* [gentoo-commits] gentoo-x86 commit in gnome-base/gnome-keyring: gnome-keyring-2.32.1-r1.ebuild gnome-keyring-3.4.1-r1.ebuild ChangeLog gnome-keyring-3.2.2.ebuild gnome-keyring-3.4.1.ebuild gnome-keyring-2.32.1.ebuild
@ 2012-10-24 7:11 Alexandre Rostovtsev (tetromino)
0 siblings, 0 replies; only message in thread
From: Alexandre Rostovtsev (tetromino) @ 2012-10-24 7:11 UTC (permalink / raw
To: gentoo-commits
tetromino 12/10/24 07:11:50
Modified: gnome-keyring-2.32.1-r1.ebuild ChangeLog
gnome-keyring-3.2.2.ebuild
gnome-keyring-3.4.1.ebuild
gnome-keyring-2.32.1.ebuild
Added: gnome-keyring-3.4.1-r1.ebuild
Log:
Fix gpg passwords being cached for longer than the user requested (bug #430602, CVE-2012-3466, thanks to Jason A. Donenfeld and Pacho Ramos). Fix 2.32.1-r1's build failure with glib-2.32 and gold. Drop useless doc USE flag: in 2.x and 3.2.x, it only controlled document regeneration; in 3.4.x, it had no effect at all. Update license.
(Portage version: 2.2.0_alpha141/cvs/Linux x86_64, signed Manifest commit with key CF0ADD61)
Revision Changes Path
1.9 gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild?rev=1.9&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild?rev=1.9&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild?r1=1.8&r2=1.9
Index: gnome-keyring-2.32.1-r1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- gnome-keyring-2.32.1-r1.ebuild 21 May 2012 18:53:30 -0000 1.8
+++ gnome-keyring-2.32.1-r1.ebuild 24 Oct 2012 07:11:50 -0000 1.9
@@ -1,18 +1,18 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild,v 1.8 2012/05/21 18:53:30 tetromino Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1-r1.ebuild,v 1.9 2012/10/24 07:11:50 tetromino Exp $
EAPI="4"
GCONF_DEBUG="yes"
GNOME2_LA_PUNT="yes"
GNOME_TARBALL_SUFFIX="bz2"
-inherit eutils gnome2 multilib pam virtualx
+inherit autotools eutils gnome2 multilib pam virtualx
DESCRIPTION="Password and keyring managing daemon"
HOMEPAGE="http://live.gnome.org/GnomeKeyring"
-LICENSE="GPL-2 LGPL-2"
+LICENSE="GPL-2+ LGPL-2+"
SLOT="0"
KEYWORDS="alpha amd64 arm ia64 ~mips ppc ppc64 sh sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris"
IUSE="debug doc pam test"
@@ -27,19 +27,17 @@
>=dev-libs/libtasn1-1"
# valgrind? ( dev-util/valgrind )"
DEPEND="${RDEPEND}
- sys-devel/gettext
+ >=dev-util/gtk-doc-am-1.9
>=dev-util/intltool-0.35
- virtual/pkgconfig
- doc? ( >=dev-util/gtk-doc-1.9 )"
+ sys-devel/gettext
+ virtual/pkgconfig"
PDEPEND="gnome-base/libgnome-keyring"
-# eautoreconf needs:
