daa
Patched for https://bugzilla.gnome.org/show_bug.cgi?id=668154
AIM:
* Fix untrusted certificate error.
AIM and ICQ:
* Fix a possible crash when receiving a malformed message in a Direct IM
session.
Gadu-Gadu:
* Fix buffer overflow with remote code execution potential. Only
triggerable by a Gadu-Gadu server or a man-in-the-middle.
(Discovered by Yves Younan and Ryan Pentney of Sourcefire VRT)
(CVE-2013-6487)
* Disabled buddy list import/export from/to server (it didn't work
anymore). Buddy list synchronization will be implemented in 3.0.0.
* Disabled new account registration and password change options, as it
didn't work either. Account registration also caused a crash. Both
functions are available using official Gadu-Gadu website.
IRC:
* Fix bug where a malicious server or man-in-the-middle could trigger
a crash by not sending enough arguments with various messages.
(Discovered by Daniel Atallah) (CVE-2014-0020)
* Fix bug where initial IRC status would not be set correctly.
* Fix bug where IRC wasn't available when libpurple was compiled with
Cyrus SASL support. (#15517)
MSN:
* Fix NULL pointer dereference parsing headers in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix NULL pointer dereference parsing OIM data in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix NULL pointer dereference parsing SOAP data in MSN.
(Discovered by Fabian Yamaguchi and Christian Wressnegger of the
University of Goettingen) (CVE-2013-6482)
* Fix possible crash when sending very long messages. Not
remotely-triggerable. (Discovered by Matt Jones, Volvent)
MXit:
* Fix buffer overflow with remote code execution potential.
(Discovered by Yves Younan and Pawel Janic of Sourcefire VRT)
(CVE-2013-6487)
* Fix sporadic crashes that can happen after user is disconnected.
* Fix crash when attempting to add a contact via search results.
* Show error message if file transfer fails.
* Fix compiling with InstantBird.
* Fix display of some custom emoticons.
SILC:
* Correctly set whiteboard dimensions in whiteboard sessions.
SIMPLE:
* Fix buffer overflow with remote code execution potential.
(Discovered by Yves Younan of Sourcefire VRT) (CVE-2013-6487)
XMPP:
* Prevent spoofing of iq replies by verifying that the 'from' address
matches the 'to' address of the iq request. (Discovered by Fabian
Yamaguchi and Christian Wressnegger of the University of Goettingen)
(CVE-2013-6483)
* Fix crash on some systems when receiving fake delay timestamps with
extreme values. (Discovered by Jaime Breva Ribes) (CVE-2013-6477)
* Fix possible crash or other erratic behavior when selecting a very
small file for your own buddy icon.
* Fix crash if the user tries to initiate a voice/video session with a
resourceless JID.
* Fix login errors when the first two available auth mechanisms fail but
a subsequent mechanism would otherwise work when using Cyrus SASL.
(#15524)
* Fix dropping incoming stanzas on BOSH connections when we receive
multiple HTTP responses at once. (Issa Gorissen) (#15684)
Yahoo!:
* Fix possible crashes handling incoming strings that are not UTF-8.
(Discovered by Thijs Alkemade and Robert Vehse) (CVE-2012-6152)
* Fix a bug reading a peer to peer message where a remote user could
trigger a crash. (CVE-2013-6481)
Plugins:
* Fix crash in contact availability plugin.
* Fix perl function Purple::Network::ip_atoi
* Add Unity integration plugin.
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE= 33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE= 33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.
Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.
Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.
Whitespace cleanups and other nits corrected, where necessary.
zul_, khorben, netcap, and jihbed.
mcabber is a small Jabber console client, it supports SSL, OTR,
MUC, history logging, commands completion and external actions
triggers.
o re-add the utf-8 changes now that the scrolling is not slowed
o scrolling is much faster now
o fix compile time errors in on modern glibc systems
o add /nuser command
o wserv and ircio move into "libexec" dir.
in 1985 and fixed up by Christos "last week". (I've apparently been
sitting on this package since 20130101, so it was a year ago...)
XXX: this should probably grow an rc script for the master daemon, phoned.
Upstream changes:
-----------------------------------------
version 2.44 at 2013-06-10 13:21:56 +0000
-----------------------------------------
Change: ae253101da7958777a572271f901e894ae20de05
Author: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
Date : 2013-06-10 14:21:56 +0000
Convert the distribution to dzil
Change: 2f3bfa5c4a97ca061c2f87d4f4706e0bb0376f43
Author: Chris Williams <chris@bingosnet.co.uk>
Date : 2013-06-10 06:08:52 +0000
Merge pull request #1 from avenj/messagetags
IRCv3.2 message tag support, tests for same.
Change: 31a1c9aeab4120e626af130d73b0f1a58a77d46e
Author: Jon Portnoy <avenj@cobaltirc.org>
Date : 2013-06-07 13:03:16 +0000
Add IRCv3.2 message tag support, tests for same.
Update DEPENDS
Upstream changes:
6.83 Mon May 27 10:40:09 BST 2013
- NickServID: React on IRC Message 433 - Commit: ec7cd33736
- BotCommand: Support for overriding the Command Handler
- BotCommand: Added Support for a Help Modification Callback
- BotCommand: Adapted the Help Callback Options so it gets the Command and Arguments
- BotCommand: Added Support for Command Aliases
- BotCommand: Allowed No Arguments/Only Variable Arguments
- Implemented SSL Client Cert Support
6.82 Sat Mar 9 22:15:02 GMT 2013
- Add the Prefix to the "Syntax:" line of the command help
6.81 Fri Nov 23 15:53:11 GMT 2012
- Resolve hash randomisation issues with v5.17.6
6.80 Thu Sep 20 09:52:59 BST 2012
- Add missing prereq
6.79 Wed Sep 19 14:24:03 BST 2012
- Argument naming and argument count validation in Plugin::BotCommand
- [rt.cpan.org #79745] nick_long_form dies due to a race condition
* 2.3.0 to 2.3.1 upgrade:
What changed:
- Marked "TLS-Everywhere" as EXPERIMENTAL feature
- default EXPERIMENTAL to 'no'
- default SUPERSEDED to 'no'
- moved STANZA-ACK and MY-IP-ADDRESS XEPs and IQ-PRIVATE push
out of experimental status
* 2.2.17 to 2.3.0 upgrade:
What changed:
- Renamed non-standard UPGRADE file overwriting outdated NEWS file
- Semantic Versioning: http://semver.org/
- TLS Everywhere: https://github.com/stpeter/manifesto
- Required GSASL >=1.1
- jabberd should compile without warnings
- out-of-source builds should work
- pgsql: authreg password_type support
- pgsql: schema support
- ldapvcard: groupattr works even if no groupattr_regex defined
- ldapfull: checks for ldap group membership on login
- vCard: Assume tel phone is voice phone
- MySQL: default password hashing algorithm changed to SHA512
- out-conn-reuse s2s.xml option naming unified
- XML parse error will log buffer details
- CRAM-MD5 auth support
- router private key cachain and password support
- hashed passwords support in SQLite3 storage
KGB is a system that provides notifications on IRC for commits made to Git,
Subversion and CVS repositories. It uses two components: a server, which
runs the IRC bot, and a client, which is hooked into the repositories and
sends the notifications to the server.
Changes in 0.9.1:
* Config: Fix the workaround for LuaSec 0.4.x to apply the ssl 'ciphers'
option correctly
* Config: Ability to specify the ssl 'dhparam' option simply as a path to
a file, instead of a callback function
* Windows: Fix s2s issues
* Windows: Fix the ability to specify absolute paths to SSL certificates
in the config
* Build: Fix compilation issue on non-Linux systems that have glibc (such as
Debian GNU/kFreeBSD)
* API: Fix to our set library, that caused the :include() and :exclude()
methods to behave incorrectly
Changes in 0.9.0:
* IPv6 support for c2s, s2s and all other services (e.g. HTTP)
* Server-to-server authentication using certificates (SASL EXTERNAL)
* A new HTTP subsystem, supporting virtual hosts, and fully reloadable modules
* Client and server connections are now handled by modules: mod_c2s, mod_s2s
* mod_pubsub: Basic pubsub service (some features not yet implemented)
* prosodyctl about - show information about a Prosody installation
* prosodyctl cert - command to generate XMPP certificates and CSRs
* Many very nice enhancements to our module API
* MUC: Configurable per-room history length
* MUC: Plugins can now extend the room configuration form
See notes on upgrading from 0.8.x:
https://prosody.im/doc/release/0.9.0#upgrading
- Add support for maildir mail boxes, which must be selected at compile time
[not enabled in this package]
- Fixes to support socks5 again, at least on freebsd.
