summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArun Raghavan <ford_prefect@gentoo.org>2010-11-15 05:34:04 +0000
committerArun Raghavan <ford_prefect@gentoo.org>2010-11-15 05:34:04 +0000
commit8de10ee39874466606bf2896a8e1efb7a5ad3177 (patch)
treeb9b188675a55c19ce4dbe236c1e9fbe78a8f65fb /media-sound
parentVersion bump. (diff)
downloadhistorical-8de10ee39874466606bf2896a8e1efb7a5ad3177.tar.gz
historical-8de10ee39874466606bf2896a8e1efb7a5ad3177.tar.bz2
historical-8de10ee39874466606bf2896a8e1efb7a5ad3177.zip
Bump to -r1 to fix insecure LD_LIBRARY_PATH usage (bug #345567).
Package-Manager: portage-2.2.0_alpha3/cvs/Linux x86_64
Diffstat (limited to 'media-sound')
-rw-r--r--media-sound/banshee/ChangeLog9
-rw-r--r--media-sound/banshee/Manifest14
-rw-r--r--media-sound/banshee/banshee-1.8.0-r1.ebuild162
-rw-r--r--media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch31
4 files changed, 204 insertions, 12 deletions
diff --git a/media-sound/banshee/ChangeLog b/media-sound/banshee/ChangeLog
index d042b31df8d9..d38062b6e80b 100644
--- a/media-sound/banshee/ChangeLog
+++ b/media-sound/banshee/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for media-sound/banshee
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/ChangeLog,v 1.123 2010/10/23 14:36:16 pacho Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/ChangeLog,v 1.124 2010/11/15 05:34:04 ford_prefect Exp $
+
+*banshee-1.8.0-r1 (15 Nov 2010)
+
+ 15 Nov 2010; Arun Raghavan <ford_prefect@gentoo.org>
+ +banshee-1.8.0-r1.ebuild,
+ +files/banshee-1.8.0-fix-insecure-lib-path.patch:
+ Bump to -r1 to fix insecure LD_LIBRARY_PATH usage (bug #345567).
23 Oct 2010; Pacho Ramos <pacho@gentoo.org> banshee-1.8.0.ebuild:
Enable 'web' by default as needed by community extensions (that are
diff --git a/media-sound/banshee/Manifest b/media-sound/banshee/Manifest
index 1b016e91de13..18ff615f6cee 100644
--- a/media-sound/banshee/Manifest
+++ b/media-sound/banshee/Manifest
@@ -1,17 +1,9 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
AUX banshee-1.7.4-make-webkit-optional.patch 2151 RMD160 70ad41d04763a5023f9863809f3e35c77f103ada SHA1 6acad219469ee67ada7a89508fb639922db12e22 SHA256 5f5ceea4e09dd9f9dca776b9775d6998faa641c7daa8968241b9bbddd6f72ecf
+AUX banshee-1.8.0-fix-insecure-lib-path.patch 1684 RMD160 88bddc329fdbff28272958695bceedc2e50772e4 SHA1 d305db14af33e1eb78dae887c901797dc3e326ef SHA256 f59609159d20309f22bbd953f9e5058334629257e514b92129f3d175e18b0db8
DIST banshee-1-1.6.1.tar.bz2 3171776 RMD160 1fccab76a155bc04deac7bfc2278aeb8be387cdc SHA1 cf96ad0ed634d92652054a371883ecc427015384 SHA256 ff7f79a8b86a819cffe0ff88aa9f8ab9ea3e2fcc540f3c6e82bf150a505cacd0
DIST banshee-1-1.8.0.tar.bz2 3231763 RMD160 4568f84a8b2c2453a4b051d794c357a19c62d616 SHA1 cbd0f2828b54f05df6d88993c7770c0b6fc9ccde SHA256 321a5ee45c0e6b0df0e7767512ad5466773fb53dc0aaef491db0ec68377896af
EBUILD banshee-1.6.1.ebuild 3665 RMD160 058d1e6f40dd4fe4210fdd8d858b01d8b484bd66 SHA1 d316b6d0d0c52a84dde2e58eaef3cab508715732 SHA256 ae4e606bca0456d316bb78aa6798d69b00453d66d4652b83328bc7c1ff4504fb
+EBUILD banshee-1.8.0-r1.ebuild 4392 RMD160 e23bdca5efbda27842c391cc3232e70f1591fcee SHA1 6183a6aa2be96ce90bbd921b7ecdf2cffe2ef0e6 SHA256 44ae5d7fc22c8d34fb218338b443c0cf8289a2c681f8f884afb3b4109f8c20d6
EBUILD banshee-1.8.0.ebuild 4263 RMD160 365ab1a3c72a6678dfd9d21f3a7d1f15fefc9090 SHA1 aafb1ddbf1047d003b81f1c791b53d4f49b49fb1 SHA256 bc4dc833003d27b8b6978c3d44e72faffbbdfa7437aa8542ccf69859782097f5
-MISC ChangeLog 23713 RMD160 46c19a3648f8e5ce389790bbff742cfb5a350b8f SHA1 da59a1f7cfaffb8835ad9bf0dbbb9619b975aed6 SHA256 986401447100b057f4e4f91553919529622dca3dd28e7a938251fae6e3ddc0ae
+MISC ChangeLog 23956 RMD160 647b3c95da9c7948d5b9ba61bf764e762cf457f4 SHA1 c97c31dae360878764386e1df1488e098d60235c SHA256 71f68a991af2cd5060188223736cf86b6d91f2cdf953e903484b6d478ac247f2
MISC metadata.xml 820 RMD160 9196a8a47cff605fdc5a5cc5b0c39bb75dc1e445 SHA1 5b7dfcfac9be40a16e4952234fec096e7c70ce4d SHA256 3dcc4776c1d5214000a78022d63657a95d137899eaad3e6dce38567464681cc7
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.16 (GNU/Linux)
-
-iEYEARECAAYFAkzC8uYACgkQCaWpQKGI+9QGuwCeIBffBDu8YbkFwsxXtNfUvSOu
-p/cAn0xC1Eo8WS9HrKOhl3BNwFe5igjE
-=T1eC
------END PGP SIGNATURE-----
diff --git a/media-sound/banshee/banshee-1.8.0-r1.ebuild b/media-sound/banshee/banshee-1.8.0-r1.ebuild
new file mode 100644
index 000000000000..9959005f0792
--- /dev/null
+++ b/media-sound/banshee/banshee-1.8.0-r1.ebuild
@@ -0,0 +1,162 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/banshee-1.8.0-r1.ebuild,v 1.1 2010/11/15 05:34:04 ford_prefect Exp $
+
+EAPI=2
+
+inherit eutils autotools mono gnome2-utils fdo-mime versionator
+
+GVER=0.10.7
+
+DESCRIPTION="Import, organize, play, and share your music using a simple and powerful interface."
+HOMEPAGE="http://banshee-project.org"
+
+#BANSHEE_V2=$(get_version_component_range 2)
+#[[ $((${BANSHEE_V2} % 2)) -eq 0 ]] && RELTYPE=stable || RELTYPE=unstable
+#SRC_URI="http://download.banshee-project.org/${PN}/${RELTYPE}/${PV}/${PN}-1-${PV}.tar.bz2"
+SRC_URI="http://download.banshee-project.org/${PN}/stable/${PV}/${PN}-1-${PV}.tar.bz2"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="+aac +cdda boo daap doc +encode ipod karma mtp podcast test +web youtube"
+
+# Hal is required until upstream bug 612616 is solved
+RDEPEND=">=dev-lang/mono-2.4.3
+ gnome-base/gnome-settings-daemon
+ x11-themes/gnome-icon-theme
+ sys-apps/dbus
+ sys-apps/hal
+ >=dev-dotnet/gtk-sharp-2.12
+ >=dev-dotnet/gconf-sharp-2.24.0
+ >=dev-dotnet/notify-sharp-0.4.0_pre20080912-r1
+ >=media-libs/gstreamer-0.10.21-r3
+ >=media-libs/gst-plugins-base-0.10.25.2
+ >=media-libs/gst-plugins-bad-${GVER}
+ >=media-libs/gst-plugins-good-${GVER}
+ >=media-libs/gst-plugins-ugly-${GVER}
+ >=media-plugins/gst-plugins-meta-0.10-r2:0.10
+ >=media-plugins/gst-plugins-gnomevfs-${GVER}
+ >=media-plugins/gst-plugins-gconf-${GVER}
+ cdda? (
+ || (
+ >=media-plugins/gst-plugins-cdparanoia-${GVER}
+ >=media-plugins/gst-plugins-cdio-${GVER}
+ )
+ )
+ media-libs/musicbrainz:1
+ >=dev-dotnet/dbus-glib-sharp-0.4.1
+ >=dev-dotnet/dbus-sharp-0.6.1a
+ >=dev-dotnet/mono-addins-0.4[gtk]
+ >=dev-dotnet/taglib-sharp-2.0.3.7
+ >=dev-db/sqlite-3.4
+ karma? ( >=media-libs/libkarma-0.1.0-r1 )
+ aac? ( >=media-plugins/gst-plugins-faad-${GVER} )
+ boo? (
+ >=dev-lang/boo-0.8.1
+ )
+ daap? (
+ >=dev-dotnet/mono-zeroconf-0.8.0-r1
+ )
+ doc? (
+ virtual/monodoc
+ >=app-text/gnome-doc-utils-0.17.3
+ )
+ encode? (
+ >=media-plugins/gst-plugins-lame-${GVER}
+ >=media-plugins/gst-plugins-taglib-${GVER}
+ )
+ ipod? (
+ >=media-libs/libgpod-0.7.95[mono]
+ )
+ mtp? (
+ >=media-libs/libmtp-0.3.0
+ )
+ web? (
+ >=net-libs/webkit-gtk-1.2.2
+ >=net-libs/libsoup-2.26:2.4
+ >=net-libs/libsoup-gnome-2.26:2.4
+ )
+ youtube? (
+ >=dev-dotnet/google-gdata-sharp-1.4
+ )"
+
+DEPEND="${RDEPEND}
+ dev-util/pkgconfig"
+
+DOCS="AUTHORS ChangeLog HACKING NEWS README"
+
+S=${WORKDIR}/${PN}-1-${PV}
+
+src_prepare () {
+ # Fix intltool b0rkage similar to