-# >=dev-util/gtk-doc-am-1.9
# tests fail in several ways, they should be fixed in the next cycle (bug #340283),
# revisit then.
RESTRICT="test"
-pkg_setup() {
+src_prepare() {
DOCS="AUTHORS ChangeLog NEWS README"
G2CONF="${G2CONF}
$(use_enable debug)
@@ -52,9 +50,10 @@
--enable-gpg-agent
--with-gtk=2.0"
# $(use_enable valgrind)
-}
-src_prepare() {
+ epatch "${FILESDIR}/${P}-glib-2.32.patch"
+ eautoreconf
+
gnome2_src_prepare
# Remove silly CFLAGS
1.225 gnome-base/gnome-keyring/ChangeLog
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/ChangeLog?rev=1.225&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/ChangeLog?rev=1.225&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/ChangeLog?r1=1.224&r2=1.225
Index: ChangeLog
===================================================================
RCS file: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/ChangeLog,v
retrieving revision 1.224
retrieving revision 1.225
diff -u -r1.224 -r1.225
--- ChangeLog 21 May 2012 18:53:30 -0000 1.224
+++ ChangeLog 24 Oct 2012 07:11:50 -0000 1.225
@@ -1,6 +1,20 @@
# ChangeLog for gnome-base/gnome-keyring
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/ChangeLog,v 1.224 2012/05/21 18:53:30 tetromino Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/ChangeLog,v 1.225 2012/10/24 07:11:50 tetromino Exp $
+
+*gnome-keyring-3.4.1-r1 (24 Oct 2012)
+
+ 24 Oct 2012; Alexandre Rostovtsev <tetromino@gentoo.org>
+ gnome-keyring-2.32.1.ebuild, gnome-keyring-2.32.1-r1.ebuild,
+ +files/gnome-keyring-2.32.1-glib-2.32.patch, gnome-keyring-3.2.2.ebuild,
+ gnome-keyring-3.4.1.ebuild, +gnome-keyring-3.4.1-r1.ebuild,
+ +files/gnome-keyring-3.4.1-gpg-cache-method-1.patch,
+ +files/gnome-keyring-3.4.1-gpg-cache-method-2.patch:
+ Fix gpg passwords being cached for longer than the user requested (bug
+ #430602, CVE-2012-3466, thanks to Jason A. Donenfeld and Pacho Ramos). Fix
+ 2.32.1-r1's build failure with glib-2.32 and gold. Drop useless doc USE flag:
+ in 2.x and 3.2.x, it only controlled document regeneration; in 3.4.x, it had
+ no effect at all. Update license.
21 May 2012; Alexandre Rostovtsev <tetromino@gentoo.org>
gnome-keyring-2.32.1-r1.ebuild, gnome-keyring-3.2.2.ebuild:
1.10 gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild?rev=1.10&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild?rev=1.10&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild?r1=1.9&r2=1.10
Index: gnome-keyring-3.2.2.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- gnome-keyring-3.2.2.ebuild 21 May 2012 18:53:30 -0000 1.9
+++ gnome-keyring-3.2.2.ebuild 24 Oct 2012 07:11:50 -0000 1.10
@@ -1,6 +1,6 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild,v 1.9 2012/05/21 18:53:30 tetromino Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.2.2.ebuild,v 1.10 2012/10/24 07:11:50 tetromino Exp $
EAPI="4"
GCONF_DEBUG="no"
@@ -11,9 +11,9 @@
DESCRIPTION="Password and keyring managing daemon"
HOMEPAGE="http://www.gnome.org/"
-LICENSE="GPL-2 LGPL-2"
+LICENSE="GPL-2+ LGPL-2+"
SLOT="0"
-IUSE="+caps debug doc pam test"
+IUSE="+caps debug pam test"
KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris"
# USE=valgrind is probably not a good idea for the tree
@@ -29,14 +29,11 @@
"
# valgrind? ( dev-util/valgrind )
DEPEND="${RDEPEND}