- Add support for +T by special request.
- Add $windowctl(GET <refnum> CHANNELS).
- Port $strtol() and $tobase() from epic5.
- Numerous crashes and problems fixed.
Full change log:
http://wayback.archive.org/web/20121103102353/http://epicsol.org/?page=changelog
"Some of FISG's behavior has changed slightly after version 0.3.8.
Few commandline options have been renamed and there is NO default
input format anymore, you will always have to specify one."
* ncommand.c - fix /names * to replace * with current channel.
* fix dcc - its not perfect, but it works (let me know if there are
* /topic * now does the expected thing. same for /untopic *
* fix "/names" to work when not in a channel
Bugs fixed since 2.1.12:
* Compilation: Detect correctly newer Darwin versions (EJAB-1594)
* Guide: ejabberd_service expects a shaper_rule, not a shaper
* MUC: Handle multiple < and > in mod_muc_log plaintext mode (EJAB-1640)
* MUC: Handle ~ control sequence in text of mod_muc_log (EJAB-1639)
* MUC: list_to_integer/2 only works in OTP R14 and newer
* Pubsub: access_createnode acl also applies to auto created nodes
* Web: Normalize HTTP path
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
WRKSRC is now handled automatically. Let options.mk include bsd.prefs.mk
instead of pulling it in again in Makefile. CONFIGURE_ARGS for hub and leaf
no longer exist. Removed from PKG_OPTIONS. Specifying hostname in
CONFIGURE_ARGS is also no longer available. Removed. ${IRCD_SHARE}/networks
files are no longer provided. Removing from post-install and PLIST. From
Changes:
- Fix compilation issue when disabling stacked extbans. https://bugs.gentoo.org/389949
- Fix compilation issues with bundled tre and ./curlinstall-ed curl caused by over-generic regexes. Reported by warg.
- Include CMDS=STARTTLS in ISUPPORT/numeric 005 to let clients discover STARTTLS support through VERSION, before or after registration (#4064).
- Added patch from nenotopia to use more modern LUSERS numerics (#3967).
- Fix small error in oper block documentation, reported by Stealth (#2318).
- Config parser failed to check for invalid set::ssl options, reported and patch by fbi (#4035).
- Tweak: send actual channel name and not user supplied channel in KICK, reported and patch by Stealth (#3298).
- Services coders: Added support for ESVID. Instead of a number you can
now store a string (of max NICKLEN size) as service stamp.
- Show account name in /WHOIS, for ESVID-capable services packages, patch from nenotopia (#3966).
- Added extended ban ~a:<account name> which matches users who are logged
in to services with that account name. This works only on services that
support ESVID. Patch from nenotopia (#3966).
- Updated extended ban documentation in help.conf and unreal32docs:
new bantype ~a, and some text about extended bans & invex (+I).
- compile fix for just-checked-in patches.
- extban ~a = also allowed for invex
- Throw up an error if a password in the configuration file is too long
(max 48 characters), reported by JasonTik, based on patch from
WolfSage (#3223).
- Enforce matching of unrealircd version and PACKAGE_VERSION macros (#4014).
- Make default service stamp 0 (zero) again, instead of '*' which was
introduced by ESVID changes a few days ago. This makes anope happy,
and also means nothing will change in a non-ESVID scenario.
- Fix misuse of stdarg.h macros when calling vsyslog() (#4065 by Jimini).
- Ditch vsyslog() as it's only a waste of CPU, inspired by #4065.
