Summary: | Version Bump net-misc/clipgrab-3.0.2 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Christian Schafmeister <schafm> |
Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | bughunter, mail |
Priority: | High | Keywords: | InVCS |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://clipgrab.de | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
net-misc/clipgrab-3.0.2.ebuild
Removes the obey function which could get a security issue Updated ebuild to patch the sources (to remove the obey function) Version bump again Updated patch to remove obey function |
Description
Christian Schafmeister
2009-11-06 00:02:34 UTC
Created attachment 209380 [details]
net-misc/clipgrab-3.0.2.ebuild
I haven't looked into the 3.0.2 sources yet, but please consider http://bugs.gentoo.org/show_bug.cgi?id=289636 before committing. The file obeyator.cpp doesn't exist anymore in the clipgrab source package. So perhaps the part which has been discussed under security issues in http://bugs.gentoo.org/show_bug.cgi?id=289636 has been removed or is part of another source file. I have to correct my previous post. The obeyator stuff is now part of clipgrab.cpp (function obey). I'll take a further look into the code and try to patch the part. Created attachment 209418 [details]
Removes the obey function which could get a security issue
Created attachment 209419 [details]
Updated ebuild to patch the sources (to remove the obey function)
I made a patch to remove the remote calling stuff , already discussed in http://bugs.gentoo.org/show_bug.cgi?id=289636 . 3.0.2 is not downloadable anymore, instead one has to use 3.0.5. I'll attach an updated ebuild, as well as patch... Created attachment 215554 [details]
Version bump again
Updated ebuild
Created attachment 215555 [details, diff]
Updated patch to remove obey function
Hi, bump again. Now it is 3.0.6.6. Regards Is a maintainer still needed? I can try to do this, if I get a little help from the gentoo maintainer crowd. Just give me a hint, where to get information and in touch with the relevant people here... (anything else than IRQ?) Yes a maintainer is needed here. You can proxy maintain this package with me. Just add your new ebuild+patches here and I will do the commits for you. Documentation regarding the ebuilds can be found here http://devmanual.gentoo.org Fixed in main tree during virtual/ffmpeg move. |