Hello community, here is the log from the commit of package irssi for openSUSE:Factory checked in at 2019-08-30 14:41:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/irssi (Old) and /work/SRC/openSUSE:Factory/.irssi.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "irssi" Fri Aug 30 14:41:50 2019 rev:56 rq:727075 version:1.2.2 Changes: -------- --- /work/SRC/openSUSE:Factory/irssi/irssi.changes 2019-06-30 10:22:09.839681965 +0200 +++ /work/SRC/openSUSE:Factory/.irssi.new.7948/irssi.changes 2019-08-30 14:41:52.993418009 +0200 @@ -1,0 +2,9 @@ +Thu Aug 29 00:29:56 UTC 2019 - Ailin Nemui <[email protected]> + +- update to 1.2.2 + - Fix a use after free issue when receiving IRCv3 CAP + information from the server (GL#34) CVE-2019-15717 + - Fix a crash during startup when windows weren't fully + initialised yet (#1114, bdo#935813) + +------------------------------------------------------------------- Old: ---- irssi-1.2.1.tar.xz irssi-1.2.1.tar.xz.asc New: ---- irssi-1.2.2.tar.xz irssi-1.2.2.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ irssi.spec ++++++ --- /var/tmp/diff_new_pack.BaKmr4/_old 2019-08-30 14:41:54.929417810 +0200 +++ /var/tmp/diff_new_pack.BaKmr4/_new 2019-08-30 14:41:54.961417807 +0200 @@ -18,7 +18,7 @@ %bcond_with socks Name: irssi -Version: 1.2.1 +Version: 1.2.2 Release: 0 Summary: Modular IRC Client License: GPL-2.0-or-later ++++++ irssi-1.2.1.tar.xz -> irssi-1.2.2.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/ChangeLog new/irssi-1.2.2/ChangeLog --- old/irssi-1.2.1/ChangeLog 2019-06-28 13:54:31.000000000 +0200 +++ new/irssi-1.2.2/ChangeLog 2019-08-29 15:48:55.000000000 +0200 @@ -1,3 +1,29 @@ +commit 42110b92e92cb40e82fd736d88b099d096483939 +Author: ailin-nemui <[email protected]> +Date: Thu Aug 29 02:25:21 2019 +0200 + + tag as 1.2.2 + +commit 15867d62e7ce691cb0ba9bee6f0b21c84c309311 +Author: ailin-nemui <[email protected]> +Date: Tue Aug 27 15:12:04 2019 +0200 + + Merge pull request #1114 from ailin-nemui/startup-crash + + fix crash on startup when resizing before active_win + + (cherry picked from commit 570d6714ec3f9a55940eaf953dc7914c2534c3e2) + +commit 5b923493de17c45af36a0305b4c80b8f6ec0d03e +Author: ailin-nemui <[email protected]> +Date: Tue Aug 27 23:33:51 2019 +0200 + + fix use after free receiving caps + + fixes GL#34 + + (cherry picked from commit 5a4e7ab659aba2855895c9f43e9a7a131f4e89b3) + commit 248a1591a26e0bf3fda3545fe54ebd0c27f4419d Author: Ailin Nemui <[email protected]> Date: Fri Jun 28 13:52:47 2019 +0200 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/NEWS new/irssi-1.2.2/NEWS --- old/irssi-1.2.1/NEWS 2019-06-28 13:52:07.000000000 +0200 +++ new/irssi-1.2.2/NEWS 2019-08-29 15:48:46.000000000 +0200 @@ -1,3 +1,9 @@ +v1.2.2 2019-08-29 The Irssi team <[email protected]> + - Fix a use after free issue when receiving IRCv3 CAP + information from the server (GL#34) + - Fix a crash during startup when windows weren't fully + initialised yet (#1114, bdo#935813) + v1.2.1 2019-06-29 The Irssi team <[email protected]> ! Contains all changes from 1.1.3 - Fix a test on big endian machines (#1014) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/aclocal.m4 new/irssi-1.2.2/aclocal.m4 --- old/irssi-1.2.1/aclocal.m4 2019-06-28 13:54:39.000000000 +0200 +++ new/irssi-1.2.2/aclocal.m4 2019-08-29 15:49:01.000000000 +0200 @@ -21,7 +21,7 @@ To do so, use the procedure documented by the package, typically 'autoreconf'.])]) # pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- -# serial 12 (pkg-config-0.29.2) +# serial 11 (pkg-config-0.29.1) dnl Copyright © 2004 Scott James Remnant <[email protected]>. dnl Copyright © 2012-2015 Dan Nicholson <[email protected]> @@ -63,7 +63,7 @@ dnl See the "Since" comment for each macro you use to see what version dnl of the macros you require. m4_defun([PKG_PREREQ], -[m4_define([PKG_MACROS_VERSION], [0.29.2]) +[m4_define([PKG_MACROS_VERSION], [0.29.1]) m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1, [m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])]) ])dnl PKG_PREREQ @@ -164,7 +164,7 @@ AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl pkg_failed=no -AC_MSG_CHECKING([for $2]) +AC_MSG_CHECKING([for $1]) _PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) _PKG_CONFIG([$1][_LIBS], [libs], [$2]) @@ -174,11 +174,11 @@ See the pkg-config man page for more details.]) if test $pkg_failed = yes; then - AC_MSG_RESULT([no]) + AC_MSG_RESULT([no]) _PKG_SHORT_ERRORS_SUPPORTED if test $_pkg_short_errors_supported = yes; then $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1` - else + else $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1` fi # Put the nasty error message in config.log where it belongs @@ -195,7 +195,7 @@ _PKG_TEXT])[]dnl ]) elif test $pkg_failed = untried; then - AC_MSG_RESULT([no]) + AC_MSG_RESULT([no]) m4_default([$4], [AC_MSG_FAILURE( [The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full @@ -296,6 +296,74 @@ AS_VAR_IF([$1], [""], [$5], [$4])dnl ])dnl PKG_CHECK_VAR +dnl PKG_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND], +dnl [DESCRIPTION], [DEFAULT]) +dnl ------------------------------------------ +dnl +dnl Prepare a "--with-" configure option using the lowercase +dnl [VARIABLE-PREFIX] name, merging the behaviour of AC_ARG_WITH and +dnl PKG_CHECK_MODULES in a single macro. +AC_DEFUN([PKG_WITH_MODULES], +[ +m4_pushdef([with_arg], m4_tolower([$1])) + +m4_pushdef([description], + [m4_default([$5], [build with ]with_arg[ support])]) + +m4_pushdef([def_arg], [m4_default([$6], [auto])]) +m4_pushdef([def_action_if_found], [AS_TR_SH([with_]with_arg)=yes]) +m4_pushdef([def_action_if_not_found], [AS_TR_SH([with_]with_arg)=no]) + +m4_case(def_arg, + [yes],[m4_pushdef([with_without], [--without-]with_arg)], + [m4_pushdef([with_without],[--with-]with_arg)]) + +AC_ARG_WITH(with_arg, + AS_HELP_STRING(with_without, description[ @<:@default=]def_arg[@:>@]),, + [AS_TR_SH([with_]with_arg)=def_arg]) + +AS_CASE([$AS_TR_SH([with_]with_arg)], + [yes],[PKG_CHECK_MODULES([$1],[$2],$3,$4)], + [auto],[PKG_CHECK_MODULES([$1],[$2], + [m4_n([def_action_if_found]) $3], + [m4_n([def_action_if_not_found]) $4])]) + +m4_popdef([with_arg]) +m4_popdef([description]) +m4_popdef([def_arg]) + +])dnl PKG_WITH_MODULES + +dnl PKG_HAVE_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [DESCRIPTION], [DEFAULT]) +dnl ----------------------------------------------- +dnl +dnl Convenience macro to trigger AM_CONDITIONAL after PKG_WITH_MODULES +dnl check._[VARIABLE-PREFIX] is exported as make variable. +AC_DEFUN([PKG_HAVE_WITH_MODULES], +[ +PKG_WITH_MODULES([$1],[$2],,,[$3],[$4]) + +AM_CONDITIONAL([HAVE_][$1], + [test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"]) +])dnl PKG_HAVE_WITH_MODULES + +dnl PKG_HAVE_DEFINE_WITH_MODULES(VARIABLE-PREFIX, MODULES, +dnl [DESCRIPTION], [DEFAULT]) +dnl ------------------------------------------------------ +dnl +dnl Convenience macro to run AM_CONDITIONAL and AC_DEFINE after +dnl PKG_WITH_MODULES check. HAVE_[VARIABLE-PREFIX] is exported as make +dnl and preprocessor variable. +AC_DEFUN([PKG_HAVE_DEFINE_WITH_MODULES], +[ +PKG_HAVE_WITH_MODULES([$1],[$2],[$3],[$4]) + +AS_IF([test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"], + [AC_DEFINE([HAVE_][$1], 1, [Enable ]m4_tolower([$1])[ support])]) +])dnl PKG_HAVE_DEFINE_WITH_MODULES + # Copyright (C) 2002-2018 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/configure new/irssi-1.2.2/configure --- old/irssi-1.2.1/configure 2019-06-28 13:54:40.000000000 +0200 +++ new/irssi-1.2.2/configure 2019-08-29 15:49:02.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for irssi 1.2.1. +# Generated by GNU Autoconf 2.69 for irssi 1.2.2. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='irssi' PACKAGE_TARNAME='irssi' -PACKAGE_VERSION='1.2.1' -PACKAGE_STRING='irssi 1.2.1' +PACKAGE_VERSION='1.2.2' +PACKAGE_STRING='irssi 1.2.2' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1407,7 +1407,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures irssi 1.2.1 to adapt to many kinds of systems. +\`configure' configures irssi 1.2.2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1477,7 +1477,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of irssi 1.2.1:";; + short | recursive ) echo "Configuration of irssi 1.2.2:";; esac cat <<\_ACEOF @@ -1630,7 +1630,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -irssi configure 1.2.1 +irssi configure 1.2.2 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2232,7 +2232,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by irssi $as_me 1.2.1, which was +It was created by irssi $as_me 1.2.2, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3101,7 +3101,7 @@ # Define the identity of the package. PACKAGE='irssi' - VERSION='1.2.1' + VERSION='1.2.2' # Some tools Automake needs. @@ -13706,8 +13706,8 @@ pkg_failed=no -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for openssl" >&5 -$as_echo_n "checking for openssl... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OPENSSL" >&5 +$as_echo_n "checking for OPENSSL... " >&6; } if test -n "$OPENSSL_CFLAGS"; then pkg_cv_OPENSSL_CFLAGS="$OPENSSL_CFLAGS" @@ -13747,7 +13747,7 @@ if test $pkg_failed = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then @@ -13812,7 +13812,7 @@ elif test $pkg_failed = untried; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL_library_init in -lssl" >&5 @@ -15393,7 +15393,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by irssi $as_me 1.2.1, which was +This file was extended by irssi $as_me 1.2.2, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -15459,7 +15459,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -irssi config.status 1.2.1 +irssi config.status 1.2.2 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/configure.ac new/irssi-1.2.2/configure.ac --- old/irssi-1.2.1/configure.ac 2019-06-28 13:50:42.000000000 +0200 +++ new/irssi-1.2.2/configure.ac 2019-08-29 15:48:46.000000000 +0200 @@ -1,4 +1,4 @@ -AC_INIT(irssi, 1.2.1) +AC_INIT(irssi, 1.2.2) AC_CONFIG_SRCDIR([src]) AC_CONFIG_AUX_DIR(build-aux) AC_PREREQ(2.50) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/irssi-config.h new/irssi-1.2.2/irssi-config.h --- old/irssi-1.2.1/irssi-config.h 2019-06-28 13:54:51.000000000 +0200 +++ new/irssi-1.2.2/irssi-config.h 2019-08-29 15:49:24.000000000 +0200 @@ -17,7 +17,7 @@ #define HAVE_INTTYPES_H 1 /* Define to 1 if you have the `otr' library (-lotr). */ -/* #undef HAVE_LIBOTR */ +#define HAVE_LIBOTR 1 /* Define to 1 if you have the <memory.h> header file. */ #define HAVE_MEMORY_H 1 @@ -32,7 +32,7 @@ /* #undef HAVE_STATIC_OTR */ /* */ -#define HAVE_STATIC_PERL 1 +/* #undef HAVE_STATIC_PERL */ /* Define to 1 if you have the <stdint.h> header file. */ #define HAVE_STDINT_H 1 @@ -80,7 +80,7 @@ #define PACKAGE_NAME "irssi" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "irssi 1.2.1" +#define PACKAGE_STRING "irssi 1.2.2" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "irssi" @@ -89,7 +89,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "1.2.1" +#define PACKAGE_VERSION "1.2.2" /* printf()-format for uoff_t, eg. "u" or "lu" or "llu" */ #define PRIuUOFF_T "lu" @@ -110,7 +110,7 @@ #define STDC_HEADERS 1 /* true color support in terminal */ -/* #undef TERM_TRUECOLOR */ +#define TERM_TRUECOLOR /**/ /* What type should be used for uoff_t */ /* #undef UOFF_T_INT */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/irssi-version.h new/irssi-1.2.2/irssi-version.h --- old/irssi-1.2.1/irssi-version.h 2019-06-28 13:54:57.000000000 +0200 +++ new/irssi-1.2.2/irssi-version.h 2019-08-29 15:49:27.000000000 +0200 @@ -1,2 +1,2 @@ -#define IRSSI_VERSION_DATE 20190628 -#define IRSSI_VERSION_TIME 1352 +#define IRSSI_VERSION_DATE 20190829 +#define IRSSI_VERSION_TIME 225 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/src/fe-text/mainwindows.c new/irssi-1.2.2/src/fe-text/mainwindows.c --- old/irssi-1.2.1/src/fe-text/mainwindows.c 2019-06-28 11:43:15.000000000 +0200 +++ new/irssi-1.2.2/src/fe-text/mainwindows.c 2019-08-29 15:48:46.000000000 +0200 @@ -829,7 +829,7 @@ } /* if we lost our active mainwin, get a new one */ - if (active_mainwin == NULL && !quitting) { + if (active_mainwin == NULL && active_win != NULL && !quitting) { active_mainwin = WINDOW_MAIN(active_win); window_set_active(active_mainwin->active); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/irssi-1.2.1/src/irc/core/irc-cap.c new/irssi-1.2.2/src/irc/core/irc-cap.c --- old/irssi-1.2.1/src/irc/core/irc-cap.c 2019-06-28 11:43:15.000000000 +0200 +++ new/irssi-1.2.2/src/irc/core/irc-cap.c 2019-08-29 15:48:46.000000000 +0200 @@ -169,7 +169,7 @@ * duplicated values, let's just warn the user */ g_warning("The server sent the %s capability twice", key); } - g_hash_table_insert(server->cap_supported, key, val); + g_hash_table_replace(server->cap_supported, key, val); } /* A multiline response is always terminated by a normal one, @@ -252,7 +252,7 @@ continue; } - g_hash_table_insert(server->cap_supported, key, val); + g_hash_table_replace(server->cap_supported, key, val); cap_emit_signal(server, "new", key); } }