- Add CAP support. Currently implemented are: multi-prefix (NAMESX), and
userhost-in-names (UHNAMES). Patch from nenotopia (#4018, #4066)
- Fix issue with CAP & NOSPOOF. Patch from nenolod (#4077).
- Advertise 'tls' (STARTTLS) capability in CAP. Patch from nenolod (#4081).
- New user mode +I (IRCOp only) which hides idle times to other users,
suggested and patch supplied by Nath & binki (#3953).
- Added remove_oper_modes(), which works just like remove_oper_snomasks(),
- Get rid of networks/ directory, and all references to it. Suggested by
katsklaw and others (#4056).
- Added doc/example.es.conf, translated by Severus_Snape.
- Make the accept code check if the fd is within bounds instead of relying
on OpenFiles to be correct.
- Moved nospoof to config file, suggested by and patch from nenolod (#4078).
- Even when 'M' was listed in set::oper-only-stats you could still do a
'/STATS m'. Unlike other stats characters, case insensitivity was not
checked for this one. Reported by and patch from Apocalypse (#4086).
- Added patch from Adam for poll() support (#1245).
update my own fd check code for poll support
- Some more changes and fixes regarding poll patch:
- make c-ares use 100% poll. and make sure we never deal with negative fds.
- UnrealIRCd now supports poll() instead of select().
- Speed optimization: First, moved a large part of vsendto_prefix_one into
vmakebuf_local_withprefix. Then use this new function - which creates the
buffer-to-be-sent - at the top of functions like sendto_channel_butserv
and sendto_common_channels and send the prepared buffer in the loop that
comes after it. This means we only prepare the buffer once and then send
it many times, rather than both building and sending it XYZ times.
Benchmarking connect-join-quit of 10k clients:
100 users per channel: no noticeable speed improvement
1000 users per channel: 18% faster
10000 users in one channel: 50% faster
As you can see, unfortunately, for a typical irc network there isn't much
speed improvement. However, if you have a couple of 500+ user channels or
get attacked by clones then you may see some improvement in speed and/or lower
CPU usage.
- Call m_cap_Init() when m_cap is loaded through commands.so. Reported by nenolod.
- Fix for speed optimization a few lines up, was accidentally using ident
username (which might have been 'unknown') instead of effective username.
- Added support for SASL, patch from nenolod (#4079).
- Fix crash in AUTHENTICATE (SASL commit from an hour or so ago).
- Tweak SASL code to conform to current coding style.
- Split up PROTOCTL line, since with the addition of ESVID we exceeded
MAXPARA when using ZIP links.
- Poll I/O engine: get_client_by_pollfd() may return -1 when there's a race
condition. Don't abort, instead just skip those clients.
- Fix win32 installer: apparently it sometimes complained about not having
- the Visual C++ 2008 redistributable package installed when this was not true.
- Fix Windows build.
- Win32 compile fix (nenolod)
- Print out a warning when we can't write to a log file. When booting this
goes to the boot screen. When we are already booted it's sent to all
IRCOps with a limit of max. 1 message per 5 minutes.
- Refuse to boot when we can't write to any log file.
- Remove old no-stealth configuration directive from documentation,
reported by katsklaw, patch from warg (#4036).
- Added 'away-notify' client capability, which informs the client of any AWAY state changes of users on the same channel. Patch from nenolod (#4097).
- Add support for account-notify client capability (#4098). This capability
can be used to request passive notifications for accountname changes.
- If set::options::dont-resolve is enabled, then use only the IP information
from a WEBIRC message, reported by Ismat (#4103).
- Moved sendto_connectnotice, and thus the call to HOOKTYPE_LOCAL_CONNECT,
so it gets called after the broadcast of NICK to other servers.
- Fix bug caused by new I/O engine (both with and without USE_POLL):
queued data on the receive queue (eg: due to fake lag) was not processed
unless we got new data from the client.
- Add support for server-enforced mode locks (MLOCK).
This allows the IRCd to enforce MLOCKs that are set by services, which
eliminates clashes between users setting modes and services enforcing
it's mlock on channels. (#3055)
- complete the previous patch (MLOCK).. mostly just bringing it up to date & code-style
- Fixed another SASL crash bug. Always use HookAddEx, not HookAdd!
