Date: Saturday, September 16, 2017 @ 19:57:36 Author: anthraxx Revision: 258577
fix security patch and remove useless install file Modified: newsbeuter/trunk/PKGBUILD newsbeuter/trunk/remote-code-execution-podcast-name.patch Deleted: newsbeuter/trunk/newsbeuter.install ------------------------------------------+ PKGBUILD | 7 ++----- newsbeuter.install | 6 ------ remote-code-execution-podcast-name.patch | 2 +- 3 files changed, 3 insertions(+), 12 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-09-16 19:53:20 UTC (rev 258576) +++ PKGBUILD 2017-09-16 19:57:36 UTC (rev 258577) @@ -11,9 +11,8 @@ license=('custom: MIT') depends=('curl' 'json-c' 'libxml2' 'sqlite' 'stfl') makedepends=('swig' 'gettext') -install=$pkgname.install changelog=$pkgname.changelog -source=($pkgname-r$pkgver.tar.gz::https://github.com/akrennmair/$pkgname/archive/r2.9.tar.gz +source=($pkgname-r$pkgver.tar.gz::https://github.com/akrennmair/$pkgname/archive/r$pkgver.tar.gz $pkgname-$pkgver-ncursesw6.patch $pkgname-segfault.patch::https://github.com/akrennmair/newsbeuter/commit/33577f842d9b74c119f3cebda95ef8652304db81.patch newsbeuter-CVE-2017-12904.patch @@ -22,7 +21,7 @@ '5ae54c463f44d91725da3be655d2b107d598ade6da86ab4a99b10b039b8dba27' '60f56cabe47a1773f4a3a960ae0aee418f8a6df7bdd48b9874bf79cdd4c23b84' '51c57a5b92704f5659e1283d1bdde521b9df64d315c9584e0fc4e69bb74db930' - '481b301c217f4512390ef8428654fdf217bc04c361e3e6c4f97c6c96efac161a') + 'f5d7b9af66884e9551eb28a36bad9f14f361809664fddde68e89ca540e4a27c9') prepare() { cd "${srcdir}"/$pkgname-r$pkgver @@ -43,7 +42,5 @@ cd "${srcdir}"/$pkgname-r$pkgver make prefix=/usr DESTDIR="${pkgdir}" install - -#license install -Dm644 LICENSE "${pkgdir}"/usr/share/licenses/$pkgname/LICENSE } Deleted: newsbeuter.install =================================================================== --- newsbeuter.install 2017-09-16 19:53:20 UTC (rev 258576) +++ newsbeuter.install 2017-09-16 19:57:36 UTC (rev 258577) @@ -1,6 +0,0 @@ -post_install() { -cat << EOF -==> If you're not satisfied by the information "man newsbeuter" provides, -==> have a look at /usr/share/doc/newsbeuter/newsbeuter.html -EOF -} Modified: remote-code-execution-podcast-name.patch =================================================================== --- remote-code-execution-podcast-name.patch 2017-09-16 19:53:20 UTC (rev 258576) +++ remote-code-execution-podcast-name.patch 2017-09-16 19:57:36 UTC (rev 258577) @@ -10,7 +10,7 @@ - cmdline.append("\""); + cmdline.append(" \'"); + cmdline.append(utils::replace_all(file,"'", "%27")); -+ cmdline.append(" \'"); ++ cmdline.append("\'"); stfl::reset(); LOG(LOG_DEBUG, "pb_controller::play_file: running `%s'", cmdline.c_str()); ::system(cmdline.c_str());