diff options
| author | Denis 'GNUtoo' Carikli <GNUtoo@no-log.org> | 2010-04-18 22:14:55 +0200 |
|---|---|---|
| committer | Denis 'GNUtoo' Carikli <GNUtoo@no-log.org> | 2010-04-18 22:46:15 +0200 |
| commit | fdaa0a396ccaa5def33628d6a76450cb33af24cc (patch) | |
| tree | 0e36b8d6797cb36011f51a745f012a3980c88195 /recipes/xchat | |
| parent | 4e72309a8e2c2394bfe956864048443d8821171d (diff) | |
xchat 2.8.6: fix CVE-2009-0315 and a building issues with 2 debian patches and bump PR
The building issue was the following:
| fe-gtk.o: In function `fe_gui_info':
| [...]/src/fe-gtk/fe-gtk.c:822: undefined reference to `GTK_WIDGET_VISIBLE'
| menu.o: In function `menu_canacaccel':
| [...]/src/fe-gtk/menu.c:1673: undefined reference to `GTK_WIDGET_IS_SENSITIVE'
| maingui.o: In function `mg_hide_empty_pane':
| [...]/src/fe-gtk/maingui.c:812: undefined reference to `GTK_WIDGET_VISIBLE'
| [...]/src/fe-gtk/maingui.c:813: undefined reference to `GTK_WIDGET_VISIBLE'
| maingui.o: In function `mg_show_generic_tab':
| [...]/src/fe-gtk/maingui.c:602: undefined reference to `GTK_WIDGET_HAS_FOCUS'
I noticied the security issue while looking into the debian patches of xchat:
They had a file named 46_CVE-2009-0315.dpatch.
Then I looked at that CVE to see if it was relevant ,and applied the patch
Diffstat (limited to 'recipes/xchat')
| -rwxr-xr-x | recipes/xchat/files/46_CVE-2009-0315.dpatch | 26 | ||||
| -rwxr-xr-x | recipes/xchat/files/53_fix_deprecated_widgets.dpatch | 53 | ||||
| -rw-r--r-- | recipes/xchat/xchat_2.8.6.bb | 7 |
3 files changed, 84 insertions, 2 deletions
diff --git a/recipes/xchat/files/46_CVE-2009-0315.dpatch b/recipes/xchat/files/46_CVE-2009-0315.dpatch new file mode 100755 index 0000000000..97bd442279 --- /dev/null +++ b/recipes/xchat/files/46_CVE-2009-0315.dpatch @@ -0,0 +1,26 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 46_CVE-2009-0315.dpatch by Nico Golde <nion@debian.org> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad xchat-2.8.6~/plugins/python/python.c xchat-2.8.6/plugins/python/python.c +--- xchat-2.8.6~/plugins/python/python.c 2008-03-29 06:57:35.000000000 +0100 ++++ xchat-2.8.6/plugins/python/python.c 2009-02-05 19:13:02.000000000 +0100 +@@ -1106,6 +1106,7 @@ + } + + PySys_SetArgv(1, argv); ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); + PySys_SetObject("__plugin__", (PyObject *) plugin); + + /* Set stdout and stderr to xchatout. */ +@@ -2110,6 +2111,7 @@ + Py_SetProgramName("xchat"); + Py_Initialize(); + PySys_SetArgv(1, argv); ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); + + Plugin_Type.ob_type = &PyType_Type; + Context_Type.ob_type = &PyType_Type; diff --git a/recipes/xchat/files/53_fix_deprecated_widgets.dpatch b/recipes/xchat/files/53_fix_deprecated_widgets.dpatch new file mode 100755 index 0000000000..bab087b28e --- /dev/null +++ b/recipes/xchat/files/53_fix_deprecated_widgets.dpatch @@ -0,0 +1,53 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 53_fix_deprecated_widgets.dpatch by Davide Puricelli <evo@debian.org> +## +## Description: Fix FTBFS errors due to new GTK 2.20 widgets names. + +@DPATCH@ +diff -Naur xchat-2.8.6foo/src/fe-gtk/fe-gtk.c xchat-2.8.6/src/fe-gtk/fe-gtk.c +--- xchat-2.8.6foo/src/fe-gtk/fe-gtk.c 2010-04-06 21:48:19.000000000 +0200 ++++ xchat-2.8.6/src/fe-gtk/fe-gtk.c 2010-04-06 21:49:27.000000000 +0200 +@@ -819,7 +819,7 @@ + switch (info_type) + { + case 0: /* window status */ +- if (!GTK_WIDGET_VISIBLE (GTK_WINDOW (sess->gui->window))) ++ if (!gtk_widget_get_visible (GTK_WINDOW (sess->gui->window))) + return 2; /* hidden (iconified or systray) */ + #if GTK_CHECK_VERSION(2,4,0) + if (gtk_window_is_active (GTK_WINDOW (sess->gui->window))) +diff -Naur xchat-2.8.6foo/src/fe-gtk/maingui.c xchat-2.8.6/src/fe-gtk/maingui.c +--- xchat-2.8.6foo/src/fe-gtk/maingui.c 2008-04-01 10:53:41.000000000 +0200 ++++ xchat-2.8.6/src/fe-gtk/maingui.c 2010-04-06 21:50:45.000000000 +0200 +@@ -599,7 +599,7 @@ + int num; + GtkWidget *f = NULL; + +- if (current_sess && GTK_WIDGET_HAS_FOCUS (current_sess->gui->input_box)) ++ if (current_sess && gtk_widget_has_focus (current_sess->gui->input_box)) + f = current_sess->gui->input_box; + + num = gtk_notebook_page_num (GTK_NOTEBOOK (mg_gui->note_book), box); +@@ -809,8 +809,8 @@ + static void + mg_hide_empty_pane (GtkPaned *pane) + { +- if ((pane->child1 == NULL || !GTK_WIDGET_VISIBLE (pane->child1)) && +- (pane->child2 == NULL || !GTK_WIDGET_VISIBLE (pane->child2))) ++ if ((pane->child1 == NULL || !gtk_widget_get_visible (pane->child1)) && ++ (pane->child2 == NULL || !gtk_widget_get_visible (pane->child2))) + { + gtk_widget_hide (GTK_WIDGET (pane)); + return; +diff -Naur xchat-2.8.6foo/src/fe-gtk/menu.c xchat-2.8.6/src/fe-gtk/menu.c +--- xchat-2.8.6foo/src/fe-gtk/menu.c 2008-06-08 09:59:37.000000000 +0200 ++++ xchat-2.8.6/src/fe-gtk/menu.c 2010-04-06 21:49:54.000000000 +0200 +@@ -1670,7 +1670,7 @@ + menu_canacaccel (GtkWidget *widget, guint signal_id, gpointer user_data) + { + /* GTK2.2 behaviour */ +- return GTK_WIDGET_IS_SENSITIVE (widget); ++ return gtk_widget_is_sensitive (widget); + } + + #endif diff --git a/recipes/xchat/xchat_2.8.6.bb b/recipes/xchat/xchat_2.8.6.bb index d6d6200d83..9e203fb682 100644 --- a/recipes/xchat/xchat_2.8.6.bb +++ b/recipes/xchat/xchat_2.8.6.bb @@ -4,9 +4,12 @@ HOMEPAGE = "http://www.xchat.org" SECTION = "x11/network" DEPENDS = "libgcrypt zlib gtk+" DEPENDS += "gdk-pixbuf-csource-native" -PR = "r1" +PR = "r2" -SRC_URI = "http://www.xchat.org/files/source/2.8/xchat-${PV}.tar.bz2" +SRC_URI = "http://www.xchat.org/files/source/2.8/xchat-${PV}.tar.bz2 \ + file://46_CVE-2009-0315.dpatch;patch=1 \ + file://53_fix_deprecated_widgets.dpatch;patch=1 \ + " inherit autotools |