Crash occured after the first quit of a user after a REHASH.
- SASL now needs to be enabled explicitly by setting a set::sasl-server.
- Changed numeric 307 (RPL_WHOISREGNICK) to 'is identified for this nick',
- Win32 installer (SSL): Uncheck 'create certificate' checkbox when
server.cert.pem exists, and check it if the file doesn't exist.
- Win32 installer: Latest InnoSetup no longer supports Windows 95/98,
so update Minversion to make the .iss compile.
- Module coders: added HOOKTYPE_AWAY (sptr, away-reason).
- Add optional oper::require-modes setting to the oper block. (#4008 by katsklaw)
- Clarify that hiddenhost-prefix must be the same on linked servers for
bans to function properly (#4090, patch from warg, reported in #4043
by maxb).
- Add /SILENCE to HTML documentation (reported by Severus_Snape in
#4072, patch from warg).
- Show "Ping timeout: XYZ seconds" instead of just "Ping timeout".
- a bigger scratch buffer makes me sleep at night ;)
- Install server.*.pem files, patch from katsklaw (#3988).
- The ./Config script will now ask whether to generate an SSL
certificate when it does not exist (defaults to Yes), instead of
always generating one.
- Added missing Mod_Header to m_sasl.c
- Remove old reference to networks/ directory from Windows installer
- Disable sending of UHNAMES when HTM (High Traffic Mode) is ON,
- Disable sending of UHNAMES when HTM (High Traffic Mode) is ON,
- Add 'class' option to allow/deny channel so you can allow/deny
users based on their class. Patch from fspijkerman (#4125).
- Use poll() in the remote includes functions when USE_POLL is
defined (#4091).
- Fix bug where recursive includes would hang the IRCd, patch from
binki with some minor modifications, reported by warg (#3919).
- Upgraded to c-ares 1.9.1. Updated configure & other files.
- various win32 fixes:
- Disable USE_POLL on Windows, since it doesn't work with XP and has
no advantage anyway. Reported by nenolod (#4129).
- Various updates to makefile.win32 and .iss file, found during
building new versions of zlib, openssl, and curl.
- Added set::options::disable-cap, which can be used to disable the
new CAP support (#4104).
- Added auth method 'sslclientcertfp' which provides an alternative
method to authenticate users with SSL client certificates based
on SHA256 fingerprints. This can be used instead of the already
existing 'sslclientcert' so you don't have to use an external file.
One way to get the SHA256 fingerprint would be:
openssl x509 -in name-of-pem-file.pem -sha256 -noout -fingerprint
Suggested and patch supplied by Jobe (#4019).
- Added documentation on the new sslclientcertfp
- Moved documentation on authentication types to one place and refer
to it from each section (oper::password, vhost::password,
link::password-receive, etc).
- Windows: fix MOTD file always showing a date of 1/1/1970, reported
by maxarturo (#4102).
- Removed unreal32docs.es.html (outdated since 2006-12-22),
unreal32docs.gr.html (outdated since 2006-12-02), and
unreal32docs.nl.html (outdated since 2009-01-18, possibly 2007-07-12).
- Remove wircd.def, needs to be re-generated almost each build anyway..
- Use our own (v)snprintf if not available.
- Use a more robust method of learning the server origin for a SASL agent.
- Use a more robust method of learning the server origin for a SASL
agent. Fixes crash reported by Adam.
- Import unreal32docs Spanish translation by Karim Benzema.
- In the Mercurial repository the Changes file no longer exists (except
for a dummy file). You now need to run ./createchangelog to generate it.
Of course in official releases the Changes file will be present and
contain all details.
- From now on, the Changes file is based on the history of the Mercurial
repository. This means we no longer have to write text manually to the
Changes file. This simple change helps a lot in future development
because patches will no longer break when they are being ported from
one branch to another.
- Update ./createchangelog to make it only show changes on default branch.
- If you are running the IRCd as root and use IRC_USER/IRC_GROUP then we now
change ownership of the log file to that user/group so it can still write
after the setuid(). Reported by asmadeus (#4152).
- Fix duplicate user@host in away-notify and account-notify, reported by grawity (#4153).
