diff options
| author |   Zac Medico <zmedico@gentoo.org> | 2011-11-04 21:38:49 +0000 |
|---|---|---|
| committer | Zac Medico <zmedico@gentoo.org> | 2011-11-04 21:38:49 +0000 |
| commit | f6b65b51f093032f0bfc8048cfc595cca8892703 (patch) | |
| tree | 3e1bfdcf28aad74b33611c01546b0c4eaa76c266 /app-text | |
| parent | Version bump. (diff) | |
| download | historical-f6b65b51f093032f0bfc8048cfc595cca8892703.tar.gz historical-f6b65b51f093032f0bfc8048cfc595cca8892703.tar.bz2 historical-f6b65b51f093032f0bfc8048cfc595cca8892703.zip | |
Bug 389515 - Substitute vulnerable suid calibre-mount-helper with udisks shell script wrapper from debian, and remove vulnerable versions.
Package-Manager: portage-2.2.0_alpha72_p4/cvs/Linux i686
Diffstat (limited to 'app-text')
| -rw-r--r-- | app-text/calibre/ChangeLog | 9 | ||||
| -rw-r--r-- | app-text/calibre/Manifest | 13 | ||||
| -rw-r--r-- | app-text/calibre/calibre-0.8.24-r1.ebuild (renamed from app-text/calibre/calibre-0.8.23.ebuild) | 15 | ||||
| -rw-r--r-- | app-text/calibre/calibre-0.8.24.ebuild | 166 |
4 files changed, 26 insertions, 177 deletions
diff --git a/app-text/calibre/ChangeLog b/app-text/calibre/ChangeLog index ba93722915eb..92fcf9a11869 100644 --- a/app-text/calibre/ChangeLog +++ b/app-text/calibre/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-text/calibre # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/ChangeLog,v 1.165 2011/10/29 23:52:45 zmedico Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/ChangeLog,v 1.166 2011/11/04 21:38:49 zmedico Exp $ + +*calibre-0.8.24-r1 (04 Nov 2011) + + 04 Nov 2011; Zac Medico <zmedico@gentoo.org> +calibre-0.8.24-r1.ebuild, + -calibre-0.8.23.ebuild, -calibre-0.8.24.ebuild: + Bug 389515 - Substitute vulnerable suid calibre-mount-helper with udisks shell + script wrapper from debian, and remove vulnerable versions. *calibre-0.8.24 (29 Oct 2011) diff --git a/app-text/calibre/Manifest b/app-text/calibre/Manifest index 564071df1527..b84e6860ea2f 100644 --- a/app-text/calibre/Manifest +++ b/app-text/calibre/Manifest @@ -1,16 +1,15 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -DIST calibre-0.8.23.tar.gz 37639410 RMD160 fa7bf98fe2f9890ade41fc1fa4a48565bd6cd669 SHA1 d1a6719bbd05102c4906a12c0c491425b721faf2 SHA256 b933042ee1e30992455d764f81e33cba3c9417bbddc9355c92a074f3314cddd6 DIST calibre-0.8.24.tar.gz 37687726 RMD160 28d4c3e200318fd4b24a9f9881777bb331fcc542 SHA1 367ba8617c682f135381d0d842744425aafd77bd SHA256 875ddcbccff4671b4e395d6692ca9950cdb2602029f1f1d458ff69e5ed0d10e8 -EBUILD calibre-0.8.23.ebuild 5282 RMD160 ea476ddd6553f41783ea0dfeafa712a3b677789b SHA1 9af22acdddc858c257738eca4e941cc0cb4a61a3 SHA256 f14d8dd55c19d4ef849d578ea9c47b2b553f85e37699c44f1d5c062fb553866e -EBUILD calibre-0.8.24.ebuild 5282 RMD160 0f01f9fa3eb7d2d016bdfdb6c4629be1d51bba46 SHA1 00318eb33b0a70a359e05102d81c52e5a4828678 SHA256 eacc8301e20afc992400e91c95c1ce74f89e8d6df027730b4e022112e85ddf7e -MISC ChangeLog 26830 RMD160 639dd2565048ac99e5b4b63d68888fb4ec1bfd61 SHA1 370376b9d781f357ebe03929614d86837412189f SHA256 2b9dd5e6ec3946f74dd3683607ebbb833c882236c206881b4d0c291689a0eb50 +DIST calibre-mount-helper-debian-20100617 413 RMD160 296ef6fec523a300e2b941a086d77d014bed8f94 SHA1 ae3f96b5eb7f831c24f6f7f8100c950edce68ee4 SHA256 1cdbd23edfea0b08f7bd089e3302ca9601737aac18537406f0408b449aea32d1 +EBUILD calibre-0.8.24-r1.ebuild 5767 RMD160 80de7ec14bb462814d055d2d106d7e17e4bdbb64 SHA1 97fc4abc96d20c7917cad455d97ca478a6d76489 SHA256 ece2db5769fecc4a467160c31d0b04d3c253641027521038b0f3be246d6e5c6b +MISC ChangeLog 27132 RMD160 d47fd3773086a5f27b0e91b80e9a69b5abd05899 SHA1 bddb43a0f920672d3353ad6a32d04d837a4d0ec9 SHA256 bc346f668abf5099935e9e8808447c2788e7b36c7b56bfc6c487e2c45b788585 MISC metadata.xml 208 RMD160 745680e46bfd88253fa371a757ae549c24cb4163 SHA1 875f477c578d5f232290883c8f3306facd9ebec4 SHA256 67f4cd233dc8d6d341b8da89aef2654cae64f7e3b62fbcdd3a35e6e30e898e36 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) -iEYEARECAAYFAk6skdMACgkQ/ejvha5XGaP7JQCdEyFwQc8SQLSEGhPdVBCR2fY9 -tIwAoLMkzHwnh4dcZtRdz9SDkwQhgHmc -=dO+q +iEYEARECAAYFAk60W3AACgkQ/ejvha5XGaM3DACffhikgiTWj2DhnJFp/knkieTA +wy4An2aQqP/XwCDTtxLetrUZXf9hqz1O +=8FHI -----END PGP SIGNATURE----- diff --git a/app-text/calibre/calibre-0.8.23.ebuild b/app-text/calibre/calibre-0.8.24-r1.ebuild index 21d3bfd7e56a..ba6ccb93de28 100644 --- a/app-text/calibre/calibre-0.8.23.ebuild +++ b/app-text/calibre/calibre-0.8.24-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/calibre-0.8.23.ebuild,v 1.1 2011/10/21 21:33:33 zmedico Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/calibre-0.8.24-r1.ebuild,v 1.1 2011/11/04 21:38:49 zmedico Exp $ EAPI=3 PYTHON_DEPEND=2:2.7 @@ -10,7 +10,8 @@ inherit python distutils eutils fdo-mime bash-completion-r1 multilib DESCRIPTION="Ebook management application." HOMEPAGE="http://calibre-ebook.com/" -SRC_URI="http://sourceforge.net/projects/calibre/files/${PV}/${P}.tar.gz" +SRC_URI="http://sourceforge.net/projects/calibre/files/${PV}/${P}.tar.gz +http://bazaar.launchpad.net/~calibre-packagers/calibre/debian/download/head:/calibremounthelper-20100617213106-931ymwfegqq1dxbt-1/calibre-mount-helper -> calibre-mount-helper-debian-20100617" LICENSE="GPL-2" @@ -40,7 +41,8 @@ COMMON_DEPEND=" >=x11-misc/xdg-utils-1.0.2" RDEPEND="${COMMON_DEPEND} - >=dev-python/reportlab-2.1" + >=dev-python/reportlab-2.1 + sys-fs/udisks" DEPEND="${COMMON_DEPEND} >=dev-python/setuptools-0.6_rc5 @@ -121,6 +123,13 @@ src_install() { grep -rlZ "${ED}" "${ED}" | xargs -0 sed -e "s:${D}:/:g" -i || die "failed to fix harcoded \$D in paths" + # Bug 389515 - Substitute vulnerable suid calibre-mount-helper + # with udisks shell script wrapper from debian. + rm "${ED}usr/bin/calibre-mount-helper" || die + exeinto /usr/bin || die + newexe "${DISTDIR}"/calibre-mount-helper-debian-20100617 \ + calibre-mount-helper || die + find "${ED}"usr/share/calibre/man -type f -print0 | \ while read -r -d $'\0' ; do if [[ ${REPLY} = *.[0-9]calibre.bz2 ]] ; then diff --git a/app-text/calibre/calibre-0.8.24.ebuild b/app-text/calibre/calibre-0.8.24.ebuild deleted file mode 100644 index c7fae46ecb90..000000000000 --- a/app-text/calibre/calibre-0.8.24.ebuild +++ /dev/null @@ -1,166 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/calibre/calibre-0.8.24.ebuild,v 1.1 2011/10/29 23:52:45 zmedico Exp $ - -EAPI=3 -PYTHON_DEPEND=2:2.7 -PYTHON_USE_WITH=sqlite - -inherit python distutils eutils fdo-mime bash-completion-r1 multilib - -DESCRIPTION="Ebook management application." -HOMEPAGE="http://calibre-ebook.com/" -SRC_URI="http://sourceforge.net/projects/calibre/files/${PV}/${P}.tar.gz" - -LICENSE="GPL-2" - -KEYWORDS="~amd64 ~x86" - -SLOT="0" - -IUSE="" - -COMMON_DEPEND=" - >=app-text/podofo-0.8.2 - >=app-text/poppler-0.12.3-r3[qt4,xpdf-headers] - >=dev-libs/chmlib-0.40 - >=dev-libs/icu-4.4 - >=dev-python/beautifulsoup-3.0.5:python-2 - >=dev-python/dnspython-1.6.0 - >=dev-python/cssutils-0.9.7_alpha3 - >=dev-python/dbus-python-0.82.2 - >=dev-python/imaging-1.1.6 - >=dev-python/lxml-2.2.1 - >=dev-python/mechanize-0.1.11 - >=dev-python/python-dateutil-1.4.1 - >=dev-python/PyQt4-4.8.2[X,svg,webkit] - >=media-gfx/imagemagick-6.5.9 - >=media-libs/libwmf-0.2.8 - virtual/libusb:0 - >=x11-misc/xdg-utils-1.0.2" - -RDEPEND="${COMMON_DEPEND} - >=dev-python/reportlab-2.1" - -DEPEND="${COMMON_DEPEND} - >=dev-python/setuptools-0.6_rc5 - >=gnome-base/librsvg-2.0.0 - >=x11-misc/xdg-utils-1.0.2-r2" - -S=${WORKDIR}/${PN} - -pkg_setup() { - python_set_active_version 2.7 -} - -src_prepare() { - # Fix outdated version constant. - #sed -e "s#\\(^numeric_version =\\).*#\\1 (${PV//./, })#" \ - # -i src/calibre/constants.py || \ - # die "sed failed to patch constants.py" - - # Avoid sandbox violation in /usr/share/gnome/apps when linux.py - # calls xdg-* (bug #258938). - sed -e "s:'xdg-desktop-menu', 'install':\\0, '--mode', 'user':" \ - -e "s:check_call(\\['xdg-desktop-menu', 'forceupdate'\\]):#\\0:" \ - -e "s:xdg-icon-resource install:\\0 --mode user:" \ - -e "s:xdg-mime install:\\0 --mode user:" \ - -i src/calibre/linux.py || die "sed failed to patch linux.py" - - # Disable unnecessary privilege dropping for bug #287067. - sed -e "s:if os.geteuid() == 0:if False and os.geteuid() == 0:" \ - -i setup/install.py || die "sed failed to patch install.py" - - distutils_src_prepare -} - -src_install() { - - # Bypass kbuildsycoca and update-mime-database in order to - # avoid sandbox violations if xdg-mime tries to call them. - cat - > "${T}/kbuildsycoca" <<-EOF - #!