diff options
| author |   Justin Lecher <jlec@gentoo.org> | 2013-02-23 10:32:18 +0000 |
|---|---|---|
| committer | Justin Lecher <jlec@gentoo.org> | 2013-02-23 10:32:18 +0000 |
| commit | c3ee7d7e04b7bd62658e7b63318a19f02826a94d (patch) | |
| tree | beefb8946853b37ec352d97d630df77c0036d190 /net-im/gajim | |
| parent | Stable for arm, wrt bug #458188 (diff) | |
| download | gentoo-2-c3ee7d7e04b7bd62658e7b63318a19f02826a94d.tar.gz gentoo-2-c3ee7d7e04b7bd62658e7b63318a19f02826a94d.tar.bz2 gentoo-2-c3ee7d7e04b7bd62658e7b63318a19f02826a94d.zip | |
net-im/gajim: Drop parts of upstream which should fix CVE-2012-5524 but added more code which is incompatible with current implementation
(Portage version: 2.2.0_alpha163/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key 8009D6F070EB7916)
Diffstat (limited to 'net-im/gajim')
| -rw-r--r-- | net-im/gajim/ChangeLog | 10 | ||||
| -rw-r--r-- | net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch | 31 | ||||
| -rw-r--r-- | net-im/gajim/gajim-0.15.2-r2.ebuild | 102 | ||||
| -rw-r--r-- | net-im/gajim/gajim-0.15.2-r3.ebuild | 95 | ||||
| -rw-r--r-- | net-im/gajim/gajim-0.15.2-r4.ebuild | 119 |
5 files changed, 168 insertions, 189 deletions
diff --git a/net-im/gajim/ChangeLog b/net-im/gajim/ChangeLog index 40c0dfb15601..5e8af4f702a3 100644 --- a/net-im/gajim/ChangeLog +++ b/net-im/gajim/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-im/gajim # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/ChangeLog,v 1.171 2013/02/20 14:29:15 jlec Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/ChangeLog,v 1.172 2013/02/23 10:32:18 jlec Exp $ + +*gajim-0.15.2-r4 (23 Feb 2013) + + 23 Feb 2013; Justin Lecher <jlec@gentoo.org> -gajim-0.15.2-r2.ebuild, + gajim-0.15.2-r3.ebuild, +gajim-0.15.2-r4.ebuild, + files/gajim-0.15.2-CVE-2012-5524.patch: + Drop parts of upstream which should fix CVE-2012-5524 but added more code + which is incompatible with current implementation 20 Feb 2013; Justin Lecher <jlec@gentoo.org> -gajim-0.15.1.ebuild: Drop vulnerable versions for CVE-2012-5524, #442860 diff --git a/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch b/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch index 5249ce80da54..b0b8882bdc32 100644 --- a/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch +++ b/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch @@ -5,7 +5,7 @@ diff --git a/src/common/connection.py b/src/common/connection.py index 8240652..6d3037a 100644 --- a/src/common/connection.py +++ b/src/common/connection.py -@@ -1309,36 +1309,42 @@ class Connection(CommonConnection, ConnectionHandlers): +@@ -1309,25 +1309,28 @@ class Connection(CommonConnection, ConnectionHandlers): hostname = gajim.config.get_per('accounts', self.name, 'hostname') self.connection = con try: @@ -50,32 +50,3 @@ index 8240652..6d3037a 100644 'ssl_fingerprint_sha1') if saved_fingerprint: # Check sha1 fingerprint -- if con.Connection.ssl_fingerprint_sha1 != saved_fingerprint: -+ if con.Connection.ssl_fingerprint_sha1[-1] != saved_fingerprint: - gajim.nec.push_incoming_event(FingerprintErrorEvent(None, -- conn=self, certificate=con.Connection.ssl_certificate, -- new_fingerprint=con.Connection.ssl_fingerprint_sha1)) -+ conn=self, -+ certificate=con.Connection.ssl_certificate, -+ new_fingerprint=con.Connection.ssl_fingerprint_sha1[ -+ -1])) - return True - else: - gajim.config.set_per('accounts', self.name, -- 'ssl_fingerprint_sha1', con.Connection.ssl_fingerprint_sha1) -+ 'ssl_fingerprint_sha1', -+ con.Connection.ssl_fingerprint_sha1[-1]) - if not check_X509.check_certificate(con.Connection.ssl_certificate, - hostname) and '100' not in gajim.config.get_per('accounts', - self.name, 'ignore_ssl_errors').split(): -@@ -1347,8 +1353,8 @@ class Connection(CommonConnection, ConnectionHandlers): - hostname - gajim.nec.push_incoming_event(SSLErrorEvent(None, conn=self, - error_text=txt, error_num=100, -- cert=con.Connection.ssl_cert_pem, -- fingerprint=con.Connection.ssl_fingerprint_sha1, -+ cert=con.Connection.ssl_cert_pem[-1], -+ fingerprint=con.Connection.ssl_fingerprint_sha1[-1], - certificate=con.Connection.ssl_certificate)) - return True - diff --git a/net-im/gajim/gajim-0.15.2-r2.ebuild b/net-im/gajim/gajim-0.15.2-r2.ebuild deleted file mode 100644 index 35c40b23385a..000000000000 --- a/net-im/gajim/gajim-0.15.2-r2.ebuild +++ /dev/null @@ -1,102 +0,0 @@ -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/gajim-0.15.2-r2.ebuild,v 1.8 2013/02/20 14:12:32 ago Exp $ - -EAPI=4 - -PYTHON_DEPEND="2" -PYTHON_USE_WITH="sqlite xml" - -inherit autotools eutils python versionator - -DESCRIPTION="Jabber client written in PyGTK" -HOMEPAGE="http://www.gajim.org/" -SRC_URI="http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${P}.tar.bz2" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="alpha amd64 ~arm ~hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" -IUSE="avahi crypt dbus gnome kde idle jingle libnotify networkmanager nls spell +srv X xhtml" - -REQUIRED_USE=" - libnotify? ( dbus ) - avahi? ( dbus )" - -COMMON_DEPEND=" - dev-python/pygtk:2 - x11-libs/gtk+:2" -DEPEND="${COMMON_DEPEND} - >=dev-util/intltool-0.40.1 - virtual/pkgconfig - >=sys-devel/gettext-0.17-r1" -RDEPEND="${COMMON_DEPEND} - dev-python/pyasn1 - dev-python/pyopenssl - crypt? ( - app-crypt/gnupg - dev-python/pycrypto - ) - dbus? ( - dev-python/dbus-python - dev-libs/dbus-glib - libnotify? ( dev-python/notify-python ) - avahi? ( net-dns/avahi[dbus,gtk,python] ) - ) - gnome? ( - dev-python/libgnome-python - dev-python/gnome-keyring-python - dev-python/egg-python - ) - idle? ( x11-libs/libXScrnSaver ) - jingle? ( net-libs/farstream:0.1[python] ) - kde? ( kde-base/kwallet ) - networkmanager? ( - dev-python/dbus-python - net-misc/networkmanager - ) - spell? ( app-text/gtkspell:2 ) - srv? ( - || ( - dev-python/libasyncns-python - net-dns/bind-tools ) - ) - xhtml? ( dev-python/docutils )" - -pkg_setup() { - python_set_active_version 2 - python_pkg_setup -} - -src_prepare() { - echo "src/command_system/mapping.py" >> po/POTFILES.in - epatch \ - "${FILESDIR}"/0.14-python-version.patch \ - "${FILESDIR}"/0.14.1-testing.patch \ - "${FILESDIR}"/${P}-CVE-2012-5524.patch - echo '#!/bin/sh' > config/py-compile - eautoreconf -} - -src_configure() { - econf \ - $(use_enable nls) \ - $(use_with X x) \ - --docdir="/usr/share/doc/${PF}" \ - --libdir="$(python_get_sitedir)" \ - --enable-site-packages -} - -src_install() { - default - - rm "${D}/usr/share/doc/${PF}/README.html" || die - dohtml README.html -} - -pkg_postinst() { - python_mod_optimize ${PN} -} - -pkg_postrm() { - python_mod_cleanup ${PN} -} diff --git a/net-im/gajim/gajim-0.15.2-r3.ebuild b/net-im/gajim/gajim-0.15.2-r3.ebuild index ccf46663b477..a8a47c81e39c 100644 --- a/net-im/gajim/gajim-0.15.2-r3.ebuild +++ b/net-im/gajim/gajim-0.15.2-r3.ebuild @@ -1,49 +1,45 @@ # Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/gajim-0.15.2-r3.ebuild,v 1.1 2013/02/20 10:46:25 jlec Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/gajim-0.15.2-r3.ebuild,v 1.2 2013/02/23 10:32:18 jlec Exp $ -EAPI=5 +EAPI=4 -PYTHON_COMPAT=( python{2_6,2_7} ) -PYTHON_REQ_USE="sqlite xml" +PYTHON_DEPEND="2" +PYTHON_USE_WITH="sqlite xml" -AUTOTOOLS_AUTORECONF=true - -inherit autotools-utils python-r1 versionator +inherit autotools eutils python versionator DESCRIPTION="Jabber client written in PyGTK" HOMEPAGE="http://www.gajim.org/" -SRC_URI=" - http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${P}.tar.bz2 - test? ( http://dev.gentoo.org/~jlec/distfiles/${PN}-tests-${PV}.tar.xz )" +SRC_URI="http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${P}.tar.bz2" LICENSE="GPL-3" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" -IUSE="avahi crypt dbus gnome kde idle jingle libnotify networkmanager nls spell +srv test X xhtml" +KEYWORDS="alpha amd64 ~arm ~hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="avahi crypt dbus gnome kde idle jingle libnotify networkmanager nls spell +srv X xhtml" REQUIRED_USE=" libnotify? ( dbus ) avahi? ( dbus )" COMMON_DEPEND=" - dev-python/pygtk:2[${PYTHON_USEDEP}] + dev-python/pygtk:2 x11-libs/gtk+:2" DEPEND="${COMMON_DEPEND} >=dev-util/intltool-0.40.1 virtual/pkgconfig >=sys-devel/gettext-0.17-r1" RDEPEND="${COMMON_DEPEND} - dev-python/pyasn1[${PYTHON_USEDEP}] - dev-python/pyopenssl[${PYTHON_USEDEP}] + dev-python/pyasn1 + dev-python/pyopenssl crypt? ( app-crypt/gnupg - dev-python/pycrypto[${PYTHON_USEDEP}] + dev-python/pycrypto ) dbus? ( - dev-python/dbus-python[${PYTHON_USEDEP}] + dev-python/dbus-python dev-libs/dbus-glib - libnotify? ( dev-python/notify-python[${PYTHON_USEDEP}] ) + libnotify? ( dev-python/notify-python ) avahi? ( net-dns/avahi[dbus,gtk,python] ) ) gnome? ( @@ -55,7 +51,7 @@ RDEPEND="${COMMON_DEPEND} jingle? ( net-libs/farstream:0.1[python] ) kde? ( kde-base/kwallet ) networkmanager? ( - dev-python/dbus-python[${PYTHON_USEDEP}] + dev-python/dbus-python net-misc/networkmanager ) spell? ( app-text/gtkspell:2 ) @@ -66,54 +62,41 @@ RDEPEND="${COMMON_DEPEND} ) xhtml? ( dev-python/docutils )" -RESTRICT="test" - -PATCHES=( - "${FILESDIR}"/${P}-CVE-2012-5524.patch - ) +pkg_setup() { + python_set_active_version 2 + python_pkg_setup +} src_prepare() { echo "src/command_system/mapping.py" >> po/POTFILES.in + epatch \ + "${FILESDIR}"/0.14-python-version.patch \ + "${FILESDIR}"/0.14.1-testing.patch \ + "${FILESDIR}"/${P}-CVE-2012-5524.patch echo '#!/bin/sh' > config/py-compile - autotools-utils_src_prepare - python_copy_sources + eautoreconf } src_configure() { - configuration() { - local myeconfargs=( - $(use_enable nls) - $(use_with X x) - --docdir="/usr/share/doc/${PF}" - --libdir="$(python_get_sitedir)" - --enable-site-packages - ) - run_in_build_dir autotools-utils_src_configure - } - python_foreach_impl configuration -} - -src_compile() { - compilation() { - run_in_build_dir autotools-utils_src_compile - } - python_foreach_impl compilation -} - -src_test() { - testing() { - run_in_build_dir ${PYTHON} test/runtests.py --verbose 3 || die - } - python_foreach_impl testing + econf \ + $(use_enable nls) \ + $(use_with X x) \ + --docdir="/usr/share/doc/${PF}" \ + --libdir="$(python_get_sitedir)" \ + --enable-site-packages } src_install() { - installation() { - run_in_build_dir autotools-utils_src_install - python_optimize "${ED}"/$(python_get_sitedir) - } - python_foreach_impl installation + default rm "${D}/usr/share/doc/${PF}/README.html" || die dohtml README.html } + +pkg_postinst() { + python_mod_optimize ${PN} +} + +pkg_postrm() { + python_mod_cleanup ${PN} +} diff --git a/net-im/gajim/gajim-0.15.2-r4.ebuild b/net-im/gajim/gajim-0.15.2-r4.ebuild new file mode 100644 index 000000000000..98a4b6d9db1d --- /dev/null +++ b/net-im/gajim/gajim-0.15.2-r4.ebuild @@ -0,0 +1,119 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-im/gajim/gajim-0.15.2-r4.ebuild,v 1.1 2013/02/23 10:32:18 jlec Exp $ + +EAPI=5 + +PYTHON_COMPAT=( python{2_6,2_7} ) +PYTHON_REQ_USE="sqlite xml" + +AUTOTOOLS_AUTORECONF=true + +inherit autotools-utils python-r1 versionator + +DESCRIPTION="Jabber client written in PyGTK" +HOMEPAGE="http://www.gajim.org/" +SRC_URI=" + http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${P}.tar.bz2 + test? ( http://dev.gentoo.org/~jlec/distfiles/${PN}-tests-${PV}.tar.xz )" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="avahi crypt dbus gnome kde idle jingle libnotify networkmanager nls spell +srv test X xhtml" + +REQUIRED_USE=" + libnotify? ( dbus ) + avahi? ( dbus )" + +COMMON_DEPEND=" + dev-python/pygtk:2[${PYTHON_USEDEP}] + x11-libs/gtk+:2" +DEPEND="${COMMON_DEPEND} + >=dev-util/intltool-0.40.1 + virtual/pkgconfig + >=sys-devel/gettext-0.17-r1" +RDEPEND="${COMMON_DEPEND} + dev-python/pyasn1[${PYTHON_USEDEP}] + dev-python/pyopenssl[${PYTHON_USEDEP}] + crypt? ( + app-crypt/gnupg + dev-python/pycrypto[${PYTHON_USEDEP}] + ) + dbus? ( + dev-python/dbus-python[${PYTHON_USEDEP}] + dev-libs/dbus-glib + libnotify? ( dev-python/notify-python[${PYTHON_USEDEP}] ) + avahi? ( net-dns/avahi[dbus,gtk,python] ) + ) + gnome? ( + dev-python/libgnome-python + dev-python/gnome-keyring-python + dev-python/egg-python + ) + idle? ( x11-libs/libXScrnSaver ) + jingle? ( net-libs/farstream:0.1[python] ) + kde? ( kde-base/kwallet ) + networkmanager? ( + dev-python/dbus-python[${PYTHON_USEDEP}] + net-misc/networkmanager + ) + spell? ( app-text/gtkspell:2 ) + srv? ( + || ( + dev-python/libasyncns-python + net-dns/bind-tools ) + ) + xhtml? ( dev-python/docutils )" + +RESTRICT="test" + +PATCHES=( + "${FILESDIR}"/${P}-CVE-2012-5524.patch + ) + +src_prepare() { + echo "src/command_system/mapping.py" >> po/POTFILES.in + echo '#!/bin/sh' > config/py-compile + autotools-utils_src_prepare + python_copy_sources +} + +src_configure() { + configuration() { + local myeconfargs=( + $(use_enable nls) + $(use_with X x) + --docdir="/usr/share/doc/${PF}" + --libdir="$(python_get_sitedir)" + --enable-site-packages + ) + run_in_build_dir autotools-utils_src_configure + } + python_foreach_impl configuration +} + +src_compile() { + compilation() { + run_in_build_dir autotools-utils_src_compile + } + python_foreach_impl compilation +} + +src_test() { + testing() { + run_in_build_dir ${PYTHON} test/runtests.py --verbose 3 || die + } + python_foreach_impl testing +} + +src_install() { + installation() { + run_in_build_dir autotools-utils_src_install + python_optimize "${ED}"/$(python_get_sitedir) + } + python_foreach_impl installation + + rm "${D}/usr/share/doc/${PF}/README.html" || die + dohtml README.html +} |