- '/rehash -global' did often not rehash all servers. Reported by Cronus (#4143)
- allow channel: Permit multiple channel items in one block again, was broken by patch from #4125.
- Update the documentation about set::dns::nameserver to reflect reality (that the setting is only used if c-ares can?t read /etc/resolv.conf).
- Don't remove oper-modes such as +S from non-local clients.
- Pull in poll(2) stuff before any other ircd include files. (#4155)
- Windows: Fix strange linking bug. Outgoing connects from a Windows
IRCd caused a garbled SERVER protocol message, causing 'cannot find
server' errors and killing of users. Reported by Sunkat (#4183).
- Custom modules: move EXLIBS= so shared libraries are always linked.
Upstream did not provide NEWS. But, this is ~4 years of assorted
bugfixes and minor improvements. Most notably there is a fix that is
critical for stream startup in a timing-dependent case which seems to
hit reliably on netbsd-5/i386-xen, jabberd2.
Take MAINTAINERSHIP, as I appear to also be the upstream maintainer
now.
Use cmake for build
Version 0.4.1 (May 20, 2013)
- multiple layouts support
- nick prefix/suffix are now dynamic (and managed by core instead of irc plugin)
- unmask irc join if nick speaks some minutes after the join
- new option irc.look.display_join_message to disable some messages after joining a channel
- new option irc.look.pv_buffer to automatically merge private buffers
- add support of UHNAMES
- add DH-AES encryption method for SASL
- multiple irc servers allowed on same port for irc protocol in relay plugin
- add WebSocket server support (RFC 6455) in relay plugin (for irc and weechat protocols)
- send nicklist difference in relay plugin (weechat protocol)
- add control of autoload for scripts
- optimizations in aspell plugin
- many bugs fixed.
Version 0.4.0 (Jan 20, 2013)
- add option "diff" for command /set, display default values in output of /set
- add color support in prefix options
- add command /eval, use expression in conditions for bars
- connect by default with IPv6 to servers with fallback to IPv4
- add aspell suggestions
- add support of tags in irc messages and "server-time" capability
- add irc command /quiet
- add support of IPv6 in relay plugin
- add backlog for irc protocol in relay plugin
- display remote IP address for DCC chat/file in xfer plugin
- add git version in build
- many bugs fixed.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
Changes since 2.1.10:
* Core ejabberd
- Make terms serialization faster
- Reduce size of XML stream state
* Administration
- Add SCRAM and remove MD5 support to ejabberd commands auth verification
- Added command to list all the vhosts registered in an ejabberd node
- Added export2odbc command, copied from mod_admin_extra.erl
- Fix ejabberdctl number of arguments error report with R15
- Check node name is available before starting ejabberd (EJAB-1572)
- Fix ejabberd_xmlrpc commands authentication with SCRAM
- Fix mod_offline:store_offline_msg argument (EJAB-1581)
- Log IP address when auth attempt fails
- Make sure update_info returns atoms only (EJAB-1595)
- On shutdown, first stop listeners, then modules
* Encryption
- Detect OpenSSL version at runtime, not at compile time
- Fixed signedness issue in tls_drv GET_DESCRYPTED_INPUT (EJAB-1591)
- Enable DHE key exchange in TLS driver
- Enable ECDHE key exchange in TSL driver
- Disable old and unsecure ciphers in TLS driver
- Disable SSL 2.0 in TLS driver
* HTTP-Bind
- Do not trigger item-not-found errors in mod_http_bind
- Repeated http-bind request should abort only requests with same rid
- Receiving missing request shouldn't close waiting out-ouf-order request
* XMPP
- Allow multiple fqdn values in configuration (EJAB-1578)
- Fix get_subscription_lists/4
- Fix account registration
- Send announce Message stanzas as Headline type instead of Normal
* Other
- Guide: Fix file name of Name Service Switch
- Guide: Document the db_type modules option (EJAB-1560)
- LDAP: Fix broken JPEG photo (EJAB-1526)
- LDAP: Fix compatibility with Erlang R16A (EJAB-1612)
- MUC: Fix angle brackets handle in plaintext log (EJAB-1610)
- MUC: Fix MUC start when Mnesia tables don't exist yet
- MUC: New mod_muc_log option file_permissions (EJAB-1588)
- ODBC: Merge SQL and Mnesia code into one module (EJAB-1560)
- Translation: New Hebrew
- Translation: Update Slovak
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
(This will close PR pkg/43970).
