Accepting request 449404 from server:irc

- Update to version 1.0.0
  * irssiproxy can now forward all tags through a single port.
  * The kill buffer now remembers consecutive kills. New bindings
    were added: yank_next_cutbuffer and append_next_kill.
  * autolog_ignore_targets and activity_hide_targets learn a new
    syntax tag/* and * to ignore whole networks or everything.
  * hilight got a -matchcase flag to hilight case sensitively.
  * Display TLS connection information upon connect. You can disable
    this by setting tls_verbose_connect to FALSE
  * Certificate pinning for TLS certificates
  * /names and $[…] now uses utf8 string operations.
  * New setting completion_nicks_match_case
  * /channel /server /network now support modify subcommand.
  * New option sasl_disconnect_on_failure to disconnect when SASL
    log-in failed.
- Drop not applied irssi-0.8.15_ssl_proxy.patch
- Run through spec-cleaner, remove support for old openSUSE/SUSE
  releases.

- irssi 0.8.21 fixes four vulnerabilities that could result in
  denial of service (remote crash) when connecting to malicious
  servers or receiving specially crafted data [boo#1018357]:
  * CVE-2017-5193: NULL pointer dereference in the nickcmp function
  * CVE-2017-5194: out of bounds read in certain incomplete control codes
  * CVE-2017-5195: out of bounds read in certain incomplete character sequences 
  * CVE-2017-5196: Correct an error when receiving invalid nick message
- drop irssi-0.8.20-buf.pl.patch, upstream

OBS-URL: https://build.opensuse.org/request/show/449404
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/irssi?expand=0&rev=39

irssi-0.8.15_ssl_proxy.patch

@@ -1,24 +0,0 @@
-Index: src/core/servers.c
-===================================================================
---- src/core/servers.c	(revision 5169)
-+++ src/core/servers.c	(working copy)
-@@ -209,6 +209,7 @@
- 	char *errmsg2;
- 	char ipaddr[MAX_IP_LEN];
-         int port;
-+        char *hostname;
- 
- 	g_return_if_fail(ip != NULL || unix_socket != NULL);
- 
-@@ -223,8 +224,10 @@
- 			 server->connrec->own_ip4);
- 		port = server->connrec->proxy != NULL ?
- 			server->connrec->proxy_port : server->connrec->port;
-+		hostname = server->connrec->proxy != NULL ?
-+			server->connrec->proxy : server->connrec->address;
- 		handle = server->connrec->use_ssl ?
--			net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,
-+			net_connect_ip_ssl(ip, port, hostname, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,
- server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) :
- 			net_connect_ip(ip, port, own_ip);
- 	} else {

irssi-0.8.20-buf.pl.patch

@@ -1,100 +0,0 @@
---- irssi/scripts/buf.pl	2016-08-11 14:59:21.000000000 +0200
-+++ irssi/scripts/buf.pl	2016-10-06 13:27:20.747016000 +0200
-@@ -5,7 +5,7 @@
-              settings_get_str settings_get_bool channels windows
- 	     settings_add_str settings_add_bool get_irssi_dir
- 	     window_find_refnum signal_stop);
--$VERSION = '2.13';
-+$VERSION = '2.20';
- %IRSSI = (
-     authors	=> 'Juerd',
-     contact	=> 'juerd@juerd.nl',
-@@ -13,10 +13,8 @@
-     description	=> 'Saves the buffer for /upgrade, so that no information is lost',
-     license	=> 'Public Domain',
-     url		=> 'http://juerd.nl/irssi/',
--    changed	=> 'Mon May 13 19:41 CET 2002',
--    changes	=> 'Severe formatting bug removed * oops, I ' .
--                   'exposed Irssi to ircII foolishness * sorry ' .
--		   '** removed logging stuff (this is a fix)',
-+    changed	=> 'Thu Sep 22 01:37 CEST 2016',
-+    changes	=> 'Fixed file permissions (leaked everything via filesystem)',
-     note1	=> 'This script HAS TO BE in your scripts/autorun!',
-     note2	=> 'Perl support must be static or in startup',
- );
-@@ -39,9 +37,15 @@
- 
- my %suppress;
- 
-+sub _filename { sprintf '%s/scrollbuffer', get_irssi_dir }
-+
- sub upgrade {
--    open BUF, q{>}, sprintf('%s/scrollbuffer', get_irssi_dir) or die $!;
--    print BUF join("\0", map $_->{server}->{address} . $_->{name}, channels), "\n";
-+    my $fn = _filename;
-+    my $old_umask = umask 0077;
-+    open my $fh, q{>}, $fn or die "open $fn: $!";
-+    umask $old_umask;
-+
-+    print $fh join("\0", map $_->{server}->{address} . $_->{name}, channels), "\n";
-     for my $window (windows) {
- 	next unless defined $window;
- 	next if $window->{name} eq 'status';
-@@ -57,36 +61,39 @@
- 		redo if defined $line;
- 	    }
- 	}
--	printf BUF "%s:%s\n%s", $window->{refnum}, $lines, $buf;
-+	printf $fh "%s:%s\n%s", $window->{refnum}, $lines, $buf;
-     }
--    close BUF;
-+    close $fh;
-     unlink sprintf("%s/sessionconfig", get_irssi_dir);
-     command 'layout save';
-     command 'save';
- }
- 
- sub restore {
--    open BUF, q{<}, sprintf('%s/scrollbuffer', get_irssi_dir) or die $!;
--    my @suppress = split /\0/, <BUF>;
-+    my $fn = _filename;
-+    open my $fh, q{<}, $fn or die "open $fn: $!";
-+    unlink $fn or warn "unlink $fn: $!";
-+
-+    my @suppress = split /\0/, readline $fh;
-     if (settings_get_bool 'upgrade_suppress_join') {
- 	chomp $suppress[-1];
- 	@suppress{@suppress} = (2) x @suppress;
-     }
-     active_win->command('^window scroll off');
--    while (my $bla = <BUF>){
-+    while (my $bla = readline $fh){
- 	chomp $bla;
- 	my ($refnum, $lines) = split /:/, $bla;
- 	next unless $lines;
- 	my $window = window_find_refnum $refnum;
- 	unless (defined $window){
--	    <BUF> for 1..$lines;
-+	    readline $fh for 1..$lines;
- 	    next;
- 	}
- 	my $view = $window->view;
- 	$view->remove_all_lines();
- 	$view->redraw();
- 	my $buf = '';
--	$buf .= <BUF> for 1..$lines;
-+	$buf .= readline $fh for 1..$lines;
- 	my $sep = settings_get_str 'upgrade_separator';
- 	$sep .= "\n" if $sep ne '';
- 	$window->gui_printtext_after(undef, MSGLEVEL_CLIENTNOTICE, "$buf\cO$sep");
-@@ -119,3 +126,10 @@
- unless (-f sprintf('%s/scripts/autorun/buf.pl', get_irssi_dir)) {
-     Irssi::print('PUT THIS SCRIPT IN ~/.irssi/scripts/autorun/ BEFORE /UPGRADING!!');
- }
-+
-+# Remove any left-over file. If 'session' doesn't exist (created by irssi
-+# during /UPGRADE), neither should our file.
-+unless (-e sprintf('%s/session', get_irssi_dir)) {
-+    my $fn = _filename;
-+    unlink $fn or warn "unlink $fn: $!" if -e $fn;
-+}

irssi-0.8.20.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7882c4e821f5aac469c5e69e69d7e235f4986101285c675e81a9a95bfb20505a
-size 1007252

irssi-0.8.20.tar.xz.asc

@@ -1,6 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iEYEABECAAYFAlfg+CwACgkQAMy1h92+8OGj9QCfdIkAejpqjk5oTuOw3X0ib+fK
-aswAn3Hy1Ql4zlTHP9d3eQGCF3pxK0Oe
-=tRWD
------END PGP SIGNATURE-----

irssi-1.0.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6a8a3c1fc6a021a2c02a693877b2e19cbceb3eccd78fce49e44f596f4bae4fb8
+size 1026116

irssi-1.0.0.tar.xz.asc

@@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iEYEABECAAYFAlhuZHUACgkQAMy1h92+8OEqOgCgiPq77X+efvGaCOC1Z0ZcO2q2
+m24AnjQNjrci5pv8GYvlwVwS6YRNIsTh
+=dE/Y
+-----END PGP SIGNATURE-----

irssi.changes

@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Fri Jan  6 11:46:55 UTC 2017 - idonmez@suse.com
+
+- Update to version 1.0.0
+  * irssiproxy can now forward all tags through a single port.
+  * The kill buffer now remembers consecutive kills. New bindings
+    were added: yank_next_cutbuffer and append_next_kill.
+  * autolog_ignore_targets and activity_hide_targets learn a new
+    syntax tag/* and * to ignore whole networks or everything.
+  * hilight got a -matchcase flag to hilight case sensitively.
+  * Display TLS connection information upon connect. You can disable
+    this by setting tls_verbose_connect to FALSE
+  * Certificate pinning for TLS certificates
+  * /names and $[…] now uses utf8 string operations.
+  * New setting completion_nicks_match_case
+  * /channel /server /network now support modify subcommand.
+  * New option sasl_disconnect_on_failure to disconnect when SASL
+    log-in failed.
+- Drop not applied irssi-0.8.15_ssl_proxy.patch
+- Run through spec-cleaner, remove support for old openSUSE/SUSE
+  releases.
+
+-------------------------------------------------------------------
+Fri Jan  6 11:28:09 UTC 2017 - astieger@suse.com
+
+- irssi 0.8.21 fixes four vulnerabilities that could result in
+  denial of service (remote crash) when connecting to malicious
+  servers or receiving specially crafted data [boo#1018357]:
+  * CVE-2017-5193: NULL pointer dereference in the nickcmp function
+  * CVE-2017-5194: out of bounds read in certain incomplete control codes
+  * CVE-2017-5195: out of bounds read in certain incomplete character sequences 
+  * CVE-2017-5196: Correct an error when receiving invalid nick message
+- drop irssi-0.8.20-buf.pl.patch, upstream
+
 -------------------------------------------------------------------
 Thu Oct  6 11:31:53 UTC 2016 - meissner@suse.com
 

irssi.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package irssi
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,29 +17,13 @@
 
 
 %bcond_with socks
-
 Name:           irssi
-Version:        0.8.20
+Version:        1.0.0
 Release:        0
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-%if %{with socks}
-%if 0%{?suse_version} > 1110
-BuildRequires:  dante-devel
-%endif
-%endif
-BuildRequires:  glib2-devel
-BuildRequires:  ncurses-devel
-BuildRequires:  openssl-devel
-BuildRequires:  pkgconfig
-%if 0%{?suse_version}
-BuildRequires:  update-desktop-files
-%endif
-%if 0%{?suse_version} > 1130
-BuildRequires:  perl-macros
-%endif
-BuildRequires:  perl
-BuildRequires:  xz
-Conflicts:      %{name}-snapshot
+#
+Summary:        Modular, Secure, and Well Designed IRC Client
+License:        GPL-2.0+
+Group:          Productivity/Networking/IRC
 #
 Url:            http://www.irssi.org
 Source:         https://github.com/irssi/irssi/releases/download/%{version}/irssi-%{version}.tar.xz
@@ -49,20 +33,24 @@ Source3:        https://github.com/irssi/irssi/releases/download/%{version}/irss
 # https://sks-keyservers.net/pks/lookup?op=get&search=0x00CCB587DDBEF0E1
 Source4:        %{name}.keyring
 Source99:       irssi-rpmlintrc
-Patch:          irssi-0.8.15_ssl_proxy.patch
-# PATCH-FIX-UPSTREAM irssi-0.8.20-buf.pl.patch 1001215 CVE-2016-7553:
-Patch1:         irssi-0.8.20-buf.pl.patch
 # PATCH-FIX-OPENSUSE irssi-0.8.16_missing_prototype_warnings.patch
-Patch2:         irssi-0.8.16_missing_prototype_warnings.patch
-#
-Summary:        Modular, Secure, and Well Designed IRC Client
-License:        GPL-2.0+
-Group:          Productivity/Networking/IRC
-%if 0%{?suse_version} > 1130
+Patch1:         irssi-0.8.16_missing_prototype_warnings.patch
+BuildRequires:  glib2-devel
+BuildRequires:  ncurses-devel
+BuildRequires:  openssl-devel
+BuildRequires:  perl
+BuildRequires:  perl-macros
+BuildRequires:  pkgconfig
+BuildRequires:  xz
+Conflicts:      %{name}-snapshot
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %{perl_requires}
 %{?libperl_requires}
-%else
-Requires:       perl = %{perl_version}
+%if %{with socks}
+BuildRequires:  dante-devel
+%endif
+%if 0%{?suse_version}
+BuildRequires:  update-desktop-files
 %endif
 
 %description
@@ -76,48 +64,25 @@ Jabber, could be added some day, too.
 It is the code that separates Irssi from ircII, BitchX, epic, and the
 rest of the text clients. It is not using the ircII code.
 
