diff --git a/irssi-0.8.11-avoid_version.patch b/irssi-0.8.11-avoid_version.patch deleted file mode 100644 index 51bdab3..0000000 --- a/irssi-0.8.11-avoid_version.patch +++ /dev/null @@ -1,33 +0,0 @@ -patching both files as it saves us from running autofoo tools and -a dependency on glib1 -Index: src/irc/proxy/Makefile.am -=================================================================== ---- src/irc/proxy/Makefile.am.orig 2007-04-25 20:15:07.000000000 +0200 -+++ src/irc/proxy/Makefile.am 2007-08-01 16:25:52.163497998 +0200 -@@ -11,10 +11,7 @@ libirc_proxy.a: - rm -f libirc_proxy.a - $(LN_S) .libs/libirc_proxy.a libirc_proxy.a - --libirc_proxy_la_LDFLAGS = -module -- --libirc_proxy_la_DEPENDENCIES = libirc_proxy.a -- -+libirc_proxy_la_LDFLAGS = -module -avoid-version - libirc_proxy_la_SOURCES = \ - proxy.c \ - dump.c \ -Index: src/irc/proxy/Makefile.in -=================================================================== ---- src/irc/proxy/Makefile.in.orig 2007-04-25 20:15:07.000000000 +0200 -+++ src/irc/proxy/Makefile.in 2007-08-01 16:32:18.354817516 +0200 -@@ -244,8 +244,8 @@ INCLUDES = \ - -I$(top_srcdir)/src/irc/core/ \ - $(GLIB_CFLAGS) - --libirc_proxy_la_LDFLAGS = -module --libirc_proxy_la_DEPENDENCIES = libirc_proxy.a -+libirc_proxy_la_LDFLAGS = -module -avoid-version -+#libirc_proxy_la_DEPENDENCIES = libirc_proxy.a - libirc_proxy_la_SOURCES = \ - proxy.c \ - dump.c \ diff --git a/irssi-0.8.12.tar.bz2 b/irssi-0.8.12.tar.bz2 deleted file mode 100644 index 12ebaf9..0000000 --- a/irssi-0.8.12.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:462d634bb509cc2bdd550ee5c7b269495f3173721b7404f162ad1f69b49bfff0 -size 935918 diff --git a/irssi-0.8.13.tar.bz2 b/irssi-0.8.13.tar.bz2 new file mode 100644 index 0000000..6b4a85a --- /dev/null +++ b/irssi-0.8.13.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:896541ac837421290934e2658ab364d4d3f0326259489a94a0cd166e2b05d735 +size 946203 diff --git a/irssi-0.8.x_wallop_off_by_one.patch b/irssi-0.8.x_wallop_off_by_one.patch new file mode 100644 index 0000000..dba4edc --- /dev/null +++ b/irssi-0.8.x_wallop_off_by_one.patch @@ -0,0 +1,13 @@ +Index: src/fe-common/irc/fe-events.c +=================================================================== +--- src/fe-common/irc/fe-events.c (revision 5067) ++++ src/fe-common/irc/fe-events.c (revision 5068) +@@ -298,7 +298,7 @@ + + tmp = g_strdup(data+8); + len = strlen(tmp); +- if (tmp[len-1] == 1) tmp[len-1] = '\0'; ++ if (len >= 1 && tmp[len-1] == 1) tmp[len-1] = '\0'; + printformat(server, NULL, MSGLEVEL_WALLOPS, IRCTXT_ACTION_WALLOPS, nick, tmp); + g_free(tmp); + } diff --git a/irssi.changes b/irssi.changes index b0d3e0d..b75df39 100644 --- a/irssi.changes +++ b/irssi.changes @@ -1,3 +1,82 @@ +------------------------------------------------------------------- +Wed Jun 10 16:21:15 CEST 2009 - mrueckert@suse.de + +- added irssi-0.8.x_wallop_off_by_one.patch: + fix of by one in wallop handling (bnc#510837) CVE-2009-1959 + +------------------------------------------------------------------- +Wed Apr 1 17:25:56 CEST 2009 - mrueckert@suse.de + +- update to 0.8.13 + + Reject some obviously invalid values in /set. + + Add perl bindings for Window::get_history_lines + + Use an io channel to write the config file. + + Use memory slices instead of memory chunks for text buffer. + + Remove methods to create/destroy TextBuffer and TextBufferView and low level api to add/remove lines, scripts should be fine using Window::print_after and TextBufferView::remove_line. + + Add print_after method to Window perl object analogous to gui_printtext_after but which also expands formats and forces a full line. + + Better mapping of signal parameters to Perl. All signals used in scripts now need to be registered with Irssi::signal_register. + + Add public header with interfaces to manage statusbar items (bug #535) + + Recode: assume utf-8 encoding for an ascii string in which no escape character occurs (bug #392). + + Allow /BAN, /UNBAN, /KICBAN, /KNOCKOUT if channel is not synced. Requesting ban lists from an unsynced channel will ask them from the server, banning a user whose u@h irssi does not know will ban nick!*@* and only bans irssi knows about can be removed. + + Allow storing multiple "other" prefixes such as +q and +a (original patch by JasonX) + + Add /set autolog_ignore_targets for cherry-picking targets that shouldn't get logged. + + Add support for 16 colors. Formats KBGCRMYW and mirc colors are now mapped to colors 8-15. fe-text translates colors 8-15 to bold/blink+0-7 if the terminal supports only 8 colors. If your theme uses one of the high color formats and you really want bold you can change %FMT to %fmt%_%_, it will work fine in all irssi versions. + + Better 005 PREFIX support (bug #580). + + Display 407 numerics other than "duplicate channel". + + Fix display of ratbox-style operspy whois. + + Recode outgoing irc away messages (bug #412). + + Recode outgoing irc quit messages. + + Remove scrollback_levelclear_levels setting and add a 'level' option to 'sb levelclear' to specify a comma separated list of levels. + + Add perl __WARN__ handler for scripts (bug #427). + + Add Irssi::command_parse_options function to parse options for a command. + + Revert recode changes introduced in 0.8.12. + + Add completion for /WINDOW SERVER. + + Support for reading kicks/msgs from TARGMAX/MAXTARGETS 005 tokens. + + Enhancements to the redirections code. + + Support for RPL_WHOISACTUALLY (338 numeric) for both ratbox and ircu (bug #428). + + -idle option of /notify is gone. + + /layout save now makes window-channel bindings instantly effective (bug #35). + + /ping without arguments does not send anymore a ctcp ping to a channel (bug #542). + + Track IRC operator status of nicks a bit better. + + new 'actlist_names' option to add active items names in 'act' statusbar item. + + new 'word_completion_backward' command to scroll backwards in the completion list. + + add 'list' option to /bind to print all the available commands. + + show setter/time in +I lists + + apply -usermode before -autosendcmd (bug #548). + + reduce memory usage of the scrollback buffer and make the display in /sb status more accurate (higher). + + fix data getting dropped when a lot is sent at a time (e.g. when attaching to irssi-proxy, bug #528). + + introduce the type Irssi::Irc::Client and signals to communicate with proxy clients to allow for scripting parts of the irssi-proxy. + + Add sb_search.pl, a script for /SCROLLBACK SEARCH + - Fix /NOTIFY list when nick is seen joining (bug #642). + - Include hostmask in 001 event sent by proxy (bug #650). + - Be more power-friendly: don't run any always-on <1s timers (bug #641). + - Don't get confused by a failed /JOIN -window (bug #644). + - Properly initialize embedded Perl (PERL_SYS_INIT3). + - Replace invalid utf-8 bytes with U+FFFD when drawing a line. + - Properly unload the original script when using /script load to reload it. (bug #525, patch by Lukas Mai) + - Clean up script loading in general: + * Don't leak local variables to eval'd code. + * Set filename/line number to get better error messages from perl. + * Use three-arg open and lexical filehandles to avoid surprises. + * Include error reason in message for unopenable scripts. + * Don't wrap script code in sub handler { } - this avoids spurious warnings and + should at least allow __END__ to work properly. + (Patch by Lukas Mai) + - Fix NETSPLIT_SERVER_REC in signals for Perl. + - Remove buggy /SCROLLBACK redraw and /SET scrollback_save_formats. + - Always preserve the active mainwindow when resizing. + - Ignore DNS not found errors when considering reconnect. + - Do not strip the comma in a mirc color if it is not followed by a digit (bug #250). + - Fix building perl module with perl-5.10 (bug #630). + - fix leak with $L expando. + - fix possible crash with /script reset. + - ignore exceptions take precedence over ignores in all cases. + - honour -channels preference for ignore -replies (bug #227). + - Fix mode display in whois with unreal (379 numeric) (bug #479). + - Fix regressions that prevented external modules from building/working (bugs #537 #539). + - Fix /set hilight_level not taking effect immediately (bug #598). + - Fix bold, blinking and indentation in /LASTLOG and buf.pl. + ------------------------------------------------------------------- Mon Mar 10 16:16:52 CET 2008 - mrueckert@suse.de diff --git a/irssi.spec b/irssi.spec index c422c32..c3956f5 100644 --- a/irssi.spec +++ b/irssi.spec @@ -1,10 +1,17 @@ # -# spec file for package irssi (Version 0.8.12) +# spec file for package irssi (Version 0.8.13) # -# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. +# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -12,8 +19,8 @@ Name: irssi -Version: 0.8.12 -Release: 30 +Version: 0.8.13 +Release: 1 %define pkg_name irssi # License: GPL v2 or later @@ -26,7 +33,7 @@ Conflicts: %{pkg_name}-snapshot # Url: http://www.irssi.org Source: http://www.irssi.org/files/irssi-%{version}.tar.bz2 -Patch: irssi-0.8.11-avoid_version.patch +Patch: irssi-0.8.x_wallop_off_by_one.patch # Summary: A Modular, Secure, and Well Designed IRC Client @@ -48,6 +55,7 @@ Authors: Timo Sirainen %package devel +License: GPL v2 or later Group: Development/Languages/C and C++ Requires: %{pkg_name} = %{version} # @@ -98,7 +106,7 @@ rm -rf %{buildroot} %files %defattr(-,root,root) -%{_sysconfdir}/irssi.conf +%config(noreplace) %{_sysconfdir}/irssi.conf %{_bindir}/botti %{_bindir}/irssi # modules @@ -125,6 +133,79 @@ rm -rf %{buildroot} %{_includedir}/irssi/ %changelog +* Wed Jun 10 2009 mrueckert@suse.de +- added irssi-0.8.x_wallop_off_by_one.patch: + fix of by one in wallop handling (bnc#510837) CVE-2009-1959 +* Wed Apr 01 2009 mrueckert@suse.de +- update to 0.8.13 + + Reject some obviously invalid values in /set. + + Add perl bindings for Window::get_history_lines + + Use an io channel to write the config file. + + Use memory slices instead of memory chunks for text buffer. + + Remove methods to create/destroy TextBuffer and TextBufferView and low level api to add/remove lines, scripts should be fine using Window::print_after and TextBufferView::remove_line. + + Add print_after method to Window perl object analogous to gui_printtext_after but which also expands formats and forces a full line. + + Better mapping of signal parameters to Perl. All signals used in scripts now need to be registered with Irssi::signal_register. + + Add public header with interfaces to manage statusbar items (bug #535) + + Recode: assume utf-8 encoding for an ascii string in which no escape character occurs (bug #392). + + Allow /BAN, /UNBAN, /KICBAN, /KNOCKOUT if channel is not synced. Requesting ban lists from an unsynced channel will ask them from the server, banning a user whose u@h irssi does not know will ban nick!*@* and only bans irssi knows about can be removed. + + Allow storing multiple "other" prefixes such as +q and +a (original patch by JasonX) + + Add /set autolog_ignore_targets for cherry-picking targets that shouldn't get logged. + + Add support for 16 colors. Formats KBGCRMYW and mirc colors are now mapped to colors 8-15. fe-text translates colors 8-15 to bold/blink+0-7 if the terminal supports only 8 colors. If your theme uses one of the high color formats and you really want bold you can change %%FMT to %%fmt%%_%%_, it will work fine in all irssi versions. + + Better 005 PREFIX support (bug #580). + + Display 407 numerics other than "duplicate channel". + + Fix display of ratbox-style operspy whois. + + Recode outgoing irc away messages (bug #412). + + Recode outgoing irc quit messages. + + Remove scrollback_levelclear_levels setting and add a 'level' option to 'sb levelclear' to specify a comma separated list of levels. + + Add perl __WARN__ handler for scripts (bug #427). + + Add Irssi::command_parse_options function to parse options for a command. + + Revert recode changes introduced in 0.8.12. + + Add completion for /WINDOW SERVER. + + Support for reading kicks/msgs from TARGMAX/MAXTARGETS 005 tokens. + + Enhancements to the redirections code. + + Support for RPL_WHOISACTUALLY (338 numeric) for both ratbox and ircu (bug #428). + + -idle option of /notify is gone. + + /layout save now makes window-channel bindings instantly effective (bug #35). + + /ping without arguments does not send anymore a ctcp ping to a channel (bug #542). + + Track IRC operator status of nicks a bit better. + + new 'actlist_names' option to add active items names in 'act' statusbar item. + + new 'word_completion_backward' command to scroll backwards in the completion list. + + add 'list' option to /bind to print all the available commands. + + show setter/time in +I lists + + apply -usermode before -autosendcmd (bug #548). + + reduce memory usage of the scrollback buffer and make the display in /sb status more accurate (higher). + + fix data getting dropped when a lot is sent at a time (e.g. when attaching to irssi-proxy, bug #528). + + introduce the type Irssi::Irc::Client and signals to communicate with proxy clients to allow for scripting parts of the irssi-proxy. + + Add sb_search.pl, a script for /SCROLLBACK SEARCH + - Fix /NOTIFY list when nick is seen joining (bug #642). + - Include hostmask in 001 event sent by proxy (bug #650). + - Be more power-friendly: don't run any always-on <1s timers (bug #641). + - Don't get confused by a failed /JOIN -window (bug #644). + - Properly initialize embedded Perl (PERL_SYS_INIT3). + - Replace invalid utf-8 bytes with U+FFFD when drawing a line. + - Properly unload the original script when using /script load to reload it. (bug #525, patch by Lukas Mai) + - Clean up script loading in general: + * Don't leak local variables to eval'd code. + * Set filename/line number to get better error messages from perl. + * Use three-arg open and lexical filehandles to avoid surprises. + * Include error reason in message for unopenable scripts. + * Don't wrap script code in sub handler { } - this avoids spurious warnings and + should at least allow __END__ to work properly. + (Patch by Lukas Mai) + - Fix NETSPLIT_SERVER_REC in signals for Perl. + - Remove buggy /SCROLLBACK redraw and /SET scrollback_save_formats. + - Always preserve the active mainwindow when resizing. + - Ignore DNS not found errors when considering reconnect. + - Do not strip the comma in a mirc color if it is not followed by a digit (bug #250). + - Fix building perl module with perl-5.10 (bug #630). + - fix leak with $L expando. + - fix possible crash with /script reset. + - ignore exceptions take precedence over ignores in all cases. + - honour -channels preference for ignore -replies (bug #227). + - Fix mode display in whois with unreal (379 numeric) (bug #479). + - Fix regressions that prevented external modules from building/working (bugs #537 #539). + - Fix /set hilight_level not taking effect immediately (bug #598). + - Fix bold, blinking and indentation in /LASTLOG and buf.pl. * Mon Mar 10 2008 mrueckert@suse.de - drop irssi-0.8.10rc5-install_vendor.diff: we had --with-perl-lib=vendor since quite some time and it