Date: Monday, November 14, 2016 @ 01:48:18 Author: anthraxx Revision: 195553
updpkg: shutter 0.93.1-3 (security update CVE-2015-0854) Added: shutter/trunk/CVE-2015-0854.patch shutter/trunk/fix-dropbox.patch shutter/trunk/fix-unicode.patch Modified: shutter/trunk/PKGBUILD ---------------------+ CVE-2015-0854.patch | 41 +++++++++++++++++++++++++++++++++++++++++ PKGBUILD | 15 ++++++++++++--- fix-dropbox.patch | 11 +++++++++++ fix-unicode.patch | 10 ++++++++++ 4 files changed, 74 insertions(+), 3 deletions(-) Added: CVE-2015-0854.patch =================================================================== --- CVE-2015-0854.patch (rev 0) +++ CVE-2015-0854.patch 2016-11-14 01:48:18 UTC (rev 195553) @@ -0,0 +1,41 @@ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: [email protected] +# target_branch: bzr+ssh://bazaar.launchpad.net/+branch/shutter/ +# testament_sha1: 657f895d801b5ee567032599e2f961f4537a25db +# timestamp: 2015-09-13 01:59:36 +0000 +# base_revision_id: [email protected]\ +# b58zlfo5qb5e2cxt +# +# Begin patch +=== modified file 'share/shutter/resources/modules/Shutter/App/HelperFunctions.pm' +--- share/shutter/resources/modules/Shutter/App/HelperFunctions.pm 2013-08-25 18:40:51 +0000 ++++ share/shutter/resources/modules/Shutter/App/HelperFunctions.pm 2015-09-13 01:56:32 +0000 +@@ -53,7 +53,8 @@ + + sub xdg_open { + my ( $self, $dialog, $link, $user_data ) = @_; +- system("xdg-open $link"); ++ my @args = ("xdg-open", "$link"); ++ system(@args); + if($?){ + my $response = $self->{_dialogs}->dlg_error_message( + sprintf( $self->{_d}->get("Error while executing %s."), "'xdg-open'"), + +# Begin bundle +IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWZZuoZoAAW9fgAAwVGf//1tE +AwC///9wUAN1zXYu9esG49hKKaaU/Qyp+inpPSPSNGnk0htRkGTQBkiZNTyNDERMIAaDTQ0GgBJI +CIyamntFNpANAAAA0BtSmCk8psmU9NGo0Mag0BoB6g0Ekk0hPUzRtU09PVPaQ1DT1MmQNDQBBblC +nItOGKCVEFKr4EB+TV5NqXlTTXPaxEQcN441NfLGUe1jMvoUPf93Zo8lTOpwrtjxqi6rujPaNUTV +CagXS99rU4yR4fKPswKdWLkQ5VnuJbY6NKVyUAsM7nT6pQRQzXzlE23uIdEQUEMMZJKbdB5pRKIy +WL1scnBLBNC4at+6OQjGy1T/mLa0YWkVTkCusoYWDle1hRXrGz2YOUzUVdaddmut7OCLS7MSRXeg +caOMglpIqkaoqSvYLzbAsT+V20WStwoXb7rBRTYj4ycKqQLBHRkHWCVzJ0ibdSjXciltChrcqiQF +YgsAZ7MNOYQGgVgpP8OwBDLnM61xWspggxkwGN1KjeLWHDOYBhoHuD7V0EzQRjE9+BzPN6pDFd4W +5mbO1dxUQMJZ1WQhVIGoXzjJtObPAzQaMYhdAk5NBoj5hObdpkZjteVvW9dHtjvycid4PkVRV2w+ +2SStovOFXNFQht4TkHBfKUS0mWA3bXY7THAPIN9FWaZKdBn2cr0qUcSkLlR3l5pvSyxEs7LxNIXS +mvErI+rurPau4IOalJSpU81T54yIjOIoquDxU/BXqXpxb5/M6chvLB2a+xbMBmGrnRJp51kfOGzQ +ia23MH3Yy0rg15C2iZbPmQ5RKSoIhYUn8mUK8M6GYsayXUYgwJ0sqga7syWoa3c+w4lJ9679VCcY +iAGhmyI1BsB5lIhh41Vi0gp8qriUeKTQ3/yaeBAIqYzlwY6+Mel9IVBzLrDP5vovFKZXClW3DgEQ +kKjWFoUBM4OT1vC4uG0Ru71+XFsMip2uGNAODnDSsTsxOKTPeYAnGezwmNc05BJ4k2DYocSE5hjD +UtjJyTOMs0Ur+cMwmmFgFHLIK5cDrA4UrVR6tdSSvozJ5EYME6tTuwnxJy71DECoNbwLYORVloIE +0ojtLgetx9uCjjOYYObUq9UOcX9cZNobWDtirXS1ZsJhU0+MrslK3DBAEEBWNjaOeMS1wDwGIbJa +ma5f3PtQMadvqUGhLdV0lL1WmatWtdlWxD5LyMmc/xdyRThQkJZuoZo= Modified: PKGBUILD =================================================================== --- PKGBUILD 2016-11-14 01:20:51 UTC (rev 195552) +++ PKGBUILD 2016-11-14 01:48:18 UTC (rev 195553) @@ -7,7 +7,7 @@ pkgname=shutter pkgver=0.93.1 -pkgrel=2 +pkgrel=3 pkgdesc="a featureful screenshot tool (formerly gscrot)" arch=('any') url="http://shutter-project.org/"; @@ -20,8 +20,14 @@ optdepends=('nautilus-sendto: "Send To" functionality in right-click and main menu' 'gnome-web-photo: Support for capturing websites') #'perl-gtk2-appindicator: AppIndicator support') -source=("http://shutter-project.org/wp-content/uploads/releases/tars/$pkgname-$pkgver.tar.gz";) -md5sums=('614602040851e4cba0778704304330a0') +source=("http://shutter-project.org/wp-content/uploads/releases/tars/$pkgname-$pkgver.tar.gz"; + CVE-2015-0854.patch + fix-dropbox.patch + fix-unicode.patch) +sha512sums=('50a635fdf73454b15351a7e2c4507bf0f9fd816273affbed412f42b1032087304ecf1fb4a4b655bc056820f267b98214ff5104f4fcd9e843f78e70ac4a7a4a04' + '4307cdfe9409e3ff66c74730caa99932e1b8a2698012e948b974157219f4fc572117dd1968b29f6ea08736c0fa44a62cdb11855456cff8c280f4cd60edbc1ed6' + '88fe92c33ba2e580328589d0f1f5639aa40580f96fbc92d05903167f87053d02f472d6afcc839ca18029df6fac065c108c440da551d86494c70b1219b0b032dc' + '52ac381b5b1bd1ac5ba40cb3f6f425fbfcb5f491855af8c19494b64ba5311e6fdc3579e334a38167e1391cd57aae8d4312e389529d594aade53c6f8a49bc66c8') prepare() { cd "$srcdir/$pkgname-$pkgver" @@ -30,6 +36,9 @@ sed -e "/\$tray->set_from_icon_name/s:set_from_icon_name:set_from_file:" \ -e "s:shutter-panel:/usr/share/icons/hicolor/scalable/apps/&.svg:" \ -i bin/shutter + patch -p0 < "${srcdir}/CVE-2015-0854.patch" + patch -p0 < "${srcdir}/fix-dropbox.patch" + patch -p0 < "${srcdir}/fix-unicode.patch" } package() { Added: fix-dropbox.patch =================================================================== --- fix-dropbox.patch (rev 0) +++ fix-dropbox.patch 2016-11-14 01:48:18 UTC (rev 195553) @@ -0,0 +1,11 @@ +--- share/shutter/resources/system/upload_plugins/upload/Dropbox.pm 2015-07-09 17:58:48.000000000 +0200 ++++ share/shutter/resources/system/upload_plugins/upload/Dropbox.pm 2016-09-11 08:21:17.113474014 +0200 +@@ -195,7 +195,7 @@ + $upload_file->close(); + + if(! $self->{_box}->error) { +- $res = $self->{_box}->media($self->{_config}->{upload_folder} . "/" . basename($upload_filename)); ++ $res = $self->{_box}->shares($self->{_config}->{upload_folder} . "/" . basename($upload_filename), {short_url => 0}); + } + + if(! $self->{_box}->error){ Added: fix-unicode.patch =================================================================== --- fix-unicode.patch (rev 0) +++ fix-unicode.patch 2016-11-14 01:48:18 UTC (rev 195553) @@ -0,0 +1,10 @@ +--- bin/shutter 2016-09-11 08:50:24.000000000 +0200 ++++ bin/shutter 2016-09-11 09:20:13.379297948 +0200 +@@ -27,6 +27,7 @@ + #modules + #-------------------------------------- + use utf8; ++use encoding utf8; + use strict; + use warnings; +
