pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q2]: pkgsrc/x11/xfce4-terminal Pullup ticket 2178 - reques...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a12ce7d6b25c
branches: pkgsrc-2007Q2
changeset: 530499:a12ce7d6b25c
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Sep 03 12:53:33 2007 +0000
description:
Pullup ticket 2178 - requested by marrti
security fix for xfce4-terminal
- pkgsrc/x11/xfce4-terminal/Makefile 1.2
- pkgsrc/x11/xfce4-terminal/buildlink3.mk 1.2
- pkgsrc/x11/xfce4-terminal/distinfo 1.2
- pkgsrc/x11/xfce4-terminal/patches/patch-aa 1.1
Modified Files:
pkgsrc/x11/xfce4-terminal: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/x11/xfce4-terminal/patches: patch-aa
Log Message:
Updated x11/xfce4-terminal to 0.2.6nb1
Fixed "URL handling allows remote shell command execution" bug:
http://bugzilla.xfce.org/show_bug.cgi?id=3383
diffstat:
x11/xfce4-terminal/Makefile | 3 +-
x11/xfce4-terminal/buildlink3.mk | 4 +-
x11/xfce4-terminal/distinfo | 3 +-
x11/xfce4-terminal/patches/patch-aa | 214 ++++++++++++++++++++++++++++++++++++
4 files changed, 220 insertions(+), 4 deletions(-)
diffs (264 lines):
diff -r 4fa5f25df169 -r a12ce7d6b25c x11/xfce4-terminal/Makefile
--- a/x11/xfce4-terminal/Makefile Thu Aug 23 14:19:32 2007 +0000
+++ b/x11/xfce4-terminal/Makefile Mon Sep 03 12:53:33 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.1.1.1 2007/04/12 09:51:20 martti Exp $
+# $NetBSD: Makefile,v 1.1.1.1.2.1 2007/09/03 12:53:33 ghen Exp $
.include "../../meta-pkgs/xfce4/Makefile.common"
@@ -6,6 +6,7 @@
DISTNAME= Terminal-${XFCE4_VERSION}
PKGNAME= xfce4-terminal-${XFCE4_VERSION}
+PKGREVISION= 1
CATEGORIES= x11
COMMENT= Xfce terminal emulator
diff -r 4fa5f25df169 -r a12ce7d6b25c x11/xfce4-terminal/buildlink3.mk
--- a/x11/xfce4-terminal/buildlink3.mk Thu Aug 23 14:19:32 2007 +0000
+++ b/x11/xfce4-terminal/buildlink3.mk Mon Sep 03 12:53:33 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.1.1.1 2007/04/12 09:51:20 martti Exp $
+# $NetBSD: buildlink3.mk,v 1.1.1.1.2.1 2007/09/03 12:53:33 ghen Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
XFCE4_TERMINAL_BUILDLINK3_MK:= ${XFCE4_TERMINAL_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
BUILDLINK_ORDER:= ${BUILDLINK_ORDER} ${BUILDLINK_DEPTH}xfce4-terminal
.if ${XFCE4_TERMINAL_BUILDLINK3_MK} == "+"
-BUILDLINK_API_DEPENDS.xfce4-terminal+= xfce4-terminal>=0.2.6
+BUILDLINK_API_DEPENDS.xfce4-terminal+= xfce4-terminal>=0.2.6nb1
BUILDLINK_PKGSRCDIR.xfce4-terminal?= ../../x11/xfce4-terminal
.endif # XFCE4_TERMINAL_BUILDLINK3_MK
diff -r 4fa5f25df169 -r a12ce7d6b25c x11/xfce4-terminal/distinfo
--- a/x11/xfce4-terminal/distinfo Thu Aug 23 14:19:32 2007 +0000
+++ b/x11/xfce4-terminal/distinfo Mon Sep 03 12:53:33 2007 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.1.1.1 2007/04/12 09:51:20 martti Exp $
+$NetBSD: distinfo,v 1.1.1.1.2.1 2007/09/03 12:53:33 ghen Exp $
SHA1 (Terminal-0.2.6.tar.bz2) = 8851179492c4768a1a53d2424d7a7c8b1a873c58
RMD160 (Terminal-0.2.6.tar.bz2) = 0e1bcb66b83a92044eae891c35cc3750918ca83e
Size (Terminal-0.2.6.tar.bz2) = 1582076 bytes
+SHA1 (patch-aa) = f08cf609852fbf1ce81fb9066dfaa1338dbea85b
diff -r 4fa5f25df169 -r a12ce7d6b25c x11/xfce4-terminal/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xfce4-terminal/patches/patch-aa Mon Sep 03 12:53:33 2007 +0000
@@ -0,0 +1,214 @@
+$NetBSD: patch-aa,v 1.1.2.2 2007/09/03 12:53:34 ghen Exp $
+
+Patch for http://bugzilla.xfce.org/show_bug.cgi?id=3383
+
+--- helpers/balsa.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/balsa.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=balsa
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -m "mailto:%u"
++X-Terminal-Command=%B -m mailto:%u
+
+--- helpers/epiphany.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/epiphany.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=epiphany;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+
+--- helpers/evolution.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/evolution.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=evolution-2.2;evolution-2.0;evolution-1.6;evolution-1.5;evolution-1.4;evolution;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B "mailto:%u"
++X-Terminal-Command=%B mailto:%u
+
+--- helpers/exo-open-browser.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/exo-open-browser.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=exo-open
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B --launch WebBrowser "%u"
++X-Terminal-Command=%B --launch WebBrowser %u
+
+--- helpers/exo-open-mailer.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/exo-open-mailer.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=exo-open
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B --launch MailReader "%u"
++X-Terminal-Command=%B --launch MailReader %u
+
+--- helpers/firefox.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/firefox.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=firefox;firefox-gtk2;firefox-gtk;mozilla-firefox;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u\) || %B %u
+
+--- helpers/galeon.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/galeon.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=galeon;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+
+--- helpers/kmail.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/kmail.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=kmail;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+
+--- helpers/konqueror.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/konqueror.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,6 +5,6 @@
+ Type=Application
+ X-Terminal-Binaries=konqueror;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+
+
+
+--- helpers/lynx.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/lynx.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=lynx;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=Terminal -x %B "%u"
++X-Terminal-Command=Terminal -x %B %u
+
+--- helpers/mozilla-browser.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/mozilla-browser.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mozilla;mozilla-gtk2;mozilla-gtk;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u,new-window)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u,new-window\) || %B %u
+
+--- helpers/mozilla-mailer.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/mozilla-mailer.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mozilla;mozilla-gtk2;mozilla-gtk;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "mailto(%u)" || %B -compose "mailto:%u"
++X-Terminal-Command=%B -remote mailto\(%u\) || %B -compose mailto:%u
+
+--- helpers/mutt.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/mutt.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mutt;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=Terminal -x %B "%u"
++X-Terminal-Command=Terminal -x %B %u
+
+--- helpers/opera-browser.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/opera-browser.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=opera;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u,new-window)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u,new-window\) || %B %u
+
+--- helpers/opera-mailer.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/opera-mailer.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=opera;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "openURL(mailto:%u)" || %B "mailto:%u"
++X-Terminal-Command=%B -remote openURL\(mailto:%u\) || %B mailto:%u
+
+--- helpers/sensible-browser.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/sensible-browser.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=sensible-browser
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+
+--- helpers/sylpheed-claws.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/sylpheed-claws.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -7,4 +7,4 @@
+ StartupNotify=true
+ X-Terminal-Binaries=sylpheed-claws;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B --compose "%u"
++X-Terminal-Command=%B --compose %u
+
+--- helpers/thunderbird.desktop.in 2007-01-20 16:30:46.000000000 +0200
++++ Terminal-0.2.6.patched/helpers/thunderbird.desktop.in 2007-08-14 09:12:57.000000000 +0300
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=thunderbird;thunderbird-gtk2;thunderbird-gtk;mozilla-thunderbird;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "mailto(%u)" || %B -compose "mailto:%u"
++X-Terminal-Command=%B -remote mailto\(%u\) || %B -compose mailto:%u
+
+--- terminal/terminal-helper.c 2007-01-20 16:30:51.000000000 +0200
++++ Terminal-0.2.6.patched/terminal/terminal-helper.c 2007-08-14 09:17:20.000000000 +0300
+@@ -349,6 +349,8 @@
+ gchar *argv[4];
+ gchar *command;
+ gchar *t;
++ gchar *escaped;
++ gchar **parts;
+ guint n;
+
+ g_return_if_fail (TERMINAL_IS_HELPER (helper));
+@@ -359,6 +361,12 @@
+ if (s[0] == '%' && g_ascii_tolower (s[1]) == 'u')
+ ++n;
+
++ parts = g_strsplit (uri, "$", 0);
++
++ escaped = g_shell_quote (g_strjoinv("\$", parts));
++
++ g_strfreev (parts);
++
+ if (n > 0)
+ {
+ command = g_new (gchar, strlen (helper->command) + n * strlen (uri) + 1);
+@@ -366,7 +374,7 @@
+ {
+ if (s[0] == '%' && g_ascii_tolower (s[1]) == 'u')
+ {
+- for (u = uri; *u != '\0'; )
++ for (u = escaped; *u != '\0'; )
+ *t++ = *u++;
+ s += 2;
+ }
+@@ -379,9 +387,11 @@
+ }
+ else
+ {
+- command = g_strconcat (helper->command, " ", uri, NULL);
++ command = g_strconcat (helper->command, " ", escaped, NULL);
+ }
+
++ g_free (escaped);
++
+ argv[0] = "/bin/sh";
+ argv[1] = "-c";
+ argv[2] = command;
Home |
Main Index |
Thread Index |
Old Index