Version 5.0.0 2008-05-30
Version 6.0.0 2009-05-30
Version 7.0.0 2010-05-29
Version 7.0.1 2010-10-14 (PR pkg/43970)
Version 7.0.2 2010-12-10
Version 7.0.3 2010-12-24
Version 8.0.0 2011-05-29
Version 9.0.0 2012-05-29
---------
* Major changes in 9.0.0
** New command to re-order channels is added (ueno)
See the doc string of riece-command-reorder-channels.
** Complete multiple channels when joining (ueno)
* Major changes in 8.0.0
** Extend URL regexp used in riece-url (ueno)
** Use lexical binding everywhere (ueno)
** Update doc/ptexinfmt.el (kaoru)
* Major changes in 7.0.3
** Fix freeze behavior when the cursor is on a channel buffer (ueno)
riece-shrink-buffer had a bug which moves the cursor to the top or
bottom of buffer even when the buffer is frozen.
** Fix out-of-tree build (kaoru, ueno)
There were some code not passing srcdir correctly.
** Remove old-style backquotes for Emacs 24 (ueno)
* Major changes in 7.0.2
** Fix bug of reading IRC logs (ueno)
If coding-system was not specified when writing log to file, Riece
added extra ".nil" to the filename. That causes erronous behavior
on reading the logs back.
** Fix control sequence parsing (ueno)
* Major changes in 7.0.1
** Fix compilation error on Emacs 24. (ueno)
Emacs 24 does not have make-local-hook.
** Suppress byte-compile warnings. (kaoru)
Suppress "`save-excursion' defeated by `set-buffer'".
** Support "make distcheck". (ueno)
* Major changes in 7.0.0
** Mailing list address changed to riece-discuss@nongnu.org.
** Fix build for XEmacs 21.5. (ueno)
** Fix coloring riece-channel-list-indicator on mode-line. (ueno)
* Major changes in 6.1.0
** Revert to use setq instead of Custom for saved settings. (ueno)
** Add-on management commands can now be usable from the Command buffer. (kaoru)
* Major changes in 6.0.0
** New add-on riece-desktop-notify. (bg66)
** Fix Custom-based setting mechanism.
---------
COMMENT should not be longer than 70 characters.
COMMENT should not begin with 'A'.
COMMENT should not begin with 'An'.
COMMENT should not begin with 'a'.
COMMENT should not end with a period.
COMMENT should start with a capital letter.
pkglint warnings. Some files also got minor formatting, spelling, and style
corrections.
version 2.10.7 (02/13/2013):
Alien hatchery:
* No changes
General:
* The configure script will now exit with status 1 when specifying
invalid protocol plugins using the --with-static-prpls and
--with-dynamic-prpls arguments. (Michael Fiedler) (#15316)
libpurple:
* Fix a crash when receiving UPnP responses with abnormally long values.
(CVE-2013-0274)
* Don't link directly to libgcrypt when building with GnuTLS support.
(Bartosz Brachaczek) (#15329)
* Fix UPnP mappings on routers that return empty <URLBase/> elements
in their response. (Ferdinand Stehle) (#15373)
* Tcl plugin uses saner, race-free plugin loading.
* Fix the Tcl signals-test plugin for savedstatus-changed.
(Andrew Shadura) (#15443)
Pidgin:
* Make Pidgin more friendly to non-X11 GTK+, such as MacPorts' +no_x11
variant.
Gadu-Gadu:
* Fix a crash at startup with large contact list. Avatar support for
buddies will be disabled until 3.0.0. (#15226, #14305)
IRC:
* Support for SASL authentication. (Thijs Alkemade, Andy Spencer)
(#13270)
* Print topic setter information at channel join. (#13317)
MSN:
* Fix SSL certificate issue when signing into MSN for some users.
