Hello community, here is the log from the commit of package mumble for openSUSE:Factory checked in at 2014-06-18 07:50:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mumble (Old) and /work/SRC/openSUSE:Factory/.mumble.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mumble" Changes: -------- --- /work/SRC/openSUSE:Factory/mumble/mumble.changes 2014-05-16 18:11:47.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.mumble.new/mumble.changes 2014-06-18 07:52:58.000000000 +0200 @@ -1,0 +2,7 @@ +Sat Jun 14 15:27:40 UTC 2014 - [email protected] + +- update to 1.2.7 to fix SSL security issues (CVE-2014-0224, + CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, + CVE-2014-3470) + +------------------------------------------------------------------- Old: ---- mumble-1.2.6.tar.gz mumble-1.2.6.tar.gz.sig New: ---- mumble-1.2.7.tar.gz mumble-1.2.7.tar.gz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mumble.spec ++++++ --- /var/tmp/diff_new_pack.Fic2nO/_old 2014-06-18 07:52:58.000000000 +0200 +++ /var/tmp/diff_new_pack.Fic2nO/_new 2014-06-18 07:52:58.000000000 +0200 @@ -102,7 +102,7 @@ %if %{with pulseaudio} BuildRequires: pulseaudio-devel %endif -Version: 1.2.6%{?snapshot:_%snapshot} +Version: 1.2.7%{?snapshot:_%snapshot} Release: 0 %if 0%{!?snapshot:1} Source: http://downloads.sourceforge.net/project/mumble/Mumble/%{version}/mumble-%{version}.tar.gz ++++++ mumble-1.2.6.tar.gz -> mumble-1.2.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/CHANGES new/mumble-1.2.7/CHANGES --- old/mumble-1.2.6/CHANGES 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/CHANGES 2014-06-14 11:11:48.000000000 +0200 @@ -1,5 +1,20 @@ +2014-06-13 + Mikkel Krautz <[email protected]> + aef3509 Add CA certificate filter to MumbleSSL::addSystemCA() to work + around issue 1271. + +2014-06-05 + Mikkel Krautz <[email protected]> + ba4fde3 Bump version to 1.2.7 + +2014-05-30 + Tim Cooper <[email protected]> + 75cf9de Fix issue where the chat box does not scroll down when an + image is loaded (#1258) + 2014-05-13 Mikkel Krautz <[email protected]> + 07dc8ca Update changelog f49185d Bump version to 1.2.6 e30d7ac mumble: fix Mumble-SA-2014-006. c7aecb2 mumble: fix Mumble-SA-2014-005. @@ -11,6 +26,11 @@ 7e31c32 mumble: fix Mumble-SA-2014-001 (CVE-2014-0044). f5ebe9d Bump version to 1.2.5 +2013-12-14 + Mikkel Krautz <[email protected]> + 8323bd4 mumble: allow Log_macx.mm to build against the OS X 10.4 SDK + (for universal builds). + 2013-06-01 Stefan Hacker <[email protected]> 5ff038e Update changelog diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/g15helper/g15helper.plist new/mumble-1.2.7/g15helper/g15helper.plist --- old/mumble-1.2.6/g15helper/g15helper.plist 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/g15helper/g15helper.plist 2014-06-14 11:11:48.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundleSignature</key> <string>G15H</string> <key>CFBundleVersion</key> - <string>1.2.6</string> + <string>1.2.7</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2009 Mikkel Krautz <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/g15helper/g15helper.rc new/mumble-1.2.7/g15helper/g15helper.rc --- old/mumble-1.2.6/g15helper/g15helper.rc 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/g15helper/g15helper.rc 2014-06-14 11:11:48.