# HG changeset patch
# User John Bailey <rekkanoryo@rekkanoryo.org>
# Date 1299809025 0
# Node ID f9cd24db04ddf030a0dcca9159c9dd19f2c5dd10
# Parent  d88f3153170bfc13bfa285dba8538752cc1544c6
ChangeLog the security fix and credit Marius.  Although he didn't directly
provide a patch, his suggestions and review were helpful in deriving the final
fix for the problem.

diff -r d88f3153170b -r f9cd24db04dd COPYRIGHT
--- a/COPYRIGHT	Fri Mar 11 02:00:15 2011 +0000
+++ b/COPYRIGHT	Fri Mar 11 02:03:45 2011 +0000
@@ -553,6 +553,7 @@
 Jorge Villaseñor (Masca)
 Bjoern Voigt
 Peter Volkov
+Marius Wachtler
 Wan Hing Wah
 Philip Walford
 Nathan Walp
diff -r d88f3153170b -r f9cd24db04dd ChangeLog
--- a/ChangeLog	Fri Mar 11 02:00:15 2011 +0000
+++ b/ChangeLog	Fri Mar 11 02:03:45 2011 +0000
@@ -37,6 +37,11 @@
 	  room (not currently supported by Pidgin and Finch).  (Thijs Alkemade)
 	  (#10986, #a14219)
 
+	Yahoo!/Yahoo! JAPAN:
+	* Fix CVE-2011-1091, denials of service caused by NULL pointer
+	  dereferences due to improper handling of malformed YMSG packets.  Thanks
+	  to Marius Wachtler for reporting this and reviewing the fix!
+
 version 2.7.10 (02/06/2011):
 	General:
 	* Force video sources to all have the same capabilities.  This reduces the