* Fix a crash when removing a user before its icon is loaded. (Mark
Barfield) (#15217)
MXit:
* Fix a bug where a remote MXit user could possibly specify a local
file path to be written to. (CVE-2013-0271)
* Fix a bug where the MXit server or a man-in-the-middle could
potentially send specially crafted data that could overflow a buffer
and lead to a crash or remote code execution. (CVE-2013-0272)
* Display farewell messages in a different colour to distinguish
them from normal messages.
* Add support for typing notification.
* Add support for the Relationship Status profile attribute.
* Remove all reference to Hidden Number.
* Ignore new invites to join a GroupChat if you're already joined, or
still have a pending invite.
* The buddy's name was not centered vertically in the buddy-list if they
did not have a status-message or mood set.
* Fix decoding of font-size changes in the markup of received messages.
* Increase the maximum file size that can be transferred to 1 MB.
* When setting an avatar image, no longer downscale it to 96x96.
Sametime:
* Fix a crash in Sametime when a malicious server sends us an abnormally
long user ID. (CVE-2013-0273)
Yahoo!:
* Fix a double-free in profile/picture loading code. (Mihai Serban)
(#15053)
* Fix retrieving server-side buddy aliases. (Catalin Salgu) (#15381)
Plugins:
* The Voice/Video Settings plugin supports using the sndio GStreamer
backends. (Brad Smith) (#14414)
* Fix a crash in the Contact Availability Detection plugin. (Mark)
(#15327)
* Make the Message Notification plugin more friendly to non-X11 GTK+,
such as MacPorts' +no_x11 variant.
Version 3.2 (released 2013-01-06) hilights:
Updated Twitter module. Support for Twitter API 1.1, streaming API, direct
messages and some other improvements.
Fixed potential connection issue to Google Talk, OpenFire, possibly other
Jabber services.
A bunch of other things.
Version 3.0.6 (released 2012-10-14) hilights:
Updated MSN module, now speaking the MSNP18 protocol. This adds support for
MPOP and also fixes sending off-line messages.
Loads of bugfixes, etc. accumulated over the last half a year.
* handle building with NetBSD 6's 64bit time_t on a 32 bit platform
* reorder src/utf8/checked.h to define the append() function
before using it later on in the same file.
Also updated the MASTER_SITES to reference the new download site.
prior will be migrated to the new format when you run 0.15 for the
first time.
Changes:
- Merge many changes from Psi+.
- New message history browser.
- New, fast contact list window.
- TURN proxying for voice calls.
- Store data in more standardized locations based on the platform.
- No longer dependent on the Qt3Support library.
- Domains ending in .local now always work, whether via DNS server or mdns.
- Windows 64-bit and Mac 64-bit now supported. Mac PPC deprecated.
- Legacy SSL port probe feature removed.
- Various small features and bugfixes.
Since 0.14, this version contains about two years worth of merges
from the Psi+ project. Thanks to Rion and Dealer_WeARE for diligently
keeping the Psi source repo current all this time.
Changes:
Security:
- CVE-2012-5854: Fix buffer overflow when decoding IRC colors in strings
- CVE-2012-5534: Fix untrusted command for function hook_process could lead to
execution of commands, because of shell expansions
Among the new features:
- add plugin "script" (replacement of weeget.py and script.pl)
- add support of SSL in relay plugin
- add color for offline nicks
- add system resource limits for WeeChat process
- add zoom on merged buffer (default key: alt+"x")
- add "Day changed to" in logger backlog
- add command line option "-r" (or "--run-command") to run command(s) after startup of WeeChat
- add option "swap" for command /buffer
- generate alternate IRC nicks dynamically (when all nicks are already in use)
- fix rejoin of password protected IRC channels
- fix freeze in irc and relay plugins with sockets
- fix color of long lines (displayed on more than one line on screen) under FreeBSD
- allow update for some variables of hdata
- add japanese user's guide, scripting guide and tester's guide
- many bugs fixed.
in gcc 4.1.3 (NetBSD 5.*) aka, -pedantic causes build
failures when including gnutls on older versions of gcc.
Should clear up the build issues on NetBSD 5.x
