* 2.10.12 was accidentally released with new additions to the API and should have been released as 2.11.0. Unfortunately, we did not catch the mistake until after 2.10.12 was released, but we're fixing it now.
* Include the Mozilla certificate bundle. This fixes connecting to servers with certificates from Let's Encrypt.
* Remove all 1024-bit CAs
* media: fix an issue with ximagesink displaying only a corner cut-out of a larger webcam video
* mediamanager: update output window destruction so that it reflects recent changes in the media pipeline structure
* Ported Instantbird's CommandUiOps to libpurple
* Fixed alignment of incoming right-to-left messages in protocols that don't support rich text
* Fix a potential crash while exiting pidgin
* Add support for the newer kerberos-based authentication of AIM 8.x
# Windows-Specific Changes:
* Use getaddrinfo for DNS to enable IPv6
* Updates to dependencies:
* NSS 3.24 and NSPR 4.12.
* Fixed building on Mac OSX
* Stop truncating passwords to 8 characters like old ICQ clients did. If you actually needed this, truncate your password manually by pressing backspace a few times.
* Base64-decode SASL messages before passing to libsasl
* Fixed a buffer overflow.
* Fixed a remote out-of-bounds read.
* Fixed a remote out-of-band read.
* Fixed an invalid read.
* Fixed a remote buffer overflow vulnerability.
* Fixed an out-of-bounds read
* Fixed a directory traversal issue.
* Fixed a remote denial of service vulnerability that could result in a null pointer dereference.
* Fixed a remote denial of service that could result in an out-of-bounds read.
* Fixed multiple remote buffer overflows.
* Fixed a remote NULL pointer dereference.
* Fixed a remote code execution issue discovered by Yves Younan of Cisco
* Fixed a remote denial of service vulnerability in contact mood
* Fixed a remote out-of-bounds write vulnerability.
* Fix a remote out-of-bounds read.