Subject: pkg/32452: Update for chat/gaim-otr
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: None <jdwhite@jdwhite.org>
List: pkgsrc-bugs
Date: 01/04/2006 06:25:00
>Number: 32452
>Category: pkg
>Synopsis: Update to gaim-otr-3.0.0; security fixes.
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Wed Jan 04 06:25:00 +0000 2006
>Originator: Jason White
>Release: NetBSD 2.0
>Organization:
Jason White (jdwhite@jdwhite.org) http://www.jdwhite.org/~jdwhite
Jabber:jdwhite(jabber.org) IRC:irc.netbsd.org/jdwhite
PGP KeyID: 0x5290E477/A8A2 3FDB AB33 98EB ED74 EDAA F538 9A30 5290 E477
>Environment:
System: NetBSD bender.jdwhite.org 2.0 NetBSD 2.0 (BENDER) #8: Mon Nov 29 20:52:24 CST 2004 gendalia@satai:/usr/obj/i386/BENDER i386
Architecture: i386
Machine: i386
>Description:
Version 2.0.2 of the plugin contains a security flaw described here:
http://lists.cypherpunks.ca/pipermail/otr-users/2005-July/000316.html
Version 3.0.0 fixes this flaw.
>How-To-Repeat:
>Fix:
Patch for to update chat/gaim-otr to 3.0.0 follows. Added pkgsrc-enforced
dependancy on libotr-3.0.0.
diff -ru /gen/pkgsrc/current/chat/gaim-otr/Makefile gaim-otr/Makefile
--- /gen/pkgsrc/current/chat/gaim-otr/Makefile 2005-09-11 04:14:43.000000000 -0500
+++ gaim-otr/Makefile 2006-01-02 08:09:56.000000000 -0600
@@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.5 2005/09/09 23:48:05 gdt Exp $
-DISTNAME= gaim-otr-2.0.2
-PKGREVISION= 1
+DISTNAME= gaim-otr-3.0.0
+PKGREVISION=
CATEGORIES= chat security
MASTER_SITES= http://www.cypherpunks.ca/otr/
@@ -9,6 +9,8 @@
HOMEPAGE= http://www.cypherpunks.ca/otr/
COMMENT= Plugin for gaim to add OTR (Off-The-Record) encryption
+DEPENDS+= libotr>=3.0.0:../../chat/libotr
+
GNU_CONFIGURE= yes
.include "../../chat/libotr/buildlink3.mk"
diff -ru /gen/pkgsrc/current/chat/gaim-otr/distinfo gaim-otr/distinfo
--- /gen/pkgsrc/current/chat/gaim-otr/distinfo 2005-07-29 04:17:26.000000000 -0500
+++ gaim-otr/distinfo 2006-01-01 23:28:17.000000000 -0600
@@ -1,5 +1,5 @@
$NetBSD: distinfo,v 1.3 2005/07/27 19:18:14 gdt Exp $
-SHA1 (gaim-otr-2.0.2.tar.gz) = 62beb8f57de91aac97c1f3883e2ec5ab40f712e3
-RMD160 (gaim-otr-2.0.2.tar.gz) = 6bbb88c96f8d31d407b1a4c67c330c4ebcd10824
-Size (gaim-otr-2.0.2.tar.gz) = 314346 bytes
+SHA1 (gaim-otr-3.0.0.tar.gz) = 99eb9e056f5163d29d33a7d66517f53d7a7433e5
+RMD160 (gaim-otr-3.0.0.tar.gz) = 7b550b2be1bd150a48ae697fdea3efb1f1677747
+Size (gaim-otr-3.0.0.tar.gz) = 326217 bytes
>Unformatted: