From 787bc00c5e1d830b25b7828b3a34cf067adba6896fdd3a59823a85d8e028e62d Mon Sep 17 00:00:00 2001 From: Malcolm Lewis Date: Thu, 15 Sep 2022 12:19:28 +0000 Subject: [PATCH] Accepting request 1003835 from home:malcolmlewis:branches:GNOME:Apps - Update to version 0.99.49+3: * Legacy_canonicalize_filename: manage empty filename, (gh#giuspen/cherrytree#2118) * added command line option '--anchor AnchorName' that in addition to existing '--node NodeName' allows to open a document focusing an anchor in a node. * Changed non configurable keyboard shortcuts for codebox width and table column width to use parenthesis open instead of backslash, (gh#giuspen/cherrytree#2113). * Fixed crash on double exit from systray icon right click menu, (gh#giuspen/cherrytree#2114). * Added keyboard shortcuts to toolbar tooltips, (gh#giuspen/cherrytree#2106). * Fixed export to HTML crash, (gh#giuspen/cherrytree#2109). * Force turning off portal usage since it does not work on all distros, (gh#giuspen/cherrytree#2111). * Improved dialog confirmation before executing the code. * Additonal changes for core22, (gh#giuspen/cherrytree#2110). * Allow to disable the dialog asking for confirmation before executing the code. * Fixed bulleted list unindent (Shift+Tab) crash, (gh#giuspen/cherrytree#2103). * Add home plug, (gh#giuspen/cherrytree#2101 and gh#giuspen/cherrytree#2102). * Linux menu launcher run cherrytree in a new instance, (gh#giuspen/cherrytree#2077). * Fixed crash on print/export as pdf of a sequence of characters without spaces longer that the page width, such as a very long URL, (gh#giuspen/cherrytree#2045). * Fixed wrongly entering column mode when using keyboard shortcuts with such as insert codebox, (gh#giuspen/cherrytree#2075). * Added syntax highlighting support for GDScript. * Fixed tooltip and cursor not reset after hovering link and then navigating to non rich text node. * Support for accent insensitive search - added letters with subordinate dots, (gh#giuspen/cherrytree#1981). * Translation updates. - Fix duplicate file warnings, add fdupes build requires and macro. - Developer advised fixed cross-site scripting (XSS) vulnerability that allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node, (#boo1202513, gh#giuspen/cherrytree#2099 and CVE-2022-35133). OBS-URL: https://build.opensuse.org/request/show/1003835 OBS-URL: https://build.opensuse.org/package/show/GNOME:Apps/cherrytree?expand=0&rev=167 --- _servicedata | 2 +- cherrytree-0.99.48.obscpio | 3 --- cherrytree-0.99.49+3.obscpio | 3 +++ cherrytree.changes | 48 ++++++++++++++++++++++++++++++++++++ cherrytree.obsinfo | 6 ++--- cherrytree.spec | 4 ++- 6 files changed, 58 insertions(+), 8 deletions(-) delete mode 100644 cherrytree-0.99.48.obscpio create mode 100644 cherrytree-0.99.49+3.obscpio diff --git a/_servicedata b/_servicedata index 6dbdf27..8f52a1c 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/giuspen/cherrytree.git - 35a79c408065241a4d8f5a370bead37465d31ad5 \ No newline at end of file + ba904860ddf0e9cb388b7ee0e886cc49d6164e8f \ No newline at end of file diff --git a/cherrytree-0.99.48.obscpio b/cherrytree-0.99.48.obscpio deleted file mode 100644 index 000b383..0000000 --- a/cherrytree-0.99.48.obscpio +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7c5ab661c3468f1c485eac34369de861e2c9b6e4d312e443a7f1f6386fe7cb9d -size 83840526 diff --git a/cherrytree-0.99.49+3.obscpio b/cherrytree-0.99.49+3.obscpio new file mode 100644 index 0000000..83070b3 --- /dev/null +++ b/cherrytree-0.99.49+3.