${BASH} - exit 0 - EOF - - cp "${T}"/{kbuildsycoca,update-mime-database} - chmod +x "${T}"/{kbuildsycoca,update-mime-database} - - # Unset DISPLAY in order to prevent xdg-mime from triggering a sandbox - # violation with kbuildsycoca as in bug #287067, comment #13. - export -n DISPLAY - - # Bug #352625 - Some LANGUAGE values can trigger the following ValueError: - # File "/usr/lib/python2.6/locale.py", line 486, in getdefaultlocale - # return _parse_localename(localename) - # File "/usr/lib/python2.6/locale.py", line 418, in _parse_localename - # raise ValueError, 'unknown locale: %s' % localename - #ValueError: unknown locale: 46 - export -n LANGUAGE - - # Bug #295672 - Avoid sandbox violation in ~/.config by forcing - # variables to point to our fake temporary $HOME. - export HOME="${T}/fake_homedir" - export XDG_CONFIG_HOME="${HOME}/.config" - export XDG_DATA_HOME="${HOME}/.local/share" - export CALIBRE_CONFIG_DIRECTORY="${XDG_CONFIG_HOME}/calibre" - mkdir -p "${XDG_CONFIG_HOME}" "${CALIBRE_CONFIG_DIRECTORY}" - - # Bug #334243 - respect LDFLAGS when building calibre-mount-helper - export OVERRIDE_CFLAGS="$CFLAGS $LDFLAGS" - local libdir=$(get_libdir) - [[ -n $libdir ]] || die "get_libdir returned an empty string" - - PATH=${T}:${PATH} PYTHONPATH=${S}/src${PYTHONPATH:+:}${PYTHONPATH} \ - distutils_src_install \ - --prefix="${EPREFIX}/usr" \ - --libdir="${EPREFIX}/usr/${libdir}" \ - --staging-root="${ED}usr" \ - --staging-libdir="${ED}usr/${libdir}" - - grep -rlZ "${ED}" "${ED}" | xargs -0 sed -e "s:${D}:/:g" -i || - die "failed to fix harcoded \$D in paths" - - find "${ED}"usr/share/calibre/man -type f -print0 | \ - while read -r -d $'\0' ; do - if [[ ${REPLY} = *.[0-9]calibre.bz2 ]] ; then - newname=${REPLY%calibre.bz2}.bz2 - mv "${REPLY}" "${newname}" - doman "${newname}" || die "doman failed" - rm -f "${newname}" || die "rm failed" - fi - done - rmdir "${ED}"usr/share/calibre/man/* || \ - die "could not remove redundant man subdir(s)" - rmdir "${ED}"usr/share/calibre/man || \ - die "could not remove redundant man dir" - - # The menu entries end up here due to '--mode user' being added to - # xdg-* options in src_prepare. - dodir /usr/share/mime/packages - chmod -fR a+rX,u+w,g-w,o-w "${HOME}"/.local - mv "${HOME}"/.local/share/mime/packages/* "${ED}"usr/share/mime/packages/ || - die "failed to register mime types" - dodir /usr/share/icons - mv "${HOME}"/.local/share/icons/* "${ED}"usr/share/icons/ || - die "failed to install icon files" - - domenu "${HOME}"/.local/share/applications/*.desktop || - die "failed to install .desktop menu files" - - dobashcomp "${ED}"usr/etc/bash_completion.d/calibre || die - rm -r "${ED}"usr/etc/bash_completion.d - find "${ED}"usr/etc -type d -empty -delete - - python_convert_shebangs -r $(python_get_version) "${ED}" -} - -pkg_postinst() { - fdo-mime_desktop_database_update - fdo-mime_mime_database_update - python_mod_optimize /usr/$(get_libdir)/${PN} -} - -pkg_postrm() { - python_mod_cleanup /usr/$(get_libdir)/${PN} -} |