Hello community, here is the log from the commit of package pitivi.4636 for openSUSE:13.2:Update checked in at 2016-02-07 17:29:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/pitivi.4636 (Old) and /work/SRC/openSUSE:13.2:Update/.pitivi.4636.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pitivi.4636" Changes: -------- New Changes file: --- /dev/null 2016-01-27 19:41:03.648095915 +0100 +++ /work/SRC/openSUSE:13.2:Update/.pitivi.4636.new/pitivi.changes 2016-02-07 17:29:06.000000000 +0100 @@ -0,0 +1,296 @@ +------------------------------------------------------------------- +Wed Dec 30 10:20:11 UTC 2015 - [email protected] + +- Add pitivi-CVE-2015-0855.patch: Fix 'Insecure use of os.system()' + (boo#960339, CVE-2015-0855). + +------------------------------------------------------------------- +Mon Jun 1 09:49:27 UTC 2015 - [email protected] + +- Add python3-cairo requires: yet an other hard dependency to + start pitivi (boo#905667). + +------------------------------------------------------------------- +Tue Nov 18 10:26:20 UTC 2014 - [email protected] + +- Add python3-numpy and python3-gst requires: hard dependencies to + start pitivi. + +------------------------------------------------------------------- +Tue Nov 4 09:38:18 UTC 2014 - [email protected] + +- Update to version 0.94 (boo#927357, boo#905667): + + The main toolbar and menubar have been replaced by a headerbar + and menubutton, saving a significant amount of precious + vertical space and using the horizontal space better. + + The viewer has been ported to use a GStreamer GL video output + sink instead of the Clutter sink. This solves crashes when + running Pitivi outside of GNOME Shell and is expected to be a + more future-proof solution. + + We dropped our use of CoGL APIs, namely path_round_rectangle + which caused crashes on various Linux distributions shipping a + broken version of CoGL. + + Pitivi has been ported to Python 3. + + Text wrapping in the rendering progress dialog and title editor + has been fixed. + + Effects can now be reordered within a clip's properties. + + The default positioning of UI components (when starting from a + fresh install) has been improved to be balanced properly. + + Undocked window components do not shift position on startup + anymore. + + Docked window components do not shift position on startup + anymore, when the window is not maximized. + + The title editor's UI has been simplified, and now supports + decimal font sizes. + + Educational infobars throughout the UI have been tweaked to + make their colors less intrusive. + + The user manual is now up to date with the state of the new + Pitivi series. + + Port deprecated GTK+ widgets to new ones. + + Timeline UI animations have been tweaked. + + Code refactoring and cleanup all over the place. + + Various build and packaging fixes. + + Various fixes to the test suite. + + Various other bugs have been corrected. +- Update BuildRequires for python3 port: + + Replace python-cairo-devel with python3-cairo-devel and + python-devel with python3-gobject. ++ Replace python-gobject requires by python3-gobject: pitivi has + been ported to Python3. +- Add explicit typelib-1_0-GES-1_0 Requires, so we can specify the + minimum version. + +------------------------------------------------------------------- +Mon Oct 20 16:22:53 UTC 2014 - [email protected] + +- Add gstreamer-plugin-gnonlin requires: hard dependency to + start pitivi. + +------------------------------------------------------------------- +Fri Jul 11 21:40:46 UTC 2014 - [email protected] + +- Update to version 0.93: + + Port the viewer and media file previewers to use a Clutter + video output sink. + + Visual refinements to the timeline (clip positioning, borders, + selections). + + Improvements to the ruler and timecode display. + + Allow importing MPEG-TS/AVCHD files. + + Fixes and improvements to the timeline's clip thumbnailers. + + Clip thumbnailing in the media library, better import error + handling. + + Various fixes to the application version checking. + + Rework the way dependencies are checked on startup. + + Make some features contextual and cleanup menus. + + Many content updates to the user manual. + + Papercut fixes to keyframe curves. + + Many fixes for rendering. + + Fix pylint errors. + + Various fixes to the automated test suite. + + Code refactoring and cleanup all over the place. + + Fixes for AppData XML spec compliance. + + Various build and packaging fixes. + +------------------------------------------------------------------- +Tue Nov 26 21:36:32 UTC 2013 - [email protected] + +- Update to version 0.92: + + Fix a bug where transitions would stop working. + + Fix the handling of rendering parameters. + + Fixes for the keyframes UI in the timeline. + + Usability improvements for the welcome dialog. + + Update the preview immediately when adding an effect. + + Fixes for AppData XML spec compliance. + + Various build and packaging fixes. + + Drop the PyXDG dependency. +- Changes from version 0.9.1: + + Replacing the core of Pitivi by GES; 20 thousand lines of + code removed. + + Porting to GStreamer 1.x. + + Porting to GTK+ 3.x. + + Replacing GooCanvas by Clutter for the timeline. + + An automated UI test suite, with many checks for + mission-critical parts. + + Fixing hundreds of bugs. + + Implementing many new features. + + UI polish all over the place. + + Refactoring pretty much the entire codebase. + + See http://wiki.pitivi.org/wiki/0.91 for details + + Updated translations. +- Add itstool and python-cairo-devel: New dependencies. +- Drop pitivi-help_figures.patch: fixed upstream. +- Remove codecscontainers.jpg and mainwindow.jpg: included in the + tarball now. +- Drop static python requires: python-gnome, python-gconf, + python-goocanvas, pythong-gstreamer-0_10-, python-gtk, + python-setuptools, python-xdg and python-zopeinterface: pitivi + now uses the GI repository. +- Drop gstreamer-0_10 and gstreamer-0_10-plugin-gnonlin Requires: + pitivi has been ported to GStreamer 1.0. +- Add gobject-introspection BuildRequires in order to get automatic + typelib() Requires. +- Add python-gobject Requires. + +------------------------------------------------------------------- +Wed Jul 4 14:52:44 UTC 2012 - [email protected] + +- Add pitivi-help_figures.patch: Fix an encoding error in the + distributed Makefile.am and Makefile.in and change + mainwindow.png to mainwindow.jpg. +- Add codecscontainers.jpg as source. Due to the encoding error + addressed by above patch, this file was not present in the + tarball. +- Add mainwindow.jpg as source: upstream accidentally references + a .png file in the makefiles, but the real file is a .jpg. + +------------------------------------------------------------------- +Thu May 3 19:44:51 UTC 2012 - [email protected] + +- Update to version 0.15.2: + + Bug fixed for a regression introduced by 0.15.1 + + Updated translations. + +------------------------------------------------------------------- +Sat Feb 25 10:28:18 UTC 2012 - [email protected] + +- Update to version 0.15.1: + + Bug fix release to ensure compatibility with Gst "good" plugins + >0.10.29 + + Minor string fixes and additions to the user manual + + Updated translations. + +------------------------------------------------------------------- +Thu Sep 29 11:29:18 UTC 2011 - [email protected] + +- Add frei0r-plugins Recommends: those plugins add many useful + video effects to Pitivi, which makes the experience of using it + much better. + +------------------------------------------------------------------- +Wed Sep 28 13:17:48 CEST 2011 - [email protected] + +- Update to version 0.15.0: + + A new transformation feature allows resizing, panning and + cropping clips directly in the previewer + + Automatic clip alignment by analyzing soundtracks to sync + multicamera footage + + Ability to have presets for rendering + + Default set of project settings and rendering presets + + Cleaner preferences dialog + + Integrated offline user manual + + Cleaner advanced codec settings dialog + + Improved video thumbnailing performance + + "Soft depedencies" manager to warn the user of features + requiring additional packages + + Port to gtkbuilder + + Respect GNOME's button icons setting + + Improved startup time + + Code cleanups and remove dead code + + Properly show property descriptions (blurbs) for advanced codec + settings. + +------------------------------------------------------------------- +Sat Aug 13 23:23:45 CEST 2011 - [email protected] + +- Update to version 0.14.2: + + Transformation UI directly in the video viewer + + Auto-aligner feature ++++ 99 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.2:Update/.pitivi.4636.new/pitivi.changes New: ---- pitivi-0.94.tar.xz pitivi-CVE-2015-0855.patch pitivi.changes pitivi.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pitivi.spec ++++++ # # spec file for package pitivi # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: pitivi Version: 0.94 Release: 0 Summary: Intuitive and featureful movie editor License: LGPL-2.1+ Group: Productivity/Multimedia/Video/Editors and Convertors Url: http://www.pitivi.org/ Source: http://download.gnome.org/sources/pitivi/%{version}/%{name}-%{version}.tar.xz # PATCH-FIX-UPSTREAM pitivi-CVE-2015-0855.patch boo#960339 CVE-2015-0855 [email protected] -- Fix 'Insecure use of os.system()' Patch0: pitivi-CVE-2015-0855.patch BuildRequires: fdupes BuildRequires: gnome-doc-utils-devel >= 0.18.0 BuildRequires: gobject-introspection BuildRequires: hicolor-icon-theme BuildRequires: intltool BuildRequires: itstool BuildRequires: pkg-config BuildRequires: python3-cairo-devel BuildRequires: python3-gobject BuildRequires: shared-mime-info BuildRequires: translation-update-upstream BuildRequires: update-desktop-files Requires: gstreamer-plugin-gnonlin >= 1.4.0 Requires: python3-cairo Requires: python3-gobject Requires: python3-gst Requires: python3-numpy # We need a minimal version of the GES-1.0 package, so we have to specify it manually Requires: typelib-1_0-GES-1_0 >= 1.4.0 Recommends: %{name}-lang # Pitivi can use the Frei0r plugins, and since this enables lots of effects, we # really want that by default if possible Recommends: frei0r-plugins BuildRoot: %{_tmppath}/%{name}-%{version}-build %py_requires %description PiTiVi is a free, intuitive and featureful movie editor. %lang_package %prep %setup -q %patch0 -p1 translation-update-upstream %build %configure --disable-static %__make %{?_smp_mflags} V=1 %install %makeinstall %find_lang %{name} %{?no_lang_C} %suse_update_desktop_file %{name} %fdupes %{buildroot}%{_datadir} %fdupes %{buildroot}%{_libdir} %clean rm -rf %{buildroot} %post %if 0%{?suse_version} > 1130 %desktop_database_post %icon_theme_cache_post %mime_database_post %else if test -x usr/bin/update-mime-database ; then usr/bin/update-mime-database usr/share/mime >/dev/null fi %endif %postun %if 0%{?suse_version} > 1130 %desktop_database_postun %icon_theme_cache_postun %mime_database_postun %else if test -x usr/bin/update-mime-database ; then usr/bin/update-mime-database usr/share/mime >/dev/null fi %endif %files %defattr(-, root, root) %doc AUTHORS COPYING NEWS RELEASE %doc %{_datadir}/help/C/%{name}/ %{_bindir}/pitivi %{_libdir}/pitivi/ %dir %{_datadir}/appdata %{_datadir}/appdata/pitivi.appdata.xml %{_datadir}/applications/pitivi.desktop %dir %{_datadir}/icons/hicolor/512x512 %dir %{_datadir}/icons/hicolor/512x512/apps %{_datadir}/icons/hicolor/*/apps/pitivi.png %{_datadir}/mime/packages/pitivi.xml %{_datadir}/pitivi/ %{_mandir}/man1/pitivi.1%{?ext_man} %files lang -f %{name}.lang %changelog ++++++ pitivi-CVE-2015-0855.patch ++++++ >From 45a4c84edb3b4343f199bba1c65502e3f49f5bb2 Mon Sep 17 00:00:00 2001 From: Luke Faraone <[email protected]> Date: Sun, 13 Sep 2015 17:29:17 +0000 Subject: Use subprocess.call() instead of os.system() when opening an image --- pitivi/mainwindow.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pitivi/mainwindow.py b/pitivi/mainwindow.py index 30847f5..c5f3db0 100644 --- a/pitivi/mainwindow.py +++ b/pitivi/mainwindow.py @@ -21,6 +21,7 @@ # Boston, MA 02110-1301, USA. import os +import subprocess from time import time from urllib.parse import unquote @@ -546,7 +547,7 @@ class PitiviMainWindow(Gtk.ApplicationWindow, Loggable): # to do a better job (sizing, zooming, metadata, editing, etc.) # than the user's favorite image viewer. if asset.is_image(): - os.system('xdg-open "%s"' % path_from_uri(asset.get_id())) + subprocess.call(['xdg-open', str(path_from_uri(asset.get_id()))]) else: preview_window = PreviewAssetWindow(asset, self) preview_window.preview() -- cgit v0.11.2