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2b69ab2aa73302a8a8d5591cf1d682e3dcfeb60f3db22278fd79f0e557cecdae +size 83880974 diff --git a/cherrytree.changes b/cherrytree.changes index 2f43fb6..ff21bfd 100644 --- a/cherrytree.changes +++ b/cherrytree.changes @@ -1,3 +1,51 @@ +------------------------------------------------------------------- +Thu Sep 15 02:31:01 UTC 2022 - malcolmlewis@opensuse.org + +- Update to version 0.99.49+3: + * Legacy_canonicalize_filename: manage empty filename, + (gh#giuspen/cherrytree#2118) + * added command line option '--anchor AnchorName' that in + addition to existing '--node NodeName' allows to open a + document focusing an anchor in a node. + * Changed non configurable keyboard shortcuts for codebox width + and table column width to use parenthesis open instead of + backslash, (gh#giuspen/cherrytree#2113). + * Fixed crash on double exit from systray icon right click menu, + (gh#giuspen/cherrytree#2114). + * Added keyboard shortcuts to toolbar tooltips, + (gh#giuspen/cherrytree#2106). + * Fixed export to HTML crash, (gh#giuspen/cherrytree#2109). + * Force turning off portal usage since it does not work on all + distros, (gh#giuspen/cherrytree#2111). + * Improved dialog confirmation before executing the code. + * Additonal changes for core22, (gh#giuspen/cherrytree#2110). + * Allow to disable the dialog asking for confirmation before + executing the code. + * Fixed bulleted list unindent (Shift+Tab) crash, + (gh#giuspen/cherrytree#2103). + * Add home plug, (gh#giuspen/cherrytree#2101 and + gh#giuspen/cherrytree#2102). + * Linux menu launcher run cherrytree in a new instance, + (gh#giuspen/cherrytree#2077). + * Fixed crash on print/export as pdf of a sequence of characters + without spaces longer that the page width, such as a very long + URL, (gh#giuspen/cherrytree#2045). + * Fixed wrongly entering column mode when using keyboard + shortcuts with such as insert codebox, + (gh#giuspen/cherrytree#2075). + * Added syntax highlighting support for GDScript. + * Fixed tooltip and cursor not reset after hovering link and then + navigating to non rich text node. + * Support for accent insensitive search - added letters with + subordinate dots, (gh#giuspen/cherrytree#1981). + * Translation updates. +- Fix duplicate file warnings, add fdupes build requires and macro. +- Developer advised fixed cross-site scripting (XSS) vulnerability + that allows attackers to execute arbitrary web scripts or HTML + via a crafted payload injected into the Name text field when + creating a node, (#boo1202513, gh#giuspen/cherrytree#2099 and + CVE-2022-35133). + ------------------------------------------------------------------- Wed Jun 29 23:50:37 UTC 2022 - malcolmlewis@opensuse.org diff --git a/cherrytree.obsinfo b/cherrytree.obsinfo index 14df358..b48aa46 100644 --- a/cherrytree.obsinfo +++ b/cherrytree.obsinfo @@ -1,4 +1,4 @@ name: cherrytree -version: 0.99.48 -mtime: 1656452646 -commit: 35a79c408065241a4d8f5a370bead37465d31ad5 +version: 0.99.49+3 +mtime: 1663187887 +commit: ba904860ddf0e9cb388b7ee0e886cc49d6164e8f diff --git a/cherrytree.spec b/cherrytree.spec index 6e3ffbd..0f83836 100644 --- a/cherrytree.spec +++ b/cherrytree.spec @@ -17,7 +17,7 @@ Name: cherrytree -Version: 0.99.48 +Version: 0.99.49+3 Release: 0 Summary: A hierarchical note taking application License: GPL-3.0-or-later AND LGPL-2.1-only @@ -27,6 +27,7 @@ Source0: %{name}-%{version}.tar.xz #PATCH-FIX-OPENSUSE cherrytree-set-git-version.patch malcolmlewis@opensuse.org -- Set git version in help about. Patch0: cherrytree-set-git-version.patch BuildRequires: cmake +BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: ninja BuildRequires: python3-lxml @@ -64,6 +65,7 @@ file with extension ".ctd". rm %{buildroot}%{_datadir}/mime-info/cherrytree.* %suse_update_desktop_file -G "Hierarchical Notes Utility" cherrytree TextEditor %find_lang %{name} %{?no_lang_C} +%fdupes -s %{buildroot}%{_datadir} %files %license license.txt