+ # https://bugzilla.gnome.org/show_bug.cgi?id=577133
+ sed "s:'\^\$\$lang\$\$':\^\$\$lang\$\$:g" -i po/Makefile.in.in \
+ || die "sed failed"
+
+ # Fix security issue with LD_LIBRARY_PATH usage (bug #345567)
+ epatch "${FILESDIR}/${P}-fix-insecure-lib-path.patch"
+
+ epatch "${FILESDIR}/${PN}-1.7.4-make-webkit-optional.patch"
+ AT_M4DIR="-I build/m4/banshee -I build/m4/shamrock -I build/m4/shave" \
+ eautoreconf
+}
+
+src_configure() {
+ # Disable gio till gtk-sharp-beans and gio-sharp are in-tree
+ # Disable gio-hardware till gudev-sharp and gkeyfile-sharp are around
+ # for a bit longer (when these are in, we can drop HAL)
+ # Ditto gst-sharp
+ local myconf="--disable-dependency-tracking --disable-static
+ --enable-gnome --enable-schemas-install
+ --with-gconf-schema-file-dir=/etc/gconf/schemas
+ --with-vendor-build-id=Gentoo/${PN}/${PVR}
+ --enable-gapless-playback
+ --disable-gio --disable-gst-sharp
+ --disable-gio_hardware --enable-hal
+ --disable-torrent
+ --disable-shave"
+
+ econf \
+ $(use_enable doc docs) \
+ $(use_enable doc user-help) \
+ $(use_enable boo) \
+ $(use_enable mtp) \
+ $(use_enable daap) \
+ $(use_enable ipod appledevice) --disable-ipod \
+ $(use_enable podcast) \
+ $(use_enable karma) \
+ $(use_enable web webkit) \
+ $(use_enable youtube) \
+ ${myconf}
+}
+
+src_compile() {
+ emake MCS=/usr/bin/gmcs
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install efailed"
+ find "${D}" -name '*.la' -delete
+}
+
+pkg_preinst() {
+ gnome2_icon_savelist
+}
+
+pkg_postinst() {
+ ewarn
+ ewarn "If ${PN} doesn't play some format, please check your"
+ ewarn "USE flags on media-plugins/gst-plugins-meta"
+ ewarn
+
+ fdo-mime_desktop_database_update
+ fdo-mime_mime_database_update
+ gnome2_icon_cache_update
+}
+
+pkg_postrm() {
+ fdo-mime_desktop_database_update
+ fdo-mime_mime_database_update
+ gnome2_icon_cache_update
+}
diff --git a/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch
new file mode 100644
index 000000000000..5c400124098c
--- /dev/null
+++ b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch
@@ -0,0 +1,31 @@
+From 835c37e99196303195c88932169b73e975115e52 Mon Sep 17 00:00:00 2001
+From: Aaron Bockover <abockover@novell.com>
+Date: Wed, 20 Oct 2010 16:22:40 +0000
+Subject: Fix insecure LD_LIBRARY_PATH (bnc#642505)
+
+A vulnerability existed where if LD_LIBRARY_PATH were set but empty, a
+trailing : as a path separator would still be appended to the path,
+exposing an insecure/invalid search path. GST_PLUGINS_PATH was similarly
+vulnerable.
+
+Using :+: instead of +: prevents this as ${X:+:$X} returns X iff X is
+set and not empty whereas ${X+:$X} returns X iff X is set (it may be
+empty).
+---
+diff --git a/src/Clients/Booter/banshee-1.linux.in b/src/Clients/Booter/banshee-1.linux.in
+index 9009797..11e8ccd 100644
+--- a/src/Clients/Booter/banshee-1.linux.in
++++ b/src/Clients/Booter/banshee-1.linux.in
+@@ -7,8 +7,8 @@ MONO_EXE="@expanded_libdir@/@PACKAGE@/$exec_asm"
+ BANSHEE_EXEC_NAME=$(basename $0)
+ BANSHEE_CONFIG_DIR="${XDG_CONFIG_HOME:-$HOME/.config}/banshee-1"
+
+-export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}
+-export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH+:$GST_PLUGIN_PATH}
++export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
++export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH:+:$GST_PLUGIN_PATH}
+ if [ $BANSHEE_EXEC_NAME = "muinshee" ]; then
+ BANSHEE_CLIENT="Muinshee"
+ export MONO_PATH=@expanded_libdir@/@PACKAGE@/Extensions
+--
+cgit v0.8.3.1