/pidgin/main: 4e2416683223: Add Tomasz's fixes to the ChangeLog....

[Mark Doliner]

Changeset: 4e24166832238171ab5cb67e4206a8a241a185c6
Author:	 Mark Doliner <mark at kingant.net>
Date:	 2014-01-11 23:00 -0800
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/4e2416683223

Description:

Add Tomasz's fixes to the ChangeLog. I'll hopefully remember to fill in the
CVE numbers before tagging.

diffstat:

 ChangeLog |  9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diffs (33 lines):

diff --git a/ChangeLog b/ChangeLog
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,6 +26,9 @@ version 2.10.8:
 	  session.
 
 	Gadu-Gadu:
+	* Fix buffer overflow with remote code execution potential. Only
+	  triggerable by a Gadu-Gadu server or a man-in-the-middle.
+	  (discovered by Yves Younan, Sourcefire VRT) (CVE-2014-NNNN)
 	* Disabled buddy list import/export from/to server (it didn't work
 	  anymore). Buddy list synchronization will be implemented in 3.0.0.
 
@@ -35,6 +38,8 @@ version 2.10.8:
 	  Cyrus SASL support. (#15517)
 
 	MXit:
+	* Fix buffer overflow with remote code execution potential.
+	  (discovered by Sourcefire VRT) (CVE-2014-NNNN)
 	* Fix sporadic crashes that can happen after user is disconnected.
 	* Fix crash when attempting to add a contact via search results.
 	* Show error message if file transfer fails.
@@ -44,6 +49,10 @@ version 2.10.8:
 	SILC:
 	* Correctly set whiteboard dimensions in whiteboard sessions.
 
+	SIMPLE:
+	* Fix buffer overflow with remote code execution potential.
+	  (discovered by Sourcefire VRT) (CVE-2014-NNNN)
+
 	XMPP:
 	* Fix possible crash or other erratic behavior when selecting a very
 	  small file for your own buddy icon.