-
-
-Authors:
---------
-    Timo Sirainen <cras@irssi.org>
-
 %package devel
-Requires:       %{name} = %{version}
-Requires:       dante-devel
 #
 Summary:        Development package for irssi
 Group:          Development/Languages/C and C++
+Requires:       %{name} = %{version}
+Requires:       dante-devel
 
 %description devel
 This package contains the development files for irssi. It allows to
 compile plugins for the irssi package.
 
-
-
-Authors:
---------
-    Timo Sirainen <cras@irssi.org>
-
 %prep
 %setup -q
-%patch1 -p1
-%patch2
+%patch1
 
 %build
-# cp curses.m4 acinclude.m4
-#touch irssi.cvs
-#NOCONFIGURE=yes ./autogen.sh
-%if 0%{?sles_version} == 9
-export PKG_CONFIG_PATH="/opt/gnome/%{_lib}/pkgconfig:$PKG_CONFIG_PATH"
-%endif
-
 export CFLAGS="%{optflags} -fno-strict-aliasing -DGLIB_DISABLE_DEPRECATION_WARNINGS"
-
-%if 0%{?suse_version} > 1110
 export CFLAGS="$CFLAGS -fPIE"
 export LDFLAGS="-pie"
-%endif
 
 %configure              \
     --disable-silent-rules \
@@ -134,15 +99,15 @@ export LDFLAGS="-pie"
     --enable-true-color \
     --with-perl=yes     \
     --with-perl-lib=vendor
-%__make %{?_smp_mflags} all V=1
+make %{?_smp_mflags} all V=1
 
 %install
-%makeinstall docdir=%{_docdir}/%{name} V=1
+make %{?_smp_mflags} DESTDIR=%{buildroot} install docdir=%{_docdir}/%{name} V=1
 %perl_process_packlist
-%__rm %{buildroot}%{_libdir}/irssi/modules/libirc_proxy.{a,la}
+rm %{buildroot}%{_libdir}/irssi/modules/libirc_proxy.{a,la}
 
-%__install -D -m0644 "%{SOURCE1}" "%{buildroot}%{_datadir}/applications/%{name}.desktop"
-%__install -D -m0644 "%{SOURCE2}" "%{buildroot}%{_datadir}/pixmaps/irssi.png"
+install -D -m0644 "%{SOURCE1}" "%{buildroot}%{_datadir}/applications/%{name}.desktop"
+install -D -m0644 "%{SOURCE2}" "%{buildroot}%{_datadir}/pixmaps/irssi.png"
 
 %if 0%{?suse_version}
 %suse_update_desktop_file -r "%{name}" Network IRCClient
@@ -161,20 +126,17 @@ export LDFLAGS="-pie"
 %dir %{_datadir}/%{name}
 %{_datadir}/%{name}/*
 #perl
-%dir %perl_vendorarch/Irssi
-%perl_vendorarch/Irssi.pm
-%perl_vendorarch/Irssi/*
-%perl_vendorarch/auto/Irssi
+%dir %{perl_vendorarch}/Irssi
+%{perl_vendorarch}/Irssi.pm
+%{perl_vendorarch}/Irssi/*
+%{perl_vendorarch}/auto/Irssi
 # docs
-%dir %_defaultdocdir/irssi
-%docdir %_defaultdocdir/irssi/
-%doc %_defaultdocdir/irssi/*
-%doc %_mandir/man1/*.1%{ext_man}
+%dir %{_defaultdocdir}/irssi
+%docdir %{_defaultdocdir}/irssi/
+%doc %{_defaultdocdir}/irssi/*
+%{_mandir}/man1/*.1%{ext_man}
 %{_datadir}/applications/%{name}.desktop
 %{_datadir}/pixmaps/irssi.png
-%if 0%{?suse_version} <= 1130
-/var/adm/perl-modules/%{name}
-%endif
 
 %files devel
 %defattr(-,root,root)