diff options
author | Daniel Gryniewicz <dang@gentoo.org> | 2009-02-24 16:59:08 +0000 |
---|---|---|
committer | Daniel Gryniewicz <dang@gentoo.org> | 2009-02-24 16:59:08 +0000 |
commit | 54d6b46ce231312b46c98cc99d25fb1552eca468 (patch) | |
tree | 52b2420dd70a995cfa9fc1370f1a23a185406bee /www-client | |
parent | whitespace (diff) | |
download | gentoo-2-54d6b46ce231312b46c98cc99d25fb1552eca468.tar.gz gentoo-2-54d6b46ce231312b46c98cc99d25fb1552eca468.tar.bz2 gentoo-2-54d6b46ce231312b46c98cc99d25fb1552eca468.zip |
Sanitize python path. bug #257000
(Portage version: 2.1.6.7/cvs/Linux x86_64)
Diffstat (limited to 'www-client')
-rw-r--r-- | www-client/epiphany/ChangeLog | 10 | ||||
-rw-r--r-- | www-client/epiphany/epiphany-2.22.3-r12.ebuild | 83 | ||||
-rw-r--r-- | www-client/epiphany/epiphany-2.22.3-r2.ebuild | 99 | ||||
-rw-r--r-- | www-client/epiphany/files/epiphany-2.22.3-CVE-2008-5985.patch | 11 |
4 files changed, 202 insertions, 1 deletions
diff --git a/www-client/epiphany/ChangeLog b/www-client/epiphany/ChangeLog index 1918757ee29a..74eb42fc4916 100644 --- a/www-client/epiphany/ChangeLog +++ b/www-client/epiphany/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for www-client/epiphany # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-client/epiphany/ChangeLog,v 1.192 2009/02/11 08:49:20 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-client/epiphany/ChangeLog,v 1.193 2009/02/24 16:59:08 dang Exp $ + +*epiphany-2.22.3-r12 (24 Feb 2009) +*epiphany-2.22.3-r2 (24 Feb 2009) + + 24 Feb 2009; Daniel Gryniewicz <dang@gentoo.org> + +files/epiphany-2.22.3-CVE-2008-5985.patch, +epiphany-2.22.3-r2.ebuild, + +epiphany-2.22.3-r12.ebuild: + Sanitize python path. bug #257000 11 Feb 2009; Alexis Ballier <aballier@gentoo.org> epiphany-2.24.3.ebuild: keyword ~x86-fbsd diff --git a/www-client/epiphany/epiphany-2.22.3-r12.ebuild b/www-client/epiphany/epiphany-2.22.3-r12.ebuild new file mode 100644 index 000000000000..1b6d9e9c2482 --- /dev/null +++ b/www-client/epiphany/epiphany-2.22.3-r12.ebuild @@ -0,0 +1,83 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-client/epiphany/epiphany-2.22.3-r12.ebuild,v 1.1 2009/02/24 16:59:08 dang Exp $ + +inherit gnome2 eutils multilib + +DESCRIPTION="GNOME webbrowser based on the mozilla rendering engine" +HOMEPAGE="http://www.gnome.org/projects/epiphany/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86" +IUSE="avahi doc networkmanager python spell" + +# This revision is meant to work with xulrunner 1.9, an earlier revision +# is the earlier stable candidate against xulrunner-1.8 and co. + +RDEPEND=">=dev-libs/glib-2.16.0 + >=x11-libs/gtk+-2.12.0 + >=dev-libs/libxml2-2.6.12 + >=dev-libs/libxslt-1.1.7 + >=gnome-base/libglade-2.3.1 + >=gnome-base/libgnome-2.14 + >=gnome-base/libgnomeui-2.14 + >=gnome-base/gnome-desktop-2.9.91 + >=x11-libs/startup-notification-0.5 + >=x11-libs/libnotify-0.4 + >=dev-libs/dbus-glib-0.71 + >=gnome-base/gconf-2 + >=app-text/iso-codes-0.35 + avahi? ( >=net-dns/avahi-0.6.22 ) + networkmanager? ( net-misc/networkmanager ) + =net-libs/xulrunner-1.9* + python? ( + >=dev-lang/python-2.3 + >=dev-python/pygtk-2.7.1 + >=dev-python/gnome-python-2.6 + ) + spell? ( app-text/enchant ) + x11-themes/gnome-icon-theme" +DEPEND="${RDEPEND} + app-text/scrollkeeper + >=dev-util/pkgconfig-0.9 + >=dev-util/intltool-0.35 + >=app-text/gnome-doc-utils-0.3.2 + doc? ( >=dev-util/gtk-doc-1 )" + +DOCS="AUTHORS ChangeLog* HACKING MAINTAINERS NEWS README TODO" + +pkg_setup() { + G2CONF="${G2CONF} + --disable-scrollkeeper + --with-gecko=libxul-embedding + --enable-certificate-manager + --with-distributor-name=Gentoo + $(use_enable avahi zeroconf) + $(use_enable networkmanager network-manager) + $(use_enable spell spell-checker) + $(use_enable python)" +} + +src_unpack() { + gnome2_src_unpack + + # fix libnotify crasher (bug #250031) + epatch "${FILESDIR}/${P}-notify-crash-fix.patch" + + # sanitize python path. bug #257000 + epatch "${FILESDIR}"/${P}-CVE-2008-5985.patch +} + +src_compile() { + addpredict /usr/$(get_libdir)/xulrunner-1.9/components/xpti.dat + addpredict /usr/$(get_libdir)/xulrunner-1.9/components/xpti.dat.tmp + addpredict /usr/$(get_libdir)/xulrunner-1.9/components/compreg.dat.tmp + + # Why are these write-opened per bug #228589 and bug #253043 + addpredict /usr/$(get_libdir)/mozilla/components/xpti.dat + addpredict /usr/$(get_libdir)/mozilla/components/xpti.dat.tmp + addpredict /usr/$(get_libdir)/mozilla/components/compreg.dat.tmp + + gnome2_src_compile +} diff --git a/www-client/epiphany/epiphany-2.22.3-r2.ebuild b/www-client/epiphany/epiphany-2.22.3-r2.ebuild new file mode 100644 index 000000000000..b6fd03fefd79 --- /dev/null +++ b/www-client/epiphany/epiphany-2.22.3-r2.ebuild @@ -0,0 +1,99 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-client/epiphany/epiphany-2.22.3-r2.ebuild,v 1.1 2009/02/24 16:59:08 dang Exp $ + +inherit gnome2 eutils multilib + +DESCRIPTION="GNOME webbrowser based on the mozilla rendering engine" +HOMEPAGE="http://www.gnome.org/projects/epiphany/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="avahi doc networkmanager python spell xulrunner" + +# This release should work with xulrunner 1.9, but this revision is a +# stable candidate, so stick with 1.8 here. +# xulrunner-1.9 can be achieved via --with-engine=xulrunner, while +# --with-engine=mozilla goes with 1.8 + +RDEPEND=">=dev-libs/glib-2.16.0 + >=x11-libs/gtk+-2.12.0 + >=dev-libs/libxml2-2.6.12 + >=dev-libs/libxslt-1.1.7 + >=gnome-base/libglade-2.3.1 + >=gnome-base/libgnome-2.14 + >=gnome-base/libgnomeui-2.14 + >=gnome-base/gnome-desktop-2.9.91 + >=x11-libs/startup-notification-0.5 + >=x11-libs/libnotify-0.4 + >=dev-libs/dbus-glib-0.71 + >=gnome-base/gconf-2 + >=app-text/iso-codes-0.35 + avahi? ( >=net-dns/avahi-0.6.22 ) + networkmanager? ( net-misc/networkmanager ) + !xulrunner? ( =www-client/mozilla-firefox-2* ) + xulrunner? ( =net-libs/xulrunner-1.8* ) + python? ( + >=dev-lang/python-2.3 + >=dev-python/pygtk-2.7.1 + >=dev-python/gnome-python-2.6 + ) + spell? ( app-text/enchant ) + x11-themes/gnome-icon-theme" +DEPEND="${RDEPEND} + app-text/scrollkeeper + >=dev-util/pkgconfig-0.9 + >=dev-util/intltool-0.35 + >=app-text/gnome-doc-utils-0.3.2 + doc? ( >=dev-util/gtk-doc-1 )" + +DOCS="AUTHORS ChangeLog* HACKING MAINTAINERS NEWS README TODO" + +pkg_setup() { + G2CONF="${G2CONF} + --disable-scrollkeeper + --with-engine=mozilla + --enable-certificate-manager + --with-distributor-name=Gentoo + $(use_enable avahi zeroconf) + $(use_enable networkmanager network-manager) + $(use_enable spell spell-checker) + $(use_enable python)" + + if use xulrunner; then + G2CONF="${G2CONF} --with-gecko=xulrunner" + else + G2CONF="${G2CONF} --with-gecko=firefox" + fi +} + +src_unpack() { + gnome2_src_unpack + + # build fix with firefox 2.0 (bug #230834) + epatch "${FILESDIR}/${P}-firefox2.0-header-fix.patch" + + # fix libnotify crasher (bug #250031) + epatch "${FILESDIR}/${P}-notify-crash-fix.patch" + + # sanitize python path. bug #257000 + epatch "${FILESDIR}"/${P}-CVE-2008-5985.patch +} + +src_compile() { + addpredict /usr/$(get_libdir)/mozilla-firefox/components/xpti.dat + addpredict /usr/$(get_libdir)/mozilla-firefox/components/xpti.dat.tmp + addpredict /usr/$(get_libdir)/mozilla-firefox/components/compreg.dat.tmp + + addpredict /usr/$(get_libdir)/xulrunner/components/xpti.dat + addpredict /usr/$(get_libdir)/xulrunner/components/xpti.dat.tmp + addpredict /usr/$(get_libdir)/xulrunner/components/compreg.dat.tmp + + # Why are these write-opened per bug #228589 and bug #253043 + addpredict /usr/$(get_libdir)/mozilla/components/xpti.dat + addpredict /usr/$(get_libdir)/mozilla/components/xpti.dat.tmp + addpredict /usr/$(get_libdir)/mozilla/components/compreg.dat.tmp + + gnome2_src_compile +} diff --git a/www-client/epiphany/files/epiphany-2.22.3-CVE-2008-5985.patch b/www-client/epiphany/files/epiphany-2.22.3-CVE-2008-5985.patch new file mode 100644 index 000000000000..1f4a12e8fa0e --- /dev/null +++ b/www-client/epiphany/files/epiphany-2.22.3-CVE-2008-5985.patch @@ -0,0 +1,11 @@ +--- epiphany-browser-2.22.3.orig/src/ephy-python.c ++++ epiphany-browser-2.22.3/src/ephy-python.c +@@ -51,6 +51,8 @@ + + argv[0] = g_get_prgname (); + PySys_SetArgv (1, argv); ++ /* Sanitize sys.path */ ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); + + init_pygobject (); + init_pygtk (); |