- sys-devel/gettext
>=dev-util/gtk-doc-am-1.9
>=dev-util/intltool-0.35
- virtual/pkgconfig
- doc? ( >=dev-util/gtk-doc-1.9 )"
+ sys-devel/gettext
+ virtual/pkgconfig"
PDEPEND=">=gnome-base/libgnome-keyring-3.1.92"
-# eautoreconf needs:
-# >=dev-util/gtk-doc-am-1.9
# FIXME: tests are flaky and write to /tmp (instead of TMPDIR)
RESTRICT="test"
1.2 gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild?r1=1.1&r2=1.2
Index: gnome-keyring-3.4.1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- gnome-keyring-3.4.1.ebuild 13 May 2012 18:15:00 -0000 1.1
+++ gnome-keyring-3.4.1.ebuild 24 Oct 2012 07:11:50 -0000 1.2
@@ -1,6 +1,6 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild,v 1.1 2012/05/13 18:15:00 tetromino Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1.ebuild,v 1.2 2012/10/24 07:11:50 tetromino Exp $
EAPI="4"
GCONF_DEBUG="no"
@@ -13,7 +13,7 @@
LICENSE="GPL-2 LGPL-2"
SLOT="0"
-IUSE="+caps debug doc pam selinux"
+IUSE="+caps debug pam selinux"
KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris"
RDEPEND=">=app-crypt/gcr-3.3.4
@@ -27,13 +27,12 @@
"
DEPEND="${RDEPEND}
sys-devel/gettext
- >=dev-util/gtk-doc-am-1.9
>=dev-util/intltool-0.35
- virtual/pkgconfig
- doc? ( >=dev-util/gtk-doc-1.9 )"
+ virtual/pkgconfig"
PDEPEND=">=gnome-base/libgnome-keyring-3.1.92"
# eautoreconf needs:
# >=dev-util/gtk-doc-am-1.9
+# gtk-doc-am is not needed otherwise (no gtk-docs are installed)
# FIXME: tests are very flaky and write to /tmp (instead of TMPDIR)
RESTRICT="test"
1.16 gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild?rev=1.16&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild?rev=1.16&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild?r1=1.15&r2=1.16
Index: gnome-keyring-2.32.1.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- gnome-keyring-2.32.1.ebuild 5 May 2012 05:38:10 -0000 1.15
+++ gnome-keyring-2.32.1.ebuild 24 Oct 2012 07:11:50 -0000 1.16
@@ -1,6 +1,6 @@
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild,v 1.15 2012/05/05 05:38:10 jdhore Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-2.32.1.ebuild,v 1.16 2012/10/24 07:11:50 tetromino Exp $
EAPI="3"
GCONF_DEBUG="yes"
@@ -10,10 +10,10 @@
DESCRIPTION="Password and keyring managing daemon"
HOMEPAGE="http://www.gnome.org/"
-LICENSE="GPL-2 LGPL-2"
+LICENSE="GPL-2+ LGPL-2+"
SLOT="0"
KEYWORDS="alpha amd64 arm ia64 ~mips ppc ppc64 sh sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris"
-IUSE="debug doc pam test"
+IUSE="debug pam test"
# USE=valgrind is probably not a good idea for the tree
RDEPEND=">=dev-libs/glib-2.25:2
@@ -25,13 +25,11 @@
>=dev-libs/libtasn1-1"
# valgrind? ( dev-util/valgrind )"
DEPEND="${RDEPEND}
- sys-devel/gettext
+ >=dev-util/gtk-doc-am-1.9
>=dev-util/intltool-0.35
- virtual/pkgconfig
- doc? ( >=dev-util/gtk-doc-1.9 )"
+ sys-devel/gettext
+ virtual/pkgconfig"
PDEPEND="gnome-base/libgnome-keyring"
-# eautoreconf needs:
-# >=dev-util/gtk-doc-am-1.9
DOCS="AUTHORS ChangeLog NEWS README"
1.1 gnome-base/gnome-keyring/gnome-keyring-3.4.1-r1.ebuild
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1-r1.ebuild?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1-r1.ebuild?rev=1.1&content-type=text/plain
Index: gnome-keyring-3.4.1-r1.ebuild
===================================================================
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/gnome-base/gnome-keyring/gnome-keyring-3.4.1-r1.ebuild,v 1.1 2012/10/24 07:11:50 tetromino Exp $
EAPI="4"
GCONF_DEBUG="no"
GNOME2_LA_PUNT="yes"
inherit gnome2 pam versionator virtualx
DESCRIPTION="Password and keyring managing daemon"
HOMEPAGE="http://www.gnome.org/"
LICENSE="GPL-2+ LGPL-2+"
SLOT="0"
IUSE="+caps debug pam selinux"
KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~sparc-solaris ~x86-solaris"
RDEPEND=">=app-crypt/gcr-3.3.4
>=dev-libs/glib-2.28:2
>=x11-libs/gtk+-3.0:3
app-misc/ca-certificates
>=dev-libs/libgcrypt-1.2.2
>=sys-apps/dbus-1.0
caps? ( sys-libs/libcap-ng )
pam? ( virtual/pam )
"
DEPEND="${RDEPEND}
>=dev-util/intltool-0.35
sys-devel/gettext
virtual/pkgconfig"
PDEPEND=">=gnome-base/libgnome-keyring-3.1.92"
# eautoreconf needs:
# >=dev-util/gtk-doc-am-1.9
# gtk-doc-am is not needed otherwise (no gtk-docs are installed)
# FIXME: tests are very flaky and write to /tmp (instead of TMPDIR)
RESTRICT="test"
src_prepare() {
DOCS="AUTHORS ChangeLog NEWS README"
G2CONF="${G2CONF}
$(use_enable debug)
$(use_with caps libcap-ng)
$(use_enable pam)
$(use_with pam pam-dir $(getpam_mod_dir))
$(use_enable selinux)
--with-root-certs=${EPREFIX}/etc/ssl/certs/
--with-ca-certificates=${EPREFIX}/etc/ssl/certs/ca-certificates.crt
--enable-ssh-agent
--enable-gpg-agent"
# Bug #436392, CVE-2012-3466; fixed in 3.6
epatch "${FILESDIR}/${P}-gpg-cache-method-"{1,2}.patch
gnome2_src_prepare
}
src_test() {
unset DBUS_SESSION_BUS_ADDRESS
Xemake check
}
pkg_postinst() {
use caps && fcaps 0:0 755 cap_ipc_lock "${ROOT}"/usr/bin/gnome-keyring-daemon
gnome2_pkg_postinst
}
# borrowed from GSoC2010_Gentoo_Capabilities by constanze and Flameeyes
# @FUNCTION: fcaps
# @USAGE: fcaps {uid:gid} {file-mode} {cap1[,cap2,...]} {file}
# @RETURN: 0 if all okay; non-zero if failure and fallback
# @DESCRIPTION:
# fcaps sets the specified capabilities in the effective and permitted set of
# the given file. In case of failure fcaps sets the given file-mode.
# Requires versionator.eclass
fcaps() {
local uid_gid=$1
local perms=$2
local capset=$3
local path=$4
local res
chmod $perms $path && \
chown $uid_gid $path
res=$?
use caps || return $res
#set the capability
setcap "$capset=ep" "$path" &> /dev/null
#check if the capability got set correctly
setcap -v "$capset=ep" "$path" &> /dev/null
res=$?
if [ $res -ne 0 ]; then
ewarn "Failed to set capabilities. Probable reason is missing kernel support."
ewarn "Your kernel must have <FS>_FS_SECURITY enabled (e.g. EXT4_FS_SECURITY)"
ewarn "where <FS> is the filesystem to store ${path}"
if ! version_is_at_least 2.6.33 "$(uname -r)"; then
ewarn "For kernel 2.6.32 or older, you will also need to enable"
ewarn "SECURITY_FILE_CAPABILITIES."
fi
ewarn
ewarn "Falling back to suid now..."
chmod u+s ${path}
fi
return $res
}
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-10-24 7:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-24 7:11 [gentoo-commits] gentoo-x86 commit in gnome-base/gnome-keyring: gnome-keyring-2.32.1-r1.ebuild gnome-keyring-3.4.1-r1.ebuild ChangeLog gnome-keyring-3.2.2.ebuild gnome-keyring-3.4.1.ebuild gnome-keyring-2.32.1.ebuild Alexandre Rostovtsev (tetromino)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox