Hello community, here is the log from the commit of package libgdata.595 for openSUSE:11.4:Update checked in at 2012-07-11 10:16:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:11.4:Update/libgdata.595 (Old) and /work/SRC/openSUSE:11.4:Update/.libgdata.595.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libgdata.595", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2012-07-06 19:40:38.919402255 +0200 +++ /work/SRC/openSUSE:11.4:Update/.libgdata.595.new/libgdata.changes 2012-07-11 10:16:35.000000000 +0200 @@ -0,0 +1,368 @@ +------------------------------------------------------------------- +Thu Jun 28 08:35:09 CEST 2012 - [email protected] + +- Add libgdata-validate-ssl-cert.patch: validate SSL certificates + for all connections. Fix bnc#752088, CVE-2012-1177. +- Add gnome-common BuildRequires and call gnome-autogen.sh: needed + for above patch. +- Pass --with-ca-certs=/etc/ssl/ca-bundle.pem to configure to let + libgdata know about the location of our certificates. + +------------------------------------------------------------------- +Tue Dec 14 22:26:38 CET 2010 - [email protected] + +- Update to version 0.6.6: + + Major changes: + - Fixed attribute escaping for several elements + - Fixed asynchronous authentication success notification + - Various small fixes to the core, YouTube and Documents + services + - Fixed many small and large memory leaks + - Fixed the XML comparisons in the test suite re. changes to + GHashTable in GLib master + + Bugs fixed: + - bgo#630350: Email address cannot contain name + - bgo#635736: Asynchronous authentication tests broken + +------------------------------------------------------------------- +Thu Sep 30 18:40:33 CEST 2010 - [email protected] + +- Update to version 0.6.5: + + Fixed the introspection build with gobject-introspection >= + 0.9.7 and bumped our dependency to match + + Added a lot of missing introspection annotations + + Fixed a few small leaks + +------------------------------------------------------------------- +Sun Sep 19 00:49:12 CEST 2010 - [email protected] + +- Move gir files to devel subpackage. + +------------------------------------------------------------------- +Wed Sep 1 15:29:34 CEST 2010 - [email protected] + +- Drop gir-repository BuildRequires: the introspection files that + were needed from there are now directly with the appropriate + libraries. + +------------------------------------------------------------------- +Mon Aug 30 15:07:10 CEST 2010 - [email protected] + +- Add baselibs.conf. + +------------------------------------------------------------------- +Tue Mar 30 01:38:24 CEST 2010 - [email protected] + +- Update to version 0.6.4: + + Major changes: + - Fixed the behaviour of gdata_entry_get_id() for + GDataPicasaWebAlbum and GDataPicasaWebFile, which was + previously *broken* + Use gdata_picasaweb_album_get_id() and + gdata_picasaweb_file_get_id() for the equivalent results now + - Don't send ETags if a query is modified since it was last + used; this improves libgdata's behaviour for programs which + re-use GDataQuery instances + - Lots of documentation fixes and improvements + - Added missing #includes to gdata.h + - Improved error reporting about network and proxy problems + + API changes: + - Added GDataPicasaWebAlbum:album-id, + gdata_picasaweb_album_get_id(), GDataPicasaWebFile:file-id + and gdata_picasaweb_file_get_id() + - Fix the value returned by gdata_entry_get_id() for + GDataPicasaWebAlbum and GDataPicasaWebFile; it is now a full + URI + + Bugs fixed: + - bgo#613529 - Sending ETag with modified query + +------------------------------------------------------------------- +Sat Mar 20 10:23:27 CET 2010 - [email protected] + +- Update to version 0.6.3: + + Major changes: + - Contacts' names can now be set as an entire GDataGDName, + rather than piecemeal + - Added the kind category to GDataContactsContact on init + + API changes: + - Added gdata_contacts_contact_set_name and made + GDataContactsContact:name writeable + - Setters in GDataGDPostalAddress no longer accept empty + strings (only NULL or a non-empty string) + + Updated translations. + +------------------------------------------------------------------- +Sun Feb 21 17:37:56 CET 2010 - [email protected] + +- Update to version 0.6.2: + + Fixed introspection build for machines without a system-wide + libtool. bgo#610273 + + Updated translations. + +------------------------------------------------------------------- +Wed Feb 17 00:00:11 CET 2010 - [email protected] + +- Update to version 0.6.1: + + Fixed introspection build for previously-non-installed + libgdata. bgo#610007 + + Updated translations. + +------------------------------------------------------------------- +Sun Feb 14 22:40:53 CET 2010 - [email protected] + +- Update to version 0.6.0: + + Major changes: + - Added feed icon support + - Added support for querying for user information on the + PicasaWeb service + - Added some code examples to the documentation + - Ensured UTF-8 is supported correctly everywhere + - Added GObject introspection support (GData-0.0.gir) + - Added a download API for PicasaWeb images and thumbnails + - Added an asynchronous PicasaWeb upload API + - Reorganised the build system to use non-recursive automake + - Added gcov support and consequently improved test coverage + somewhat + - Ensured HTTPS requests are used wherever possible, unless the + LIBGDATA_FORCE_HTTP environment variable is set + - Modified memory management to consistently use the GLib + memory manager + - Consolidated generic API errors to + GDATA_SERVICE_ERROR_PROTOCOL_ERROR + + Many API additions, and a few API changes (see NEWS for + details) + + Bugs fixed: + - bgo#598910 — Timestamp bug + - bgo#598893 — gdata_picasaweb_album_new doesn't set a valid + visibility + - bgo#599140 — Have albums initialise date to now by default + - bgo#589858 — Handle gphoto XML elements found in 'GDataFeed' + - bgo#602156 — GDataUploadStream should close GOutputStream on + dispose + - bgo#598748 — *_download_document prevents non-overwriting + saving into directories + - bgo#597248, bgo#598746, bgo#598912, bgo#598913, bgo#598649, + bgo#600262, bgo#604313, bgo#601919, bgo#607607 +- Add gir-repository, gobject-introspection-devel BuildRequires. +- Rename libgdata6 to libgdata7, following soname version bump. + +------------------------------------------------------------------- +Sat Dec 5 00:42:19 CET 2009 - [email protected] + +- Update to version 0.5.1: + + Major changes: + - Fix up Unicode support in queries + + Bugs fixed: + - bgo#598746 — gdata_picasaweb_query_set_image_size + documentation fix + - bgo#598910 — Timestamp bug + - bgo#598912 — Test data was changed by my mucking around with + comments + - bgo#598893 — gdata_picasaweb_album_new doesn't set a valid + visibility + - bgo#602156 — GDataUploadStream should close GOutputStream on + dispose +- Changes from version 0.5.0: + + Major changes: + - Added Exif support for PicasaWeb files + - Added the ability to query single Google Documents files + - Errors are now logged in the "libgdata" domain + - Added GeoRSS support for PicasaWeb files and albums + - Optimisation to the XML output functions + - Added streaming download and upload support using + GDataDownloadStream and GDataUploadStream + - Added support for silent building with AM_SILENT_RULES + - Updated the GData namespace to version 3, improving name and + address support + + Many API additions, and a few API changes (see NEWS for + details) + + Bugs fixed: + - bgo#589265 – Crash on query error + - bgo#589545 – *_download_document(): let the client decide + where to download + - bgo#589201 – Add EXIF support for PicasaWeb image files + - bgo#589850 – gdata_picasaweb_album_get_timestamp() returns + date in 1970! + - bgo#590345 – <gd:deleted> handling in GDataDocumentsEntry + - bgo#589855 – Obsolete <rights> not handled in + GDataPicasaWebAlbum parse_xml() + - bgo#590341 – Allow querying of single documents + - bgo#590132 – Unhandled XML for georss + - bgo#590568 – Crash on querying inside a folder + - bgo#591966 — Can't query single spreadsheets + - bgo#591974 — remove_document_from_folder moves documents to + the trash + - bgo#591691 — Getting a feed containing PDF documents returns + NULL + - bgo#592124 — G_LOG_DOMAIN not set for subdirectories ++++ 171 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:11.4:Update/.libgdata.595.new/libgdata.changes New: ---- baselibs.conf libgdata-0.6.6.tar.bz2 libgdata-validate-ssl-cert.patch libgdata.changes libgdata.