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,6,0 - PRODUCTVERSION 1,2,6,0 + FILEVERSION 1,2,7,0 + PRODUCTVERSION 1,2,7,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Mikkel Krautz" VALUE "FileDescription", "Mumble G15 LCD Helper" - VALUE "FileVersion", "1.2.6" - VALUE "ProductVersion", "1.2.6" + VALUE "FileVersion", "1.2.7" + VALUE "ProductVersion", "1.2.7" VALUE "LegalCopyright", "Copyright (C) 2008-2011, Mikkel Krautz <[email protected]>" VALUE "OriginalFilename", "mumble-g15-helper.exe" VALUE "ProductName", "Mumble G15 LCD Helper" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/macx/common.pri new/mumble-1.2.7/macx/common.pri --- old/mumble-1.2.6/macx/common.pri 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/macx/common.pri 2014-06-14 11:11:48.000000000 +0200 @@ -1,6 +1,6 @@ # Common OSX overlay settings. -VERSION = 1.2.6 +VERSION = 1.2.7 DEFINES *= VERSION=\\\"$$VERSION\\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/macx/osax/osax.plist new/mumble-1.2.7/macx/osax/osax.plist --- old/mumble-1.2.6/macx/osax/osax.plist 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/macx/osax/osax.plist 2014-06-14 11:11:48.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundlePackageType</key> <string>osax</string> <key>CFbundleVersion</key> - <string>1.2.6</string> + <string>1.2.7</string> <key>CFBundleSignature</key> <string>MUOL</string> <key>CSResourcesFileMapped</key> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/overlay/overlay.pro new/mumble-1.2.7/overlay/overlay.pro --- old/mumble-1.2.6/overlay/overlay.pro 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/overlay/overlay.pro 2014-06-14 11:11:48.000000000 +0200 @@ -1,6 +1,6 @@ include (../compiler.pri) -VERSION = 1.2.6 +VERSION = 1.2.7 TARGET_EXT = .dll TEMPLATE = lib CONFIG -= qt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/overlay_gl/overlay_gl.pro new/mumble-1.2.7/overlay_gl/overlay_gl.pro --- old/mumble-1.2.6/overlay_gl/overlay_gl.pro 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/overlay_gl/overlay_gl.pro 2014-06-14 11:11:48.000000000 +0200 @@ -5,7 +5,7 @@ CONFIG -= qt CONFIG *= debug_and_release TARGET = mumble$(TARGET_ADD) -VERSION = 1.2.6 +VERSION = 1.2.7 SOURCES = overlay.c LIBS *= -lrt -ldl QMAKE_CFLAGS *= -fvisibility=hidden $(CFLAGS_ADD) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/SSL.cpp new/mumble-1.2.7/src/SSL.cpp --- old/mumble-1.2.6/src/SSL.cpp 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/SSL.cpp 2014-06-14 11:11:48.000000000 +0200 @@ -147,4 +147,28 @@ // Don't perform on-demand loading of root certificates QSslSocket::addDefaultCaCertificates(QSslSocket::systemCaCertificates()); #endif + +#ifdef Q_OS_WIN + // Work around issue #1271. + // Skype's click-to-call feature creates an enormous + // amount of certificates in the Root CA store. + { + QSslConfiguration sslCfg = QSslConfiguration::defaultConfiguration(); + QList<QSslCertificate> caList = sslCfg.caCertificates(); + + QList<QSslCertificate> filteredCaList; + foreach (QSslCertificate cert, caList) { + QString ou = cert.subjectInfo(QSslCertificate::Organization); + if (ou.contains(QLatin1String("Skype"), Qt::CaseInsensitive)) { + continue; + } + filteredCaList.append(cert); + } + + sslCfg.setCaCertificates(filteredCaList); + QSslConfiguration::setDefaultConfiguration(sslCfg); + + qWarning("SSL: CA certificate filter applied. Filtered size: %i, original size: %i", filteredCaList.size(), caList.size()); + } +#endif } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/Version.h new/mumble-1.2.7/src/Version.h --- old/mumble-1.2.6/src/Version.h 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/Version.h 2014-06-14 11:11:48.000000000 +0200 @@ -36,7 +36,7 @@ #define MUMTEXT(X) MUMXTEXT(X) #ifndef MUMBLE_VERSION -#define MUMBLE_VERSION 1.2.6 +#define MUMBLE_VERSION 1.2.7 #endif #ifndef MUMBLE_VERSION #define MUMBLE_RELEASE "Compiled " __DATE__ " " __TIME__ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/CustomElements.cpp new/mumble-1.2.7/src/mumble/CustomElements.cpp --- old/mumble-1.2.6/src/mumble/CustomElements.cpp 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/CustomElements.cpp 2014-06-14 11:11:49.000000000 +0200 @@ -36,6 +36,7 @@ #include "ClientUser.h" #include "Global.h" #include "MainWindow.h" +#include "Log.h" LogTextBrowser::LogTextBrowser(QWidget *p) : QTextBrowser(p) {} @@ -45,6 +46,13 @@ QTextBrowser::resizeEvent(e); } +bool LogTextBrowser::event(QEvent *e) { + if (e->type() == LogDocumentResourceAddedEvent::Type) { + scrollLogToBottom(); + } + return QTextBrowser::event(e); +} + int LogTextBrowser::getLogScroll() { return verticalScrollBar()->value(); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/CustomElements.h new/mumble-1.2.7/src/mumble/CustomElements.h --- old/mumble-1.2.6/src/mumble/CustomElements.h 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/CustomElements.h 2014-06-14 11:11:49.000000000 +0200 @@ -43,6 +43,7 @@ Q_DISABLE_COPY(LogTextBrowser) protected: virtual void resizeEvent(QResizeEvent *e); + virtual bool event(QEvent *e); public: LogTextBrowser(QWidget *p = NULL); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/Log.cpp new/mumble-1.2.7/src/mumble/Log.cpp --- old/mumble-1.2.6/src/mumble/Log.cpp 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/Log.cpp 2014-06-14 11:11:49.000000000 +0200 @@ -671,6 +671,9 @@ if (qte != NULL) { QEvent *e = new QEvent(QEvent::FontChange); QApplication::postEvent(qte, e); + + e = new LogDocumentResourceAddedEvent(); + QApplication::postEvent(qte, e); } } else { m_valid = false; @@ -683,3 +686,7 @@ rep->deleteLater(); } + +LogDocumentResourceAddedEvent::LogDocumentResourceAddedEvent() + : QEvent(LogDocumentResourceAddedEvent::Type) { +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/Log.h new/mumble-1.2.7/src/mumble/Log.h --- old/mumble-1.2.6/src/mumble/Log.h 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/Log.h 2014-06-14 11:11:49.000000000 +0200 @@ -119,4 +119,11 @@ bool m_onlyLoadDataURLs; }; +class LogDocumentResourceAddedEvent : public QEvent { + public: + static const QEvent::Type Type = static_cast<QEvent::Type>(20145); + + LogDocumentResourceAddedEvent(); +}; + #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/Log_macx.mm new/mumble-1.2.7/src/mumble/Log_macx.mm --- old/mumble-1.2.6/src/mumble/Log_macx.mm 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/Log_macx.mm 2014-06-14 11:11:49.000000000 +0200 @@ -33,6 +33,8 @@ #include "Log.h" #include "Global.h" +#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 + @interface MUUserNotificationCenterDelegate : NSObject @end @@ -54,6 +56,8 @@ reinterpret_cast<const UniChar *>(string.unicode()), string.length()))); } +#endif + extern bool qt_mac_execute_apple_script(const QString &script, AEDesc *ret); static bool growl_available() { @@ -84,6 +88,7 @@ void Log::postNotification(MsgType mt, const QString &console, const QString &plain) { QString title = msgName(mt); +#if MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 if (QSysInfo::MacintoshVersion >= QSysInfo::MV_MOUNTAINLION) { NSUserNotificationCenter *userNotificationCenter = [NSUserNotificationCenter defaultUserNotificationCenter]; if (userNotificationCenter.delegate == nil) { @@ -95,7 +100,9 @@ userNotification.title = [Log_QString_to_NSString(title) autorelease]; userNotification.informativeText = [Log_QString_to_NSString(plain) autorelease]; [userNotificationCenter scheduleNotification:userNotification]; - } else { + } else +#endif + { QString qsScript = QString::fromLatin1( "tell application \"GrowlHelperApp\"\n" " notify with name \"%1\" title \"%1\" description \"%2\" application name \"Mumble\"\n" @@ -103,4 +110,4 @@ if (growl_available()) qt_mac_execute_apple_script(qsScript, NULL); } -} \ No newline at end of file +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/mumble.plist new/mumble-1.2.7/src/mumble/mumble.plist --- old/mumble-1.2.6/src/mumble/mumble.plist 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/mumble.plist 2014-06-14 11:11:49.000000000 +0200 @@ -26,7 +26,7 @@ </dict> </array> <key>CFBundleVersion</key> - <string>1.2.6</string> + <string>1.2.7</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2005-2010 Thorvald Natvig <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble/mumble.rc new/mumble-1.2.7/src/mumble/mumble.rc --- old/mumble-1.2.6/src/mumble/mumble.rc 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble/mumble.rc 2014-06-14 11:11:49.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,6,0 - PRODUCTVERSION 1,2,6,0 + FILEVERSION 1,2,7,0 + PRODUCTVERSION 1,2,7,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Thorvald Natvig" VALUE "FileDescription", "Mumble - Low-latency VoIP client" - VALUE "FileVersion", "1.2.6" - VALUE "ProductVersion", "1.2.6" + VALUE "FileVersion", "1.2.7" + VALUE "ProductVersion", "1.2.7" VALUE "LegalCopyright", "Copyright (C) 2005-2011, Thorvald Natvig <[email protected]>" VALUE "OriginalFilename", "mumble.exe" VALUE "ProductName", "Mumble" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/mumble.pri new/mumble-1.2.7/src/mumble.pri --- old/mumble-1.2.6/src/mumble.pri 2014-05-14 20:01:46.000000000 +0200 +++ new/mumble-1.2.7/src/mumble.pri 2014-06-14 11:11:48.000000000 +0200 @@ -1,6 +1,6 @@ include(../compiler.pri) -VERSION = 1.2.6 +VERSION = 1.2.7 DIST = mumble.pri Message.h PacketDataStream.h CryptState.h Timer.h Version.h OSInfo.h SSL.h Mumble.proto CONFIG += qt thread debug_and_release warn_on DEFINES *= MUMBLE_VERSION_STRING=$$VERSION diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/murmur/murmur.plist new/mumble-1.2.7/src/murmur/murmur.plist --- old/mumble-1.2.6/src/murmur/murmur.plist 2014-05-14 20:01:47.000000000 +0200 +++ new/mumble-1.2.7/src/murmur/murmur.plist 2014-06-14 11:11:49.000000000 +0200 @@ -13,7 +13,7 @@ <key>CFBundleSignature</key> <string>MMUR</string> <key>CFBundleVersion</key> - <string>1.2.6</string> + <string>1.2.7</string> <key>NSHumanReadableCopyright</key> <string>Copyright (c) 2005-2010 Thorvald Natvig <[email protected]></string> </dict> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mumble-1.2.6/src/murmur/murmur.rc new/mumble-1.2.7/src/murmur/murmur.rc --- old/mumble-1.2.6/src/murmur/murmur.rc 2014-05-14 20:01:47.000000000 +0200 +++ new/mumble-1.2.7/src/murmur/murmur.rc 2014-06-14 11:11:49.000000000 +0200 @@ -15,8 +15,8 @@ #endif VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,2,6,0 - PRODUCTVERSION 1,2,6,0 + FILEVERSION 1,2,7,0 + PRODUCTVERSION 1,2,7,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS (VER_DEBUG|VER_RELEASE) FILEOS VOS_NT_WINDOWS32 @@ -29,8 +29,8 @@ BEGIN VALUE "CompanyName", "Thorvald Natvig" VALUE "FileDescription", "Murmur - Low-latency VoIP server" - VALUE "FileVersion", "1.2.6" - VALUE "ProductVersion", "1.2.6" + VALUE "FileVersion", "1.2.7" + VALUE "ProductVersion", "1.2.7" VALUE "LegalCopyright", "Copyright (C) 2005-2011, Thorvald Natvig <[email protected]>" VALUE "OriginalFilename", "murmur.exe" VALUE "ProductName", "Mumble" -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
