commit: 24bd054fa98b2a95f355ab3471470bbb000c488a Author: Amadeusz Żołnowski <aidecoe <AT> gentoo <DOT> org> AuthorDate: Mon May 29 16:24:07 2017 +0000 Commit: Amadeusz Piotr Żołnowski <aidecoe <AT> gentoo <DOT> org> CommitDate: Mon May 29 16:24:30 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24bd054f
net-im/gajim: Fix CVE-2016-10376 Gentoo-Bug: 620146 Package-Manager: Portage-2.3.5, Repoman-2.3.2 ...01-Add-config-option-to-activate-XEP-0146.patch | 45 ++++++++ net-im/gajim/gajim-0.16.6-r1.ebuild | 125 +++++++++++++++++++++ 2 files changed, 170 insertions(+) diff --git a/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch b/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch new file mode 100644 index 00000000000..046c72c0ca2 --- /dev/null +++ b/net-im/gajim/files/0.16.6-0001-Add-config-option-to-activate-XEP-0146.patch @@ -0,0 +1,45 @@ +From 285392b27db7cb01b0566b4bda3920e6559b75e4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philipp=20H=C3=B6rist?= <[email protected]> +Date: Fri, 26 May 2017 23:10:05 +0200 +Subject: [PATCH] Add config option to activate XEP-0146 commands + +Some of the Commands have security implications, thats why we disable them per default +Fixes #8378 +--- + src/common/commands.py | 7 ++++--- + src/common/config.py | 1 + + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/src/common/commands.py b/src/common/commands.py +index 40d700710..46d6947f8 100644 +--- a/src/common/commands.py ++++ b/src/common/commands.py +@@ -345,9 +345,10 @@ class ConnectionCommands: + def __init__(self): + # a list of all commands exposed: node -> command class + self.__commands = {} +- for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand, +- LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand): +- self.__commands[cmdobj.commandnode] = cmdobj ++ if gajim.config.get('remote_commands'): ++ for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand, ++ LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand): ++ self.__commands[cmdobj.commandnode] = cmdobj + + # a list of sessions; keys are tuples (jid, sessionid, node) + self.__sessions = {} +diff --git a/src/common/config.py b/src/common/config.py +index 3884d9e1d..7c1313fc4 100644 +--- a/src/common/config.py ++++ b/src/common/config.py +@@ -313,6 +313,7 @@ class Config: + 'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim will ignore incoming attention requestd ("wizz").')], + 'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, Gajim will reopen chat windows that were opened last time Gajim was closed.')], + 'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will show an icon to show that sent message has been received by your contact')], ++ 'remote_commands': [opt_bool, False, _('If True, Gajim will execute XEP-0146 Commands.')], + }, {}) + + __options_per_key = { +-- +2.12.2 + diff --git a/net-im/gajim/gajim-0.16.6-r1.ebuild b/net-im/gajim/gajim-0.16.6-r1.ebuild new file mode 100644 index 00000000000..7fc7796b975 --- /dev/null +++ b/net-im/gajim/gajim-0.16.6-r1.ebuild @@ -0,0 +1,125 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) +PYTHON_REQ_USE="sqlite,xml" + +AUTOTOOLS_AUTORECONF=true + +inherit autotools-utils python-r1 versionator + +MY_PV=${PV/_/-} +MY_P="${PN}-${MY_PV}" + +DESCRIPTION="Jabber client written in PyGTK" +HOMEPAGE="http://www.gajim.org/"; +SRC_URI=" + http://www.gajim.org/downloads/$(get_version_component_range 1-2)/${MY_P}.tar.bz2" +# test? ( https://dev.gentoo.org/~jlec/distfiles/${PN}-tests-${PV}.tar.xz )" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86 ~x86-fbsd" +IUSE="crypt dbus gnome gnome-keyring kde idle jingle libnotify networkmanager nls spell +srv test X xhtml zeroconf" + +REQUIRED_USE=" + ${PYTHON_REQUIRED_USE} + libnotify? ( dbus ) + gnome? ( gnome-keyring ) + zeroconf? ( dbus )" + +COMMON_DEPEND=" + ${PYTHON_DEPS} + dev-python/pygtk:2[${PYTHON_USEDEP}] + x11-libs/gtk+:2" +DEPEND="${COMMON_DEPEND} + >=dev-util/intltool-0.40.1 + virtual/pkgconfig + >=sys-devel/gettext-0.17-r1" +RDEPEND="${COMMON_DEPEND} + dev-python/pyasn1[${PYTHON_USEDEP}] + >=dev-python/pyopenssl-0.14[${PYTHON_USEDEP}] + >=dev-python/python-nbxmpp-0.5.3[${PYTHON_USEDEP}] + crypt? ( + app-crypt/gnupg + dev-python/pycrypto[${PYTHON_USEDEP}] + ) + dbus? ( + dev-python/dbus-python[${PYTHON_USEDEP}] + dev-libs/dbus-glib + libnotify? ( dev-python/notify-python[${PYTHON_USEDEP}] ) + zeroconf? ( net-dns/avahi[dbus,gtk,python,${PYTHON_USEDEP}] ) + ) + gnome? ( + dev-python/libgnome-python[${PYTHON_USEDEP}] + dev-python/egg-python[${PYTHON_USEDEP}] + ) + gnome-keyring? ( dev-python/gnome-keyring-python[${PYTHON_USEDEP}] ) + idle? ( x11-libs/libXScrnSaver ) + jingle? ( net-libs/farstream:0.1[python,${PYTHON_USEDEP}] ) + kde? ( kde-apps/kwalletmanager ) + networkmanager? ( + dev-python/dbus-python[${PYTHON_USEDEP}] + net-misc/networkmanager + ) + spell? ( app-text/gtkspell:2 ) + srv? ( + || ( + dev-python/libasyncns-python[${PYTHON_USEDEP}] + net-dns/bind-tools + ) + ) + xhtml? ( dev-python/docutils[${PYTHON_USEDEP}] )" + +RESTRICT="test" + +PATCHES=( + "${FILESDIR}/${PV}-0001-Add-config-option-to-activate-XEP-0146.patch" ) + +S="${WORKDIR}"/${MY_P} + +src_prepare() { + autotools-utils_src_prepare + python_copy_sources +} + +src_configure() { + configuration() { + local myeconfargs=( + $(use_enable nls) + $(use_with X x) + --docdir="/usr/share/doc/${PF}" + --libdir="$(python_get_sitedir)" + --enable-site-packages + ) + run_in_build_dir autotools-utils_src_configure + } + python_foreach_impl configuration +} + +src_compile() { + compilation() { + run_in_build_dir autotools-utils_src_compile + } + python_foreach_impl compilation +} + +src_test() { + testing() { + run_in_build_dir ${PYTHON} test/runtests.py --verbose 3 || die + } + python_foreach_impl testing +} + +src_install() { + installation() { + run_in_build_dir autotools-utils_src_install + python_optimize + } + python_foreach_impl installation + + rm "${ED}/usr/share/doc/${PF}/README.html" || die + dohtml README.html +}