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libgdata.spec ++++++ # # spec file for package libgdata (Version 0.6.6) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: libgdata BuildRequires: glib2-devel BuildRequires: gobject-introspection-devel BuildRequires: intltool BuildRequires: libsoup-devel License: LGPLv2.1+ Group: Development/Libraries/GNOME Version: 0.6.6 Release: 1 Summary: GLib-based library for accessing online service APIs using the GData protocol Source: %{name}-%{version}.tar.bz2 Source99: baselibs.conf # PATCH-FIX-UPSTREAM libgdata-validate-ssl-cert.patch bnc#752088 CVE-2012-1177 [email protected] -- validate ssl certificates for all connections Patch0: libgdata-validate-ssl-cert.patch # Needed for patch0 BuildRequires: gnome-common BuildRoot: %{_tmppath}/%{name}-%{version}-build %description libgdata is a GLib-based library for accessing online service APIs using the GData protocol — most notably, Google's services. It provides APIs to access the common Google services, and has full asynchronous support. %package -n libgdata7 License: LGPLv2.1+ Summary: GLib-based library for accessing online service APIs using the GData protocol Group: Development/Libraries/GNOME Requires: %{name}-lang = %{version} # Needed for the lang package to be installable: Provides: %{name} = %{version} %description -n libgdata7 libgdata is a GLib-based library for accessing online service APIs using the GData protocol — most notably, Google's services. It provides APIs to access the common Google services, and has full asynchronous support. %package devel License: LGPLv2.1+ Summary: GLib-based library for accessing online service APIs using the GData protocol Group: Development/Libraries/GNOME Requires: libgdata7 = %{version} Requires: glib2-devel Requires: libsoup-devel Requires: libxml2-devel %description devel libgdata is a GLib-based library for accessing online service APIs using the GData protocol — most notably, Google's services. It provides APIs to access the common Google services, and has full asynchronous support. %lang_package %prep %setup -q %patch0 -p1 # Needed for patch0 NOCONFIGURE=1 gnome-autogen.sh %build %configure \ --disable-static \ --with-ca-certs=/etc/ssl/ca-bundle.pem %__make %{?jobs:-j%jobs} %install %makeinstall find %{buildroot} -type f -name "*.la" -delete -print %find_lang gdata %clean rm -rf %{buildroot} %post -n libgdata7 -p /sbin/ldconfig %postun -n libgdata7 -p /sbin/ldconfig %files -n libgdata7 %defattr(-,root,root) %doc AUTHORS ChangeLog COPYING HACKING NEWS README %{_libdir}/*.so.* %{_libdir}/girepository-1.0/GData-0.0.typelib %files devel %defattr(-,root,root) %{_includedir}/* %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %{_datadir}/gir-1.0/*.gir %{_datadir}/gtk-doc/html/gdata %files lang -f gdata.lang %changelog ++++++ baselibs.conf ++++++ libgdata7 ++++++ libgdata-validate-ssl-cert.patch ++++++ >From 8eff8fa9138859e03e58c2aa76600ab63eb5c29c Mon Sep 17 00:00:00 2001 From: Philip Withnall <[email protected]> Date: Thu, 08 Mar 2012 00:09:08 +0000 Subject: core: Validate SSL certificates for all connections This prevents MitM attacks which use spoofed SSL certificates. Closes: https://bugzilla.gnome.org/show_bug.cgi?id=671535 --- Index: libgdata-0.6.6/configure.ac =================================================================== --- libgdata-0.6.6.orig/configure.ac +++ libgdata-0.6.6/configure.ac @@ -87,6 +87,13 @@ fi AC_SUBST(GNOME_CFLAGS) AC_SUBST(GNOME_LIBS) +# System SSL CA certificates +AC_ARG_WITH(ca-certs, + AS_HELP_STRING([--with-ca-certs=PATH],[location of SSL CA certificates (default: /etc/ssl/certs/ca-certificates.crt)]), + ca_certs="$withval", + ca_certs="/etc/ssl/certs/ca-certificates.crt") +AC_DEFINE_UNQUOTED(CA_CERTS, "$ca_certs", [Where to look for SSL CA certificates]) + # Internationalisation support GETTEXT_PACKAGE=gdata AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE, ["$GETTEXT_PACKAGE"], [Define to the Gettext package name]) Index: libgdata-0.6.6/gdata/gdata-service.c =================================================================== --- libgdata-0.6.6.orig/gdata/gdata-service.c +++ libgdata-0.6.6/gdata/gdata-service.c @@ -200,7 +200,7 @@ static void gdata_service_init (GDataService *self) { self->priv = G_TYPE_INSTANCE_GET_PRIVATE (self, GDATA_TYPE_SERVICE, GDataServicePrivate); - self->priv->session = soup_session_sync_new (); + self->priv->session = soup_session_sync_new_with_options (SOUP_SESSION_SSL_CA_FILE, CA_CERTS, NULL); #ifdef HAVE_GNOME soup_session_add_feature_by_type (self->priv->session, SOUP_TYPE_GNOME_FEATURES_2_26); -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
