r18309 - in /packages/lenny/nautilus-python/debian: changelog control patches/30_use-Py_ssize_t.patch patches/40_init-gnomevfs.patch patches/50_CVE-2009-0317.patch
joss at users.alioth.debian.org
joss at users.alioth.debian.org
Mon Feb 2 09:29:57 UTC 2009
Author: joss
Date: Mon Feb 2 09:29:57 2009
New Revision: 18309
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=18309
Log:
Add NMUs targeted to lenny here.
Added:
packages/lenny/nautilus-python/debian/patches/30_use-Py_ssize_t.patch
packages/lenny/nautilus-python/debian/patches/40_init-gnomevfs.patch
packages/lenny/nautilus-python/debian/patches/50_CVE-2009-0317.patch
Modified:
packages/lenny/nautilus-python/debian/changelog
packages/lenny/nautilus-python/debian/control
Modified: packages/lenny/nautilus-python/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/lenny/nautilus-python/debian/changelog?rev=18309&op=diff
==============================================================================
--- packages/lenny/nautilus-python/debian/changelog (original)
+++ packages/lenny/nautilus-python/debian/changelog Mon Feb 2 09:29:57 2009
@@ -1,3 +1,25 @@
+nautilus-python (0.4.3-3.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Fix CVE-2009-0317: untrusted search path vulnerability.
+ + Added patch: 50_CVE-2009-0317.patch
+ + Closes: #513419
+ * Urgency high for fixing a security RC bug.
+
+ -- Evgeni Golov <sargentd at die-welt.net> Sun, 01 Feb 2009 23:34:17 +0100
+
+nautilus-python (0.4.3-3.1) unstable; urgency=low
+
+ * Non-maintainer upload, ACKed by maintainer.
+ * Add 30_use-Py_ssize_t.patch to make nautilus-python work
+ with python2.5 on arches where int isn't the same as Py_ssize_t.
+ Closes: #512310
+ * Add 40_init-gnomevfs.patch to stop freezing when gnomevfs isn't
+ initialized.
+ Closes: #512394, LP: #114189
+
+ -- Evgeni Golov <sargentd at die-welt.net> Fri, 23 Jan 2009 09:51:19 +0100
+
nautilus-python (0.4.3-3) unstable; urgency=medium
* debian/patches/dlopen-nasty.patch:
Modified: packages/lenny/nautilus-python/debian/control
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/lenny/nautilus-python/debian/control?rev=18309&op=diff
==============================================================================
--- packages/lenny/nautilus-python/debian/control (original)
+++ packages/lenny/nautilus-python/debian/control Mon Feb 2 09:29:57 2009
@@ -2,7 +2,7 @@
Section: gnome
Priority: optional
Maintainer: Ross Burton <ross at debian.org>
-Uploaders: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>, Andrew Lau <netsnipe at users.sourceforge.net>, Clément Stenac <zorglub at debian.org>, Dafydd Harries <daf at debian.org>, Guilherme de S. Pastore <gpastore at debian.org>, Gustavo Franco <stratus at debian.org>, Gustavo Noronha Silva <kov at debian.org>, J.H.M. Dassen (Ray) <jdassen at debian.org>, Jordi Mallach <jordi at debian.org>, Jose Carlos Garcia Sogo <jsogo at debian.org>, Josselin Mouette <joss at debian.org>, Kilian Krause <kilian at debian.org>, Loic Minier <lool at dooz.org>, Marc 'HE' Brockschmidt <he at debian.org>, Marco Cabizza <marco87 at gmail.com>, Oystein Gisnas <oystein at gisnas.net>, Ondřej Surý <ondrej at debian.org>, Sebastien Bacher <seb128 at debian.org>, Sjoerd Simons <sjoerd at debian.org>
+Uploaders: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>, Emilio Pozuelo Monfort <pochu at ubuntu.com>, Loic Minier <lool at dooz.org>
Build-Depends: debhelper (>= 4.1.0), cdbs, gnome-pkg-tools, python, python-dev, python-gtk2-dev (>= 2.8.0), python-gnome2-dev (>= 2.12.1-3), libnautilus-extension-dev (>= 2.6.0), libeel2-dev (>= 2.6.0)
Standards-Version: 3.7.2
Added: packages/lenny/nautilus-python/debian/patches/30_use-Py_ssize_t.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/lenny/nautilus-python/debian/patches/30_use-Py_ssize_t.patch?rev=18309&op=file
==============================================================================
--- packages/lenny/nautilus-python/debian/patches/30_use-Py_ssize_t.patch (added)
+++ packages/lenny/nautilus-python/debian/patches/30_use-Py_ssize_t.patch Mon Feb 2 09:29:57 2009
@@ -1,0 +1,52 @@
+2008-01-11 Jonathan Rogers <jonner at teegra.net>
+ reviewed by: Johan Dahlin
+
+ * src/nautilus-python-object.c:
+ * src/nautilus-python.c: (nautilus_python_load_file):
+ * src/nautilus-python.h:
+ Use Py_ssize_t instead of int, so nautilus-python works on Python 2.5
+ fixes #444366
+
+Index: nautilus-python/src/nautilus-python.c
+===================================================================
+--- nautilus-python/src/nautilus-python.c (revision 47)
++++ nautilus-python/src/nautilus-python.c (revision 48)
+@@ -114,7 +114,7 @@
+ PyObject *main_module, *main_locals, *locals, *key, *value;
+ PyObject *module;
+ GType gtype;
+- int pos = 0;
++ Py_ssize_t pos = 0;
+
+ debug_enter_args("filename=%s", filename);
+
+Index: nautilus-python/src/nautilus-python-object.c
+===================================================================
+--- nautilus-python/src/nautilus-python-object.c (revision 47)
++++ nautilus-python/src/nautilus-python-object.c (revision 48)
+@@ -74,7 +74,7 @@
+
+ #define HANDLE_LIST(py_ret, type, type_name) \
+ { \
+- int i = 0; \
++ Py_ssize_t i = 0; \
+ if (!PySequence_Check(py_ret) || PyString_Check(py_ret)) { \
+ PyErr_SetString(PyExc_TypeError, \
+ METHOD_NAME " must return a sequence"); \
+Index: nautilus-python/src/nautilus-python.h
+===================================================================
+--- nautilus-python/src/nautilus-python.h (revision 47)
++++ nautilus-python/src/nautilus-python.h (revision 48)
+@@ -26,6 +26,12 @@
+ #include <glib/gprintf.h>
+ #include <Python.h>
+
++#if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN)
++typedef int Py_ssize_t;
++#define PY_SSIZE_T_MAX INT_MAX
++#define PY_SSIZE_T_MIN INT_MIN
++#endif
++
+ typedef enum {
+ NAUTILUS_PYTHON_DEBUG_MISC = 1 << 0,
+ } NautilusPythonDebug;
Added: packages/lenny/nautilus-python/debian/patches/40_init-gnomevfs.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/lenny/nautilus-python/debian/patches/40_init-gnomevfs.patch?rev=18309&op=file
==============================================================================
--- packages/lenny/nautilus-python/debian/patches/40_init-gnomevfs.patch (added)
+++ packages/lenny/nautilus-python/debian/patches/40_init-gnomevfs.patch Mon Feb 2 09:29:57 2009
@@ -1,0 +1,20 @@
+=== modified file 'nautilus-python-0.4.3/src/nautilusmodule.c'
+--- nautilus-python-0.4.3/src/nautilusmodule.c 2007-11-30 13:59:46 +0000
++++ nautilus-python-0.4.3/src/nautilusmodule.c 2007-12-02 08:27:18 +0000
+@@ -27,6 +27,7 @@
+ /* include this first, before NO_IMPORT_PYGOBJECT is defined */
+ #include <pygobject.h>
+ #include <pygtk/pygtk.h>
++#include "pygnomevfs.h"
+
+ void pynautilus_register_classes (PyObject *d);
+ void pynautilus_add_constants(PyObject *module, const gchar *strip_prefix);
+@@ -45,6 +46,7 @@
+
+ init_pygobject ();
+ init_pygtk ();
++ init_pygnomevfs();
+
+ m = Py_InitModule ("nautilus", pynautilus_functions);
+ d = PyModule_GetDict (m);
+
Added: packages/lenny/nautilus-python/debian/patches/50_CVE-2009-0317.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/lenny/nautilus-python/debian/patches/50_CVE-2009-0317.patch?rev=18309&op=file
==============================================================================
--- packages/lenny/nautilus-python/debian/patches/50_CVE-2009-0317.patch (added)
+++ packages/lenny/nautilus-python/debian/patches/50_CVE-2009-0317.patch Mon Feb 2 09:29:57 2009
@@ -1,0 +1,10 @@
+--- a/src/nautilus-python.c 2006-02-15 22:25:20.000000000 +0100
++++ b/src/nautilus-python.c 2009-01-29 09:46:13.000000000 +0100
+@@ -134,6 +134,7 @@
+
+ Py_Initialize();
+ PySys_SetArgv(1, argv);
++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
+
+ /* pygtk.require("2.0") */
+ pygtk = PyImport_ImportModule("pygtk");
More information about the pkg-gnome-commits
mailing list