diff options
author | Arun Raghavan <ford_prefect@gentoo.org> | 2010-11-15 05:34:04 +0000 |
---|---|---|
committer | Arun Raghavan <ford_prefect@gentoo.org> | 2010-11-15 05:34:04 +0000 |
commit | 8de10ee39874466606bf2896a8e1efb7a5ad3177 (patch) | |
tree | b9b188675a55c19ce4dbe236c1e9fbe78a8f65fb /media-sound | |
parent | Version bump. (diff) | |
download | historical-8de10ee39874466606bf2896a8e1efb7a5ad3177.tar.gz historical-8de10ee39874466606bf2896a8e1efb7a5ad3177.tar.bz2 historical-8de10ee39874466606bf2896a8e1efb7a5ad3177.zip |
Bump to -r1 to fix insecure LD_LIBRARY_PATH usage (bug #345567).
Package-Manager: portage-2.2.0_alpha3/cvs/Linux x86_64
Diffstat (limited to 'media-sound')
-rw-r--r-- | media-sound/banshee/ChangeLog | 9 | ||||
-rw-r--r-- | media-sound/banshee/Manifest | 14 | ||||
-rw-r--r-- | media-sound/banshee/banshee-1.8.0-r1.ebuild | 162 | ||||
-rw-r--r-- | media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch | 31 |
4 files changed, 204 insertions, 12 deletions
diff --git a/media-sound/banshee/ChangeLog b/media-sound/banshee/ChangeLog index d042b31df8d9..d38062b6e80b 100644 --- a/media-sound/banshee/ChangeLog +++ b/media-sound/banshee/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for media-sound/banshee # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/ChangeLog,v 1.123 2010/10/23 14:36:16 pacho Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/ChangeLog,v 1.124 2010/11/15 05:34:04 ford_prefect Exp $ + +*banshee-1.8.0-r1 (15 Nov 2010) + + 15 Nov 2010; Arun Raghavan <ford_prefect@gentoo.org> + +banshee-1.8.0-r1.ebuild, + +files/banshee-1.8.0-fix-insecure-lib-path.patch: + Bump to -r1 to fix insecure LD_LIBRARY_PATH usage (bug #345567). 23 Oct 2010; Pacho Ramos <pacho@gentoo.org> banshee-1.8.0.ebuild: Enable 'web' by default as needed by community extensions (that are diff --git a/media-sound/banshee/Manifest b/media-sound/banshee/Manifest index 1b016e91de13..18ff615f6cee 100644 --- a/media-sound/banshee/Manifest +++ b/media-sound/banshee/Manifest @@ -1,17 +1,9 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - AUX banshee-1.7.4-make-webkit-optional.patch 2151 RMD160 70ad41d04763a5023f9863809f3e35c77f103ada SHA1 6acad219469ee67ada7a89508fb639922db12e22 SHA256 5f5ceea4e09dd9f9dca776b9775d6998faa641c7daa8968241b9bbddd6f72ecf +AUX banshee-1.8.0-fix-insecure-lib-path.patch 1684 RMD160 88bddc329fdbff28272958695bceedc2e50772e4 SHA1 d305db14af33e1eb78dae887c901797dc3e326ef SHA256 f59609159d20309f22bbd953f9e5058334629257e514b92129f3d175e18b0db8 DIST banshee-1-1.6.1.tar.bz2 3171776 RMD160 1fccab76a155bc04deac7bfc2278aeb8be387cdc SHA1 cf96ad0ed634d92652054a371883ecc427015384 SHA256 ff7f79a8b86a819cffe0ff88aa9f8ab9ea3e2fcc540f3c6e82bf150a505cacd0 DIST banshee-1-1.8.0.tar.bz2 3231763 RMD160 4568f84a8b2c2453a4b051d794c357a19c62d616 SHA1 cbd0f2828b54f05df6d88993c7770c0b6fc9ccde SHA256 321a5ee45c0e6b0df0e7767512ad5466773fb53dc0aaef491db0ec68377896af EBUILD banshee-1.6.1.ebuild 3665 RMD160 058d1e6f40dd4fe4210fdd8d858b01d8b484bd66 SHA1 d316b6d0d0c52a84dde2e58eaef3cab508715732 SHA256 ae4e606bca0456d316bb78aa6798d69b00453d66d4652b83328bc7c1ff4504fb +EBUILD banshee-1.8.0-r1.ebuild 4392 RMD160 e23bdca5efbda27842c391cc3232e70f1591fcee SHA1 6183a6aa2be96ce90bbd921b7ecdf2cffe2ef0e6 SHA256 44ae5d7fc22c8d34fb218338b443c0cf8289a2c681f8f884afb3b4109f8c20d6 EBUILD banshee-1.8.0.ebuild 4263 RMD160 365ab1a3c72a6678dfd9d21f3a7d1f15fefc9090 SHA1 aafb1ddbf1047d003b81f1c791b53d4f49b49fb1 SHA256 bc4dc833003d27b8b6978c3d44e72faffbbdfa7437aa8542ccf69859782097f5 -MISC ChangeLog 23713 RMD160 46c19a3648f8e5ce389790bbff742cfb5a350b8f SHA1 da59a1f7cfaffb8835ad9bf0dbbb9619b975aed6 SHA256 986401447100b057f4e4f91553919529622dca3dd28e7a938251fae6e3ddc0ae +MISC ChangeLog 23956 RMD160 647b3c95da9c7948d5b9ba61bf764e762cf457f4 SHA1 c97c31dae360878764386e1df1488e098d60235c SHA256 71f68a991af2cd5060188223736cf86b6d91f2cdf953e903484b6d478ac247f2 MISC metadata.xml 820 RMD160 9196a8a47cff605fdc5a5cc5b0c39bb75dc1e445 SHA1 5b7dfcfac9be40a16e4952234fec096e7c70ce4d SHA256 3dcc4776c1d5214000a78022d63657a95d137899eaad3e6dce38567464681cc7 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.16 (GNU/Linux) - -iEYEARECAAYFAkzC8uYACgkQCaWpQKGI+9QGuwCeIBffBDu8YbkFwsxXtNfUvSOu -p/cAn0xC1Eo8WS9HrKOhl3BNwFe5igjE -=T1eC ------END PGP SIGNATURE----- diff --git a/media-sound/banshee/banshee-1.8.0-r1.ebuild b/media-sound/banshee/banshee-1.8.0-r1.ebuild new file mode 100644 index 000000000000..9959005f0792 --- /dev/null +++ b/media-sound/banshee/banshee-1.8.0-r1.ebuild @@ -0,0 +1,162 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-sound/banshee/banshee-1.8.0-r1.ebuild,v 1.1 2010/11/15 05:34:04 ford_prefect Exp $ + +EAPI=2 + +inherit eutils autotools mono gnome2-utils fdo-mime versionator + +GVER=0.10.7 + +DESCRIPTION="Import, organize, play, and share your music using a simple and powerful interface." +HOMEPAGE="http://banshee-project.org" + +#BANSHEE_V2=$(get_version_component_range 2) +#[[ $((${BANSHEE_V2} % 2)) -eq 0 ]] && RELTYPE=stable || RELTYPE=unstable +#SRC_URI="http://download.banshee-project.org/${PN}/${RELTYPE}/${PV}/${PN}-1-${PV}.tar.bz2" +SRC_URI="http://download.banshee-project.org/${PN}/stable/${PV}/${PN}-1-${PV}.tar.bz2" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+aac +cdda boo daap doc +encode ipod karma mtp podcast test +web youtube" + +# Hal is required until upstream bug 612616 is solved +RDEPEND=">=dev-lang/mono-2.4.3 + gnome-base/gnome-settings-daemon + x11-themes/gnome-icon-theme + sys-apps/dbus + sys-apps/hal + >=dev-dotnet/gtk-sharp-2.12 + >=dev-dotnet/gconf-sharp-2.24.0 + >=dev-dotnet/notify-sharp-0.4.0_pre20080912-r1 + >=media-libs/gstreamer-0.10.21-r3 + >=media-libs/gst-plugins-base-0.10.25.2 + >=media-libs/gst-plugins-bad-${GVER} + >=media-libs/gst-plugins-good-${GVER} + >=media-libs/gst-plugins-ugly-${GVER} + >=media-plugins/gst-plugins-meta-0.10-r2:0.10 + >=media-plugins/gst-plugins-gnomevfs-${GVER} + >=media-plugins/gst-plugins-gconf-${GVER} + cdda? ( + || ( + >=media-plugins/gst-plugins-cdparanoia-${GVER} + >=media-plugins/gst-plugins-cdio-${GVER} + ) + ) + media-libs/musicbrainz:1 + >=dev-dotnet/dbus-glib-sharp-0.4.1 + >=dev-dotnet/dbus-sharp-0.6.1a + >=dev-dotnet/mono-addins-0.4[gtk] + >=dev-dotnet/taglib-sharp-2.0.3.7 + >=dev-db/sqlite-3.4 + karma? ( >=media-libs/libkarma-0.1.0-r1 ) + aac? ( >=media-plugins/gst-plugins-faad-${GVER} ) + boo? ( + >=dev-lang/boo-0.8.1 + ) + daap? ( + >=dev-dotnet/mono-zeroconf-0.8.0-r1 + ) + doc? ( + virtual/monodoc + >=app-text/gnome-doc-utils-0.17.3 + ) + encode? ( + >=media-plugins/gst-plugins-lame-${GVER} + >=media-plugins/gst-plugins-taglib-${GVER} + ) + ipod? ( + >=media-libs/libgpod-0.7.95[mono] + ) + mtp? ( + >=media-libs/libmtp-0.3.0 + ) + web? ( + >=net-libs/webkit-gtk-1.2.2 + >=net-libs/libsoup-2.26:2.4 + >=net-libs/libsoup-gnome-2.26:2.4 + ) + youtube? ( + >=dev-dotnet/google-gdata-sharp-1.4 + )" + +DEPEND="${RDEPEND} + dev-util/pkgconfig" + +DOCS="AUTHORS ChangeLog HACKING NEWS README" + +S=${WORKDIR}/${PN}-1-${PV} + +src_prepare () { + # Fix intltool b0rkage similar to + # https://bugzilla.gnome.org/show_bug.cgi?id=577133 + sed "s:'\^\$\$lang\$\$':\^\$\$lang\$\$:g" -i po/Makefile.in.in \ + || die "sed failed" + + # Fix security issue with LD_LIBRARY_PATH usage (bug #345567) + epatch "${FILESDIR}/${P}-fix-insecure-lib-path.patch" + + epatch "${FILESDIR}/${PN}-1.7.4-make-webkit-optional.patch" + AT_M4DIR="-I build/m4/banshee -I build/m4/shamrock -I build/m4/shave" \ + eautoreconf +} + +src_configure() { + # Disable gio till gtk-sharp-beans and gio-sharp are in-tree + # Disable gio-hardware till gudev-sharp and gkeyfile-sharp are around + # for a bit longer (when these are in, we can drop HAL) + # Ditto gst-sharp + local myconf="--disable-dependency-tracking --disable-static + --enable-gnome --enable-schemas-install + --with-gconf-schema-file-dir=/etc/gconf/schemas + --with-vendor-build-id=Gentoo/${PN}/${PVR} + --enable-gapless-playback + --disable-gio --disable-gst-sharp + --disable-gio_hardware --enable-hal + --disable-torrent + --disable-shave" + + econf \ + $(use_enable doc docs) \ + $(use_enable doc user-help) \ + $(use_enable boo) \ + $(use_enable mtp) \ + $(use_enable daap) \ + $(use_enable ipod appledevice) --disable-ipod \ + $(use_enable podcast) \ + $(use_enable karma) \ + $(use_enable web webkit) \ + $(use_enable youtube) \ + ${myconf} +} + +src_compile() { + emake MCS=/usr/bin/gmcs +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install efailed" + find "${D}" -name '*.la' -delete +} + +pkg_preinst() { + gnome2_icon_savelist +} + +pkg_postinst() { + ewarn + ewarn "If ${PN} doesn't play some format, please check your" + ewarn "USE flags on media-plugins/gst-plugins-meta" + ewarn + + fdo-mime_desktop_database_update + fdo-mime_mime_database_update + gnome2_icon_cache_update +} + +pkg_postrm() { + fdo-mime_desktop_database_update + fdo-mime_mime_database_update + gnome2_icon_cache_update +} diff --git a/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch new file mode 100644 index 000000000000..5c400124098c --- /dev/null +++ b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch @@ -0,0 +1,31 @@ +From 835c37e99196303195c88932169b73e975115e52 Mon Sep 17 00:00:00 2001 +From: Aaron Bockover <abockover@novell.com> +Date: Wed, 20 Oct 2010 16:22:40 +0000 +Subject: Fix insecure LD_LIBRARY_PATH (bnc#642505) + +A vulnerability existed where if LD_LIBRARY_PATH were set but empty, a +trailing : as a path separator would still be appended to the path, +exposing an insecure/invalid search path. GST_PLUGINS_PATH was similarly +vulnerable. + +Using :+: instead of +: prevents this as ${X:+:$X} returns X iff X is +set and not empty whereas ${X+:$X} returns X iff X is set (it may be +empty). +--- +diff --git a/src/Clients/Booter/banshee-1.linux.in b/src/Clients/Booter/banshee-1.linux.in +index 9009797..11e8ccd 100644 +--- a/src/Clients/Booter/banshee-1.linux.in ++++ b/src/Clients/Booter/banshee-1.linux.in +@@ -7,8 +7,8 @@ MONO_EXE="@expanded_libdir@/@PACKAGE@/$exec_asm" + BANSHEE_EXEC_NAME=$(basename $0) + BANSHEE_CONFIG_DIR="${XDG_CONFIG_HOME:-$HOME/.config}/banshee-1" + +-export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH} +-export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH+:$GST_PLUGIN_PATH} ++export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH} ++export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH:+:$GST_PLUGIN_PATH} + if [ $BANSHEE_EXEC_NAME = "muinshee" ]; then + BANSHEE_CLIENT="Muinshee" + export MONO_PATH=@expanded_libdir@/@PACKAGE@/Extensions +-- +cgit v0.8.3.1 |