nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: gajim: Update to 0.16.8. 

* gnu/packages/messaging.scm (gajim): Update to 0.16.8.
[source]: Remove patch.
* gnu/packages/patches/gajim-CVE-2016-10376.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
Arun Isaac 2017-07-03 18:11:49 +05:30
parent 296bf4d5ab
commit 0545e43a91
No known key found for this signature in database
GPG Key ID: 2E25EE8B61802BB3
3 changed files with 2 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -601,7 +601,6 @@ dist_patch_DATA = \
%D%/packages/patches/freetype-CVE-2017-8105.patch \
%D%/packages/patches/freetype-CVE-2017-8287.patch \
%D%/packages/patches/fuse-overlapping-headers.patch \
%D%/packages/patches/gajim-CVE-2016-10376.patch \
%D%/packages/patches/gawk-shell.patch \
%D%/packages/patches/gcc-arm-bug-71399.patch \
%D%/packages/patches/gcc-arm-link-spec-fix.patch \

6
gnu/packages/messaging.scm
View File

@ -487,17 +487,15 @@ was initially a fork of xmpppy, but uses non-blocking sockets.")
(define-public gajim
(package
(name "gajim")
(version "0.16.7")
(version "0.16.8")
(source (origin
(method url-fetch)
(uri (string-append "https://gajim.org/downloads/"
(version-major+minor version)
"/gajim-" version ".tar.bz2"))
(patches
(search-patches "gajim-CVE-2016-10376.patch"))
(sha256
(base32
"13sxz0hpvyj2yvcbsfqq9yn0hp1d1zsxsj40r0v16jlibha5da9n"))))
"0ckakdjg30fsyjsgyy2573x9nmjivdg76y049l86wns5axw8im26"))))
(build-system gnu-build-system)
(arguments
`(#:phases

57
gnu/packages/patches/gajim-CVE-2016-10376.patch
View File

@ -1,57 +0,0 @@
Fix CVE-2016-10376.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10376
http://seclists.org/oss-sec/2017/q2/341
https://dev.gajim.org/gajim/gajim/issues/8378
Patch copied from upstream source repository:
https://dev.gajim.org/gajim/gajim/commit/cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc
(adapted for context in config.py)
From cb65cfc5aed9efe05208ebbb7fb2d41fcf7253cc Mon Sep 17 00:00:00 2001
From: Philipp Hörist <forenjunkie@chello.at>
Date: Fri, 26 May 2017 23:10:05 +0200
Subject: [PATCH] Add config option to activate XEP-0146 commands
Some of the Commands have security implications, thats why we disable them per default
Fixes #8378
---
src/common/commands.py | 7 ++++---
src/common/config.py | 1 +
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/common/commands.py b/src/common/commands.py
index 19d8c13..0eeb57c 100644
--- a/src/common/commands.py
+++ b/src/common/commands.py
@@ -345,9 +345,10 @@ class ConnectionCommands:
def __init__(self):
# a list of all commands exposed: node -> command class
self.__commands = {}
- for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
- LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
- self.__commands[cmdobj.commandnode] = cmdobj
+ if gajim.config.get('remote_commands'):
+ for cmdobj in (ChangeStatusCommand, ForwardMessagesCommand,
+ LeaveGroupchatsCommand, FwdMsgThenDisconnectCommand):
+ self.__commands[cmdobj.commandnode] = cmdobj
# a list of sessions; keys are tuples (jid, sessionid, node)
self.__sessions = {}
diff --git a/src/common/config.py b/src/common/config.py
index cde1f81..fe25455 100644
--- a/src/common/config.py
+++ b/src/common/config.py
@@ -314,6 +314,7 @@ class Config:
'ignore_incoming_attention': [opt_bool, False, _('If True, Gajim will ignore incoming attention requestd ("wizz").')],
'remember_opened_chat_controls': [ opt_bool, True, _('If enabled, Gajim will reopen chat windows that were opened last time Gajim was closed.')],
'positive_184_ack': [ opt_bool, False, _('If enabled, Gajim will show an icon to show that sent message has been received by your contact')],
+ 'remote_commands': [opt_bool, False, _('If True, Gajim will execute XEP-0146 Commands.')],
}, {})
__options_per_key = {
--
libgit2 0.24.0