Bug#702263: unblock: telepathy-gabble/0.16.5-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package telepathy-gabble:
unblock telepathy-gabble/0.16.5-1
This fixes a remotely-triggerable DoS (variously known as CVE-2013-1769,
#702252, fd.o #61433), and catches up with the upstream stable-branch to
fix some more minor bugs and reduce the delta between Debian and upstream:
* don't accidentally switch off use of the "modern" Call API preferred
by Empathy, making calls work better (fd.o #56181)
* fix a server-triggerable crash (fd.o #57521)
* fix a crash if we disconnect at a bad time (fd.o #52362)
* fix some race conditions and other badness in the regression tests
(which are not packaged or run in Debian wheezy)
* turn off deprecation warnings, which are inappropriate for a stable-branch
(ignored in Debian anyway)
* fix some brokenness in the procedure for making releases (not used in Debian)
The remaining upstream changes in 0.16.2, 0.16.3 were already made in Debian
via patches.
See below for a filtered diff, excluding the regression tests (which are
not run in Debian), re-generated Autotools goo, and debian/patches.
This diff is between the patched tree currently in wheezy (with patches
already applied), and the new tree (which has an empty debian/patches).
Please let me know if anything in this is problematic: with my upstream
hat on, I'm trying to make sure we make "clean" upstream stable releases.
Regards,
S
configure.ac | 3
telepathy-gabble-0.16.5/NEWS | 50 ++++++++++
telepathy-gabble-0.16.5/debian/changelog | 8 +
telepathy-gabble-0.16.5/gabble/caps-channel-manager.h | 3
telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-caps-hash.c | 37 ++++++-
telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-data-form.c | 2
telepathy-gabble-0.16.5/src/caps-channel-manager.c | 15 ---
telepathy-gabble-0.16.5/src/conn-presence.c | 11 --
telepathy-gabble-0.16.5/src/connection.c | 15 ---
telepathy-gabble-0.16.5/src/media-factory.c | 9 -
telepathy-gabble-0.16.5/src/muc-factory.c | 3
telepathy-gabble-0.16.5/tools/telepathy.am | 17 ++-
12 files changed, 113 insertions(+), 60 deletions(-)
diff -Nrua telepathy-gabble-0.16.1/aclocal.m4 telepathy-gabble-0.16.5/aclocal.m4
diff -Nrua telepathy-gabble-0.16.1/ChangeLog telepathy-gabble-0.16.5/ChangeLog
diff -Nrua telepathy-gabble-0.16.1/config.sub telepathy-gabble-0.16.5/config.sub
diff -Nrua telepathy-gabble-0.16.1/configure telepathy-gabble-0.16.5/configure
diff -Nrua telepathy-gabble-0.16.1/configure.ac telepathy-gabble-0.16.5/configure.ac
--- telepathy-gabble-0.16.1/configure.ac 2012-06-20 14:24:44.000000000 +0100
+++ telepathy-gabble-0.16.5/configure.ac 2013-03-01 12:24:05.000000000 +0000
@@ -9,7 +9,7 @@
m4_define([gabble_major_version], [0])
m4_define([gabble_minor_version], [16])
-m4_define([gabble_micro_version], [1])
+m4_define([gabble_micro_version], [5])
m4_define([gabble_nano_version], [0])
# Some magic
@@ -93,6 +93,7 @@
format-security \
init-self],
[missing-field-initializers \
+ deprecated-declarations \
unused-parameter])
AC_SUBST([ERROR_CFLAGS])
diff -Nrua telepathy-gabble-0.16.1/data/Makefile.in telepathy-gabble-0.16.5/data/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/debian/changelog telepathy-gabble-0.16.5/debian/changelog
--- telepathy-gabble-0.16.1/debian/changelog 2012-09-14 12:39:09.000000000 +0100
+++ telepathy-gabble-0.16.5/debian/changelog 2013-03-04 15:10:50.000000000 +0000
@@ -1,3 +1,11 @@
+telepathy-gabble (0.16.5-1) unstable; urgency=medium
+
+ * New upstream stable release
+ - drop all patches, applied upstream
+ - fixes a remotely-triggerable DoS (CVE-2013-1769, Closes: #702252)
+
+ -- Simon McVittie <smcv@debian.org> Mon, 04 Mar 2013 15:10:21 +0000
+
telepathy-gabble (0.16.1-2) unstable; urgency=low
* Add patch from 0.16.2 to fix a potential use-after-free when
diff -Nrua telepathy-gabble-0.16.1/debian/patches/0001-server-tls-manager-deal-with-modification-of-the-GLi.patch telepathy-gabble-0.16.5/debian/patches/0001-server-tls-manager-deal-with-modification-of-the-GLi.patch
diff -Nrua telepathy-gabble-0.16.1/debian/patches/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch telepathy-gabble-0.16.5/debian/patches/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch
diff -Nrua telepathy-gabble-0.16.1/debian/patches/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch telepathy-gabble-0.16.5/debian/patches/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch
diff -Nrua telepathy-gabble-0.16.1/debian/patches/series telepathy-gabble-0.16.5/debian/patches/series
diff -Nrua telepathy-gabble-0.16.1/depcomp telepathy-gabble-0.16.5/depcomp
diff -Nrua telepathy-gabble-0.16.1/docs/Makefile.in telepathy-gabble-0.16.5/docs/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/extensions/Makefile.in telepathy-gabble-0.16.5/extensions/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/gabble/caps-channel-manager.h telepathy-gabble-0.16.5/gabble/caps-channel-manager.h
--- telepathy-gabble-0.16.1/gabble/caps-channel-manager.h 2012-06-20 13:49:34.000000000 +0100
+++ telepathy-gabble-0.16.5/gabble/caps-channel-manager.h 2013-03-01 12:11:58.000000000 +0000
@@ -73,9 +73,6 @@
GabbleCapabilitySet *cap_set,
GPtrArray *data_forms);
-void gabble_caps_channel_manager_reset_capabilities (
- GabbleCapsChannelManager *caps_manager);
-
void gabble_caps_channel_manager_get_contact_capabilities (
GabbleCapsChannelManager *caps_manager,
TpHandle handle,
diff -Nrua telepathy-gabble-0.16.1/gabble/Makefile.in telepathy-gabble-0.16.5/gabble/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/Makefile.in telepathy-gabble-0.16.5/lib/ext/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/aclocal.m4 telepathy-gabble-0.16.5/lib/ext/wocky/aclocal.m4
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/ChangeLog telepathy-gabble-0.16.5/lib/ext/wocky/ChangeLog
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/compile telepathy-gabble-0.16.5/lib/ext/wocky/compile
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/config.sub telepathy-gabble-0.16.5/lib/ext/wocky/config.sub
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/configure telepathy-gabble-0.16.5/lib/ext/wocky/configure
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/depcomp telepathy-gabble-0.16.5/lib/ext/wocky/depcomp
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/docs/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/api-index-full.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/api-index-full.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/ch01.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/ch01.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/home.png telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/home.png
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/index.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/index.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/left.png telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/left.png
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/right.png telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/right.png
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/up.png telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/up.png
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyAuthRegistry.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyAuthRegistry.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyCapsCache.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyCapsCache.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyContact.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyContact.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky.devhelp2 telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky.devhelp2
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyNodeTree.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyNodeTree.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyPubsubNode.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyPubsubNode.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockyResourceContact.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockyResourceContact.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/WockySession.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/WockySession.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyAuthHandler.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyAuthHandler.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-auth-registry-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-auth-registry-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyC2SPorter.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyC2SPorter.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-connector-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-connector-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyConnector.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyConnector.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-data-form-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-data-form-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyDataForm.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyDataForm.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-debug.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-debug.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-heartbeat-source.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-heartbeat-source.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-http-proxy.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-http-proxy.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-jabber-auth-digest.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-jabber-auth-digest.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyJabberAuth.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyJabberAuth.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-jabber-auth-password.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-jabber-auth-password.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyMetaPorter.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyMetaPorter.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-muc-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-muc-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyMuc.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyMuc.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-namespaces.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-namespaces.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyNode.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyNode.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-Wocky-OpenSSL-TLS.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-Wocky-OpenSSL-TLS.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyPepService.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyPepService.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyPing.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyPing.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyPorter.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyPorter.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-helpers.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-helpers.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-node-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-node-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-node-protected.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-node-protected.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-service-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-service-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyPubsubService.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyPubsubService.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-service-protected.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-pubsub-service-protected.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyRoster.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyRoster.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockySaslAuth.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockySaslAuth.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-digest-md5.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-digest-md5.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-plain.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-plain.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-scram.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-scram.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-utils.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-sasl-utils.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyStanza.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyStanza.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyTLSConnector.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyTLSConnector.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-tls-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-tls-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyTLSHandler.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyTLSHandler.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-utils.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-utils.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-WockyXmppConnection.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-WockyXmppConnection.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-error-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-error-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-error.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-error.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-reader-enumtypes.html telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/html/wocky-wocky-xmpp-reader-enumtypes.html
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/docs/reference/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/docs/reference/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/examples/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/examples/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/ltmain.sh telepathy-gabble-0.16.5/lib/ext/wocky/ltmain.sh
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/m4/libtool.m4 telepathy-gabble-0.16.5/lib/ext/wocky/m4/libtool.m4
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/m4/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/m4/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/tests/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/tests/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/tools/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/tools/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/wocky/Makefile.in telepathy-gabble-0.16.5/lib/ext/wocky/wocky/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/wocky/wocky-caps-hash.c telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-caps-hash.c
--- telepathy-gabble-0.16.1/lib/ext/wocky/wocky/wocky-caps-hash.c 2012-06-13 13:39:16.000000000 +0100
+++ telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-caps-hash.c 2013-03-01 08:53:00.000000000 +0000
@@ -80,8 +80,17 @@
else if (left_type != NULL && right_type == NULL)
return 1;
else /* left_type != NULL && right_type != NULL */
- return strcmp (g_value_get_string (left_type->default_value),
- g_value_get_string (right_type->default_value));
+ {
+ const gchar *left_value = NULL, *right_value = NULL;
+
+ if (left_type->raw_value_contents != NULL)
+ left_value = left_type->raw_value_contents[0];
+
+ if (right_type->raw_value_contents != NULL)
+ right_value = right_type->raw_value_contents[0];
+
+ return g_strcmp0 (left_value, right_value);
+ }
}
static GPtrArray *
@@ -190,16 +199,22 @@
continue;
}
- form_name = g_value_get_string (field->default_value);
-
if (field->type != WOCKY_DATA_FORM_FIELD_TYPE_HIDDEN)
{
- DEBUG ("FORM_TYPE field of form '%s' is not hidden; "
- "ignoring form and moving onto next one",
- form_name);
+ DEBUG ("FORM_TYPE field is not hidden; "
+ "ignoring form and moving onto next one");
continue;
}
+ if (field->raw_value_contents == NULL ||
+ g_strv_length (field->raw_value_contents) != 1)
+ {
+ DEBUG ("FORM_TYPE field does not have exactly one value; failing");
+ goto cleanup;
+ }
+
+ form_name = field->raw_value_contents[0];
+
if (g_hash_table_lookup (form_names, form_name) != NULL)
{
DEBUG ("error: there are multiple data forms with the "
@@ -224,6 +239,14 @@
field = l->data;
+ if (field->var == NULL)
+ {
+ DEBUG ("can't hash form '%s': it has an anonymous field",
+ form_name);
+ g_slist_free (fields);
+ goto cleanup;
+ }
+
if (!wocky_strdiff (field->var, "FORM_TYPE"))
continue;
diff -Nrua telepathy-gabble-0.16.1/lib/ext/wocky/wocky/wocky-data-form.c telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-data-form.c
--- telepathy-gabble-0.16.1/lib/ext/wocky/wocky/wocky-data-form.c 2012-06-20 13:39:57.000000000 +0100
+++ telepathy-gabble-0.16.5/lib/ext/wocky/wocky/wocky-data-form.c 2013-03-01 08:53:00.000000000 +0000
@@ -1050,7 +1050,7 @@
wocky_data_form_field_cmp (const WockyDataFormField *left,
const WockyDataFormField *right)
{
- return strcmp (left->var, right->var);
+ return g_strcmp0 (left->var, right->var);
}
static void
diff -Nrua telepathy-gabble-0.16.1/lib/gibber/Makefile.in telepathy-gabble-0.16.5/lib/gibber/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/lib/Makefile.in telepathy-gabble-0.16.5/lib/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/ltmain.sh telepathy-gabble-0.16.5/ltmain.sh
diff -Nrua telepathy-gabble-0.16.1/m4/libtool.m4 telepathy-gabble-0.16.5/m4/libtool.m4
diff -Nrua telepathy-gabble-0.16.1/m4/Makefile.in telepathy-gabble-0.16.5/m4/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/Makefile.in telepathy-gabble-0.16.5/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/NEWS telepathy-gabble-0.16.5/NEWS
--- telepathy-gabble-0.16.1/NEWS 2012-06-20 14:24:31.000000000 +0100
+++ telepathy-gabble-0.16.5/NEWS 2013-03-01 12:13:04.000000000 +0000
@@ -1,3 +1,53 @@
+telepathy-gabble 0.16.5 (2013-03-01)
+====================================
+
+The “In Actuality You Are A Gigantic, Bloodthirsty Grizzly Bear”
+release. This fixes a remotely-triggered denial-of-service bug. You
+should upgrade.
+
+Fixes:
+
+• fd.o#57521: don't crash when the server sends back malformed or error
+ replies to privacy list queries. (wjt)
+
+• fd.o#61433: don't crash on weirdly-shaped data forms in caps query
+ replies. This issue is tracked as CVE-2013-1769. Unfortunately, this
+ bug can be triggered by any XMPP user who knows your bare JID, not
+ just by people you've authorized to see your presence. Fortunately, it
+ is just a NULL pointer dereference, rather than allowing the attacker
+ to do anything more nefarious like execute code. (wjt)
+
+telepathy-gabble 0.16.4 (2012-11-09)
+====================================
+
+Fixes:
+
+• fd.o#56181: don't inadvertantly disable creating Call1 channels. (rishi)
+
+• fd.o#52362: hopefully, don't crash if we disconnect in the middle of trying
+ to change our Google Talk presence. (wjt)
+
+telepathy-gabble 0.16.3 (2012-09-11)
+====================================
+
+Fixes:
+
+• Turn off deprecation warnings: we're not going to fix them on a
+ stable branch (Simon)
+
+• Make sure capability discovery works for the camera-v1 capability bundle,
+ avoiding an iChat bug in which it repeats failed capability discovery
+ requests in a rapid loop (fd.o #54634, Simon)
+
+• Fix some race conditions and other brokenness in the tests (Sjoerd)
+
+telepathy-gabble 0.16.2 (2012-08-14)
+====================================
+
+Fixes:
+
+• fd.o#53087 - Crash in tp_base_channel_close
+
telepathy-gabble 0.16.1 (2012-06-20)
====================================
diff -Nrua telepathy-gabble-0.16.1/.pc/0001-server-tls-manager-deal-with-modification-of-the-GLi.patch/src/server-tls-manager.c telepathy-gabble-0.16.5/.pc/0001-server-tls-manager-deal-with-modification-of-the-GLi.patch/src/server-tls-manager.c
diff -Nrua telepathy-gabble-0.16.1/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/gabble/capabilities.h telepathy-gabble-0.16.5/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/gabble/capabilities.h
diff -Nrua telepathy-gabble-0.16.1/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/capabilities.c telepathy-gabble-0.16.5/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/capabilities.c
diff -Nrua telepathy-gabble-0.16.1/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/connection.c telepathy-gabble-0.16.5/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/connection.c
diff -Nrua telepathy-gabble-0.16.1/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/namespaces.h telepathy-gabble-0.16.5/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/namespaces.h
diff -Nrua telepathy-gabble-0.16.1/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/presence-cache.c telepathy-gabble-0.16.5/.pc/0011-Add-Google-camera-v1-as-a-first-class-caps-bundle.patch/src/presence-cache.c
diff -Nrua telepathy-gabble-0.16.1/.pc/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch/src/connection.c telepathy-gabble-0.16.5/.pc/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch/src/connection.c
diff -Nrua telepathy-gabble-0.16.1/.pc/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch/src/media-factory.c telepathy-gabble-0.16.5/.pc/0012-Now-that-camera-v1-has-a-caps-URI-don-t-treat-it-as-.patch/src/media-factory.c
diff -Nrua telepathy-gabble-0.16.1/.pc/applied-patches telepathy-gabble-0.16.5/.pc/applied-patches
diff -Nrua telepathy-gabble-0.16.1/plugins/Makefile.in telepathy-gabble-0.16.5/plugins/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/src/caps-channel-manager.c telepathy-gabble-0.16.5/src/caps-channel-manager.c
--- telepathy-gabble-0.16.1/src/caps-channel-manager.c 2012-06-20 13:49:34.000000000 +0100
+++ telepathy-gabble-0.16.5/src/caps-channel-manager.c 2013-03-01 12:11:58.000000000 +0000
@@ -42,21 +42,6 @@
/* Virtual-method wrappers */
void
-gabble_caps_channel_manager_reset_capabilities (
- GabbleCapsChannelManager *caps_manager)
-{
- GabbleCapsChannelManagerInterface *iface =
- GABBLE_CAPS_CHANNEL_MANAGER_GET_INTERFACE (caps_manager);
- GabbleCapsChannelManagerResetCapsFunc method = iface->reset_caps;
-
- if (method != NULL)
- {
- method (caps_manager);
- }
- /* ... else assume there is no need to reset the caps */
-}
-
-void
gabble_caps_channel_manager_get_contact_capabilities (
GabbleCapsChannelManager *caps_manager,
TpHandle handle,
diff -Nrua telepathy-gabble-0.16.1/src/connection.c telepathy-gabble-0.16.5/src/connection.c
--- telepathy-gabble-0.16.1/src/connection.c 2013-03-04 15:10:11.000000000 +0000
+++ telepathy-gabble-0.16.5/src/connection.c 2013-03-01 12:11:59.000000000 +0000
@@ -3368,25 +3368,12 @@
GabbleConnection *self = GABBLE_CONNECTION (iface);
TpBaseConnection *base = (TpBaseConnection *) self;
GabbleCapabilitySet *old_caps = NULL;
- TpChannelManagerIter iter;
- TpChannelManager *manager;
guint i;
/* Now that someone has told us our *actual* capabilities, we can stop
* advertising spurious caps in initial presence */
gabble_capability_set_clear (self->priv->bonus_caps);
- tp_base_connection_channel_manager_iter_init (&iter, base);
-
- while (tp_base_connection_channel_manager_iter_next (&iter, &manager))
- {
- if (GABBLE_IS_CAPS_CHANNEL_MANAGER (manager))
- {
- gabble_caps_channel_manager_reset_capabilities (
- GABBLE_CAPS_CHANNEL_MANAGER (manager));
- }
- }
-
DEBUG ("enter");
for (i = 0; i < clients->len; i++)
@@ -3397,6 +3384,8 @@
const gchar * const * cap_tokens = g_value_get_boxed (va->values + 2);
GabbleCapabilitySet *cap_set;
GPtrArray *data_forms;
+ TpChannelManagerIter iter;
+ TpChannelManager *manager;
g_hash_table_remove (self->priv->client_caps, client_name);
g_hash_table_remove (self->priv->client_data_forms, client_name);
diff -Nrua telepathy-gabble-0.16.1/src/conn-presence.c telepathy-gabble-0.16.5/src/conn-presence.c
--- telepathy-gabble-0.16.1/src/conn-presence.c 2012-06-20 13:49:34.000000000 +0100
+++ telepathy-gabble-0.16.5/src/conn-presence.c 2013-03-01 12:11:59.000000000 +0000
@@ -706,10 +706,7 @@
GError *error = NULL;
if (wocky_stanza_extract_errors (reply_msg, NULL, &error, NULL, NULL))
- {
- g_simple_async_result_set_from_error (result, error);
- g_free (error);
- }
+ g_simple_async_result_take_error (result, error);
g_simple_async_result_complete_in_idle (result);
@@ -1290,10 +1287,10 @@
if (query_node != NULL)
list_node = wocky_node_get_child (query_node, "list");
- if (!wocky_stanza_extract_errors (reply_msg, NULL, &error, NULL, NULL) &&
- list_node != NULL)
+ if (!wocky_stanza_extract_errors (reply_msg, NULL, &error, NULL, NULL))
{
- if (!is_valid_invisible_list (list_node))
+ if (list_node == NULL ||
+ !is_valid_invisible_list (list_node))
{
g_free (priv->invisible_list_name);
priv->invisible_list_name = g_strdup ("invisible-gabble");
diff -Nrua telepathy-gabble-0.16.1/src/Makefile.in telepathy-gabble-0.16.5/src/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/src/media-factory.c telepathy-gabble-0.16.5/src/media-factory.c
--- telepathy-gabble-0.16.1/src/media-factory.c 2013-03-04 15:10:11.000000000 +0000
+++ telepathy-gabble-0.16.5/src/media-factory.c 2013-03-01 12:11:59.000000000 +0000
@@ -1124,14 +1124,6 @@
}
static void
-gabble_media_factory_reset_caps (GabbleCapsChannelManager *manager)
-{
- GabbleMediaFactory *self = GABBLE_MEDIA_FACTORY (manager);
-
- self->priv->use_call_channels = FALSE;
-}
-
-static void
gabble_media_factory_get_contact_caps (GabbleCapsChannelManager *manager,
TpHandle handle,
const GabbleCapabilitySet *caps,
@@ -1342,7 +1334,6 @@
{
GabbleCapsChannelManagerInterface *iface = g_iface;
- iface->reset_caps = gabble_media_factory_reset_caps;
iface->get_contact_caps = gabble_media_factory_get_contact_caps;
iface->represent_client = gabble_media_factory_represent_client;
}
diff -Nrua telepathy-gabble-0.16.1/src/muc-factory.c telepathy-gabble-0.16.5/src/muc-factory.c
--- telepathy-gabble-0.16.1/src/muc-factory.c 2012-06-20 13:49:34.000000000 +0100
+++ telepathy-gabble-0.16.5/src/muc-factory.c 2013-03-01 12:11:59.000000000 +0000
@@ -830,6 +830,9 @@
GHashTableIter iter;
gpointer channel = NULL;
+ if (priv->text_channels == NULL)
+ return;
+
g_hash_table_iter_init (&iter, priv->text_channels);
while (g_hash_table_iter_next (&iter, NULL, &channel))
diff -Nrua telepathy-gabble-0.16.1/tests/Makefile.in telepathy-gabble-0.16.5/tests/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/tests/suppressions/Makefile.in telepathy-gabble-0.16.5/tests/suppressions/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/caps/trust-thyself.py telepathy-gabble-0.16.5/tests/twisted/caps/trust-thyself.py
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/jingle/call-codecoffer.py telepathy-gabble-0.16.5/tests/twisted/jingle/call-codecoffer.py
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/jingle/call_helper.py telepathy-gabble-0.16.5/tests/twisted/jingle/call_helper.py
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/jingle/jingletest2.py telepathy-gabble-0.16.5/tests/twisted/jingle/jingletest2.py
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/Makefile.am telepathy-gabble-0.16.5/tests/twisted/Makefile.am
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/Makefile.in telepathy-gabble-0.16.5/tests/twisted/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/run-test.sh.in telepathy-gabble-0.16.5/tests/twisted/run-test.sh.in
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/test-debug.py telepathy-gabble-0.16.5/tests/twisted/test-debug.py
diff -Nrua telepathy-gabble-0.16.1/tests/twisted/tls/server-tls-channel.py telepathy-gabble-0.16.5/tests/twisted/tls/server-tls-channel.py
diff -Nrua telepathy-gabble-0.16.1/tools/Makefile.in telepathy-gabble-0.16.5/tools/Makefile.in
diff -Nrua telepathy-gabble-0.16.1/tools/telepathy.am telepathy-gabble-0.16.5/tools/telepathy.am
--- telepathy-gabble-0.16.1/tools/telepathy.am 2012-05-17 17:16:15.000000000 +0100
+++ telepathy-gabble-0.16.5/tools/telepathy.am 2013-03-01 12:11:59.000000000 +0000
@@ -45,9 +45,16 @@
%.tar.gz.asc: %.tar.gz
$(AM_V_GEN)gpg --detach-sign --armor $@
-@PACKAGE@-@VERSION@.tar.gz: _is-release-check check distcheck
-
-maintainer-prepare-release: _is-release-check all distcheck release-mail
+@PACKAGE@-@VERSION@.tar.gz:
+ $(MAKE) _is-release-check
+ $(MAKE) check
+ $(MAKE) distcheck
+
+maintainer-prepare-release:
+ $(MAKE) _is-release-check
+ $(MAKE) all
+ $(MAKE) distcheck
+ $(MAKE) release-mail
git tag -s @PACKAGE@-@VERSION@ -m @PACKAGE@' '@VERSION@
gpg --detach-sign --armor @PACKAGE@-@VERSION@.tar.gz
@@ -67,7 +74,9 @@
rsync -vzP @PACKAGE@-@VERSION@.tar.gz telepathy.freedesktop.org:/srv/telepathy.freedesktop.org/www/releases/@PACKAGE@/@PACKAGE@-@VERSION@.tar.gz
rsync -vzP @PACKAGE@-@VERSION@.tar.gz.asc telepathy.freedesktop.org:/srv/telepathy.freedesktop.org/www/releases/@PACKAGE@/@PACKAGE@-@VERSION@.tar.gz.asc
-maintainer-make-release: maintainer-prepare-release maintainer-upload-release
+maintainer-make-release:
+ $(MAKE) maintainer-prepare-release
+ $(MAKE) maintainer-upload-release
@echo "Now:"
@echo " • bump the nano-version;"
@echo " • push the branch and tags upstream; and"
Reply