124308 – POPFile 0.22.4 version bump

Bug 124308 - POPFile 0.22.4 version bump

Summary: POPFile 0.22.4 version bump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Stuart Herbert (RETIRED)

URL:	http://popfile.sourceforge.net
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-02-27 14:52 UTC by Lasse Bigum
Modified:	2006-05-31 00:13 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
popfile-0.22.4.ebuild (popfile-0.22.4.ebuild,1.58 KB, text/plain) 2006-02-27 14:57 UTC, Lasse Bigum	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Lasse Bigum 2006-02-27 14:52:17 UTC

Bumped the ebuild of POPFile to v0.22.4, and changed the ebuild some to accomodate the extra stuff one can use with POPFile.

Has not been tested extensively with the use-flags, and then only on x86, but I'm leaving the ~ppc as it seems it will run fine on PPC as well (the old ebuilds did at least)

Comment 1 Lasse Bigum 2006-02-27 14:57:57 UTC

Created attachment 80860 [details]
popfile-0.22.4.ebuild

Comment 2 Michael Cummings (RETIRED) gentoo-dev

2006-02-27 15:46:22 UTC

I know what I said on irc - but i think i was wrong(!). In re-reading this block:

	ssl? (
	    dev-libs/openssl
		!=dev-perl/IO-Socket-SSL-0.97
	    dev-perl/Net-SSLeay
	)
it strikes me that although we've avoided the 'bad' IO-Socket-SSL, we also haven't installed a better one...is the problem a conflict with IO::S::SSL-0.97 or just the general presence of IO::S::SSL?

Comment 3 Stuart Herbert (RETIRED) gentoo-dev

2006-02-28 00:14:25 UTC

Any advice greatfully received.  Perl's definitely not my strong point :)

Many thanks,
Stu

Comment 4 Torsten Veller (RETIRED) gentoo-dev

2006-05-03 12:02:56 UTC

From the Release Notes <http://sourceforge.net/project/shownotes.php?release_id=395653&group_id=63137>:

| This version is a bug fix release and contains an important security
| related bug fix. It is a highly recommended upgrade because of the
| problem described in #1 below.
| 
| WHAT'S CHANGED SINCE v0.22.3
| 
| 1. A bug in the handling of the charset in an email could be exploited
|    to cause POPFile to crash when downloading messages.

If the versions in the tree are affected, we should do something soon.

Comment 5 Lasse Bigum 2006-05-03 13:54:21 UTC

(In reply to comment #2)
> I know what I said on irc - but i think i was wrong(!).

Sorry, been too long, don't remember this anymore, and didn't see the comment when you posted it :)

> In re-reading this block:
> 
>         ssl? (
>             dev-libs/openssl
>                 !=dev-perl/IO-Socket-SSL-0.97
>             dev-perl/Net-SSLeay
>         )
> it strikes me that although we've avoided the 'bad' IO-Socket-SSL, we also
> haven't installed a better one...is the problem a conflict with IO::S::SSL-0.97
> or just the general presence of IO::S::SSL?

It's just a problem with 0.97 it seems: http://popfile.sourceforge.net/cgi-bin/wiki.pl?FrequentlyAskedQuestions/SSL

Comment 6 Stuart Herbert (RETIRED) gentoo-dev

2006-05-31 00:13:56 UTC

Many thanks.  I've added this ebuild into the tree.  It should appear on your local rsync mirror in around one hour's time.

Best regards,
Stu