From: "Amadeusz Piotr Żołnowski" <aidecoe@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-im/gajim/files/, net-im/gajim/
Date: Mon, 29 May 2017 16:24:34 +0000 (UTC) [thread overview]
Message-ID: <1496075070.24bd054fa98b2a95f355ab3471470bbb000c488a.aidecoe@gentoo> (raw)
commit: 24bd054fa98b2a95f355ab3471470bbb000c488a
Author: Amadeusz Żołnowski <aidecoe <AT> gentoo <DOT> org>
AuthorDate: Mon May 29 16:24:07 2017 +0000
Commit: Amadeusz Piotr Żołnowski <aidecoe <AT> gentoo <DOT> org>
CommitDate: Mon May 29 16:24:30 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24bd054f
net-im/gajim: Fix CVE-2016-10376
Gentoo-Bug: 620146
Package-Manager: Portage-2.3.5, Repoman-2.3.2
...01-Add-config-option-to-activate-XEP-0146.patch | 45 ++++++++
net-im/gajim/gajim-0.16.6-r1.ebuild | 125 +++++++++++++++++++++
2 files changed, 170 insertions(+)
diff --git a/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch b/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch
new file mode 100644
index 00000000000..046c72c0ca2
--- /dev/null
+++ b/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch
@@ -0,0 +1,45 @@
+From 285392b27db7cb01b0566b4bda3920e6559b75e4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philipp=20H=C3=B6rist?= <forenjunkie@chello.at>
+Date: Fri, 26 May 2017 23:10:05 +0200
+Subject: [PATCH] Add config option to activate XEP-0146 commands
+
+Some of the Commands have security implications, thats why we disable them per default
+Fixes #8378
+---
+ src/common/commands.py | 7 ++++---
+ src/common/config.py | 1 +
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/src/common/commands.py b/src/common/commands.py
+index 40d700710..46d6947f8 100644
+--- a/src/common/commands.py
++++ b/src/common/commands.py
+@@ -345,9 +345,10 @@ class ConnectionCommands:
+ def __init__(self):
+ # a list of all commands exposed: node -> command class
+ self.__commands = {}
+- for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
+- LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
+- self.__commands[cmdobj.commandnode] = cmdobj
++ if gajim.config.get('remote_commands'):
++ for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
++ LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
++ self.__commands[cmdobj.commandnode] = cmdobj
+
+ # a list of sessions; keys are tuples (jid, sessionid, node)
+ self.__sessions = {}
+diff --git a/src/common/config.py b/src/common/config.py
+index 3884d9e1d..7c1313fc4 100644
+--- a/src/common/config.py
++++ b/src/common/config.py
+@@ -313,6 +313,7 @@ class Config:
+ 'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim will ignore incoming attention requestd ("wizz").')],
+ 'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, Gajim will reopen chat windows that were opened last time Gajim was closed.')],
+ 'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will show an icon to show that sent message has been received by your contact')],
++ 'remote_commands': [opt_bool, False, _('If True, Gajim will execute XEP-0146 Commands.')],
+ }, {})
+
+ __options_per_key = {
+--
+2.12.2
+
diff --git a/net-im/gajim/gajim-0.16.6-r1.ebuild b/net-im/gajim/gajim-0.16.6-r1.ebuild
new file mode 100644
index 00000000000..7fc7796b975
--- /dev/null
+++ b/net-im/gajim/gajim-0.16.6-r1.ebuild
@@ -0,0 +1,125 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+PYTHON_COMPAT=( python2_7 )
+PYTHON_REQ_USE="sqlite,xml"
+
+AUTOTOOLS_AUTORECONF=true
+
+inherit autotools-utils python-r1 versionator
+
+MY_PV=${PV/_/-}
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="Jabber client written in PyGTK"
+HOMEPAGE="http://www.gajim.org/"
+SRC_URI="
+ http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${MY_P}.tar.bz2"
+# test? ( https://dev.gentoo.org/~jlec/distfiles/${PN}-tests-${PV}.tar.xz )"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86 ~x86-fbsd"
+IUSE="crypt dbus gnome gnome-keyring kde idle jingle libnotify networkmanager nls spell +srv test X xhtml zeroconf"
+
+REQUIRED_USE="
+ ${PYTHON_REQUIRED_USE}
+ libnotify? ( dbus )
+ gnome? ( gnome-keyring )
+ zeroconf? ( dbus )"
+
+COMMON_DEPEND="
+ ${PYTHON_DEPS}
+ dev-python/pygtk:2[${PYTHON_USEDEP}]
+ x11-libs/gtk+:2"
+DEPEND="${COMMON_DEPEND}
+ >=dev-util/intltool-0.40.1
+ virtual/pkgconfig
+ >=sys-devel/gettext-0.17-r1"
+RDEPEND="${COMMON_DEPEND}
+ dev-python/pyasn1[${PYTHON_USEDEP}]
+ >=dev-python/pyopenssl-0.14[${PYTHON_USEDEP}]
+ >=dev-python/python-nbxmpp-0.5.3[${PYTHON_USEDEP}]
+ crypt? (
+ app-crypt/gnupg
+ dev-python/pycrypto[${PYTHON_USEDEP}]
+ )
+ dbus? (
+ dev-python/dbus-python[${PYTHON_USEDEP}]
+ dev-libs/dbus-glib
+ libnotify? ( dev-python/notify-python[${PYTHON_USEDEP}] )
+ zeroconf? ( net-dns/avahi[dbus,gtk,python,${PYTHON_USEDEP}] )
+ )
+ gnome? (
+ dev-python/libgnome-python[${PYTHON_USEDEP}]
+ dev-python/egg-python[${PYTHON_USEDEP}]
+ )
+ gnome-keyring? ( dev-python/gnome-keyring-python[${PYTHON_USEDEP}] )
+ idle? ( x11-libs/libXScrnSaver )
+ jingle? ( net-libs/farstream:0.1[python,${PYTHON_USEDEP}] )
+ kde? ( kde-apps/kwalletmanager )
+ networkmanager? (
+ dev-python/dbus-python[${PYTHON_USEDEP}]
+ net-misc/networkmanager
+ )
+ spell? ( app-text/gtkspell:2 )
+ srv? (
+ || (
+ dev-python/libasyncns-python[${PYTHON_USEDEP}]
+ net-dns/bind-tools
+ )
+ )
+ xhtml? ( dev-python/docutils[${PYTHON_USEDEP}] )"
+
+RESTRICT="test"
+
+PATCHES=(
+ "${FILESDIR}/${PV}-0001-Add-config-option-to-activate-XEP-0146.patch" )
+
+S="${WORKDIR}"/${MY_P}
+
+src_prepare() {
+ autotools-utils_src_prepare
+ python_copy_sources
+}
+
+src_configure() {
+ configuration() {
+ local myeconfargs=(
+ $(use_enable nls)
+ $(use_with X x)
+ --docdir="/usr/share/doc/${PF}"
+ --libdir="$(python_get_sitedir)"
+ --enable-site-packages
+ )
+ run_in_build_dir autotools-utils_src_configure
+ }
+ python_foreach_impl configuration
+}
+
+src_compile() {
+ compilation() {
+ run_in_build_dir autotools-utils_src_compile
+ }
+ python_foreach_impl compilation
+}
+
+src_test() {
+ testing() {
+ run_in_build_dir ${PYTHON} test/runtests.py --verbose 3 || die
+ }
+ python_foreach_impl testing
+}
+
+src_install() {
+ installation() {
+ run_in_build_dir autotools-utils_src_install
+ python_optimize
+ }
+ python_foreach_impl installation
+
+ rm "${ED}/usr/share/doc/${PF}/README.html" || die
+ dohtml README.html
+}
next reply other threads:[~2017-05-29 16:24 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-29 16:24 Amadeusz Piotr Żołnowski [this message]
-- strict thread matches above, loose matches on Subject: below --
2019-04-14 15:42 [gentoo-commits] repo/gentoo:master commit in: net-im/gajim/files/, net-im/gajim/ Amadeusz Piotr Żołnowski
2019-03-24 22:10 Amadeusz Piotr Żołnowski
2017-01-17 15:17 Amadeusz Piotr Żołnowski
2016-11-11 22:19 Amadeusz Piotr Żołnowski
2016-01-20 15:36 Justin Lecher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1496075070.24bd054fa98b2a95f355ab3471470bbb000c488a.aidecoe@gentoo \
--to=aidecoe@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox