diff options
| author |   Sven Wegener <swegener@gentoo.org> | 2009-04-05 10:18:56 +0000 |
|---|---|---|
| committer | Sven Wegener <swegener@gentoo.org> | 2009-04-05 10:18:56 +0000 |
| commit | 2b63815d144d86ef17ae2d36adc0cb147e6c9205 (patch) | |
| tree | 53e8595be152367731725b399394bdec8efff6bc /net-im | |
| parent | Version bump. (diff) | |
| download | gentoo-2-2b63815d144d86ef17ae2d36adc0cb147e6c9205.tar.gz gentoo-2-2b63815d144d86ef17ae2d36adc0cb147e6c9205.tar.bz2 gentoo-2-2b63815d144d86ef17ae2d36adc0cb147e6c9205.zip | |
Revision bump, security bug #264607.
(Portage version: 2.2_rc28/cvs/Linux x86_64)
Diffstat (limited to 'net-im')
| -rw-r--r-- | net-im/centerim/ChangeLog | 9 | ||||
| -rw-r--r-- | net-im/centerim/centerim-4.22.7-r1.ebuild | 114 | ||||
| -rw-r--r-- | net-im/centerim/files/centerim-4.22.7-libgadu-CVE-2008-4776.patch | 14 |
3 files changed, 136 insertions, 1 deletions
diff --git a/net-im/centerim/ChangeLog b/net-im/centerim/ChangeLog index ffbdd91fa5cb..ec1c7148f5fd 100644 --- a/net-im/centerim/ChangeLog +++ b/net-im/centerim/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-im/centerim # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/centerim/ChangeLog,v 1.32 2009/03/07 19:40:25 gentoofan23 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/centerim/ChangeLog,v 1.33 2009/04/05 10:18:55 swegener Exp $ + +*centerim-4.22.7-r1 (05 Apr 2009) + + 05 Apr 2009; Sven Wegener <swegener@gentoo.org> + +files/centerim-4.22.7-libgadu-CVE-2008-4776.patch, + +centerim-4.22.7-r1.ebuild: + Revision bump, security bug #264607. 07 Mar 2009; Thomas Anderson <gentoofan23@gentoo.org> centerim-4.22.6.ebuild: diff --git a/net-im/centerim/centerim-4.22.7-r1.ebuild b/net-im/centerim/centerim-4.22.7-r1.ebuild new file mode 100644 index 000000000000..a09f8b74a425 --- /dev/null +++ b/net-im/centerim/centerim-4.22.7-r1.ebuild @@ -0,0 +1,114 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-im/centerim/centerim-4.22.7-r1.ebuild,v 1.1 2009/04/05 10:18:55 swegener Exp $ + +EAPI="2" + +inherit eutils + +PROTOCOL_IUSE="+aim gadu +icq +irc +jabber lj +msn rss +yahoo" +IUSE="${PROTOCOL_IUSE} bidi nls ssl crypt jpeg otr" + +DESCRIPTION="CenterIM is a fork of CenterICQ - a ncurses ICQ/Yahoo!/AIM/IRC/MSN/Jabber/GaduGadu/RSS/LiveJournal Client" +if [[ ${PV} = *_p* ]] # is this a snaphot? +then + SRC_URI="http://www.centerim.org/download/snapshots/${PN}-${PV/*_p/}.tar.gz" +else + SRC_URI="http://www.centerim.org/download/releases/${P}.tar.bz2" +fi +HOMEPAGE="http://www.centerim.org/" +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~amd64 ~x86 ~x86-fbsd" + +DEPEND=">=sys-libs/ncurses-5.2 + bidi? ( dev-libs/fribidi ) + ssl? ( >=dev-libs/openssl-0.9.6g ) + jpeg? ( media-libs/jpeg ) + jabber? ( + otr? ( net-libs/libotr ) + crypt? ( >=app-crypt/gpgme-1.0.2 ) + ) + msn? ( + net-misc/curl[ssl] + dev-libs/openssl + )" + +RDEPEND="${DEPEND} + nls? ( sys-devel/gettext )" + +S="${WORKDIR}"/${P/_p*} + +check_protocol_iuse() { + local flag + + for flag in ${PROTOCOL_IUSE} + do + use ${flag#+} && return 0 + done + + return 1 +} + +pkg_setup() { + if ! check_protocol_iuse + then + eerror + eerror "Please activate at least one of the following protocol USE flags:" + eerror "${PROTOCOL_IUSE//+}" + eerror + die "Please activate at least one protocol USE flag!" + fi + + if use otr && ! use jabber + then + ewarn + ewarn "Support for OTR is only supported with Jabber!" + ewarn + fi + + if use gadu && ! use jpeg + then + ewarn + ewarn "You need jpeg support to be able to register Gadu-Gadu accounts!" + ewarn + fi +} + +src_unpack() { + default + + epatch "${FILESDIR}"/${P}-libgadu-CVE-2008-4776.patch + + # Don't execute git commands, bug #228151 + cat >"${S}"/misc/git-version-gen <<-EOF + #!/bin/sh + echo -n "${PVR}" + EOF +} + +src_configure() { + econf \ + $(use_with ssl) \ + $(use_enable aim) \ + $(use_with bidi fribidi) \ + $(use_with jpeg libjpeg) \ + $(use_with otr libotr) \ + $(use_enable gadu gg) \ + $(use_enable icq) \ + $(use_enable irc) \ + $(use_enable jabber) \ + $(use_enable lj) \ + $(use_enable msn) \ + $(use_enable nls locales-fix) \ + $(use_enable nls) \ + $(use_enable rss) \ + $(use_enable yahoo) \ + || die "econf failed" +} + +src_install () { + emake DESTDIR="${D}" install || die "emake install failed" + + dodoc AUTHORS ChangeLog FAQ README THANKS TODO +} diff --git a/net-im/centerim/files/centerim-4.22.7-libgadu-CVE-2008-4776.patch b/net-im/centerim/files/centerim-4.22.7-libgadu-CVE-2008-4776.patch new file mode 100644 index 000000000000..ee6eb3bde391 --- /dev/null +++ b/net-im/centerim/files/centerim-4.22.7-libgadu-CVE-2008-4776.patch @@ -0,0 +1,14 @@ +https://bugs.gentoo.org/264607 +https://bugs.gentoo.org/244888 + +--- centerim-4.22.7/libgadu/events.c ++++ centerim-4.22.7/libgadu/events.c +@@ -578,7 +578,7 @@ + if (GG_S_D(n->status)) { + unsigned char descr_len = *((char*) n + sizeof(struct gg_notify_reply60)); + +- if (descr_len < length) { ++ if (sizeof(struct gg_notify_reply60) + descr_len < length) { + if (!(e->event.notify60[i].descr = malloc(descr_len + 1))) { + gg_debug(GG_DEBUG_MISC, "// gg_watch_fd_connected() not enough memory for notify data\n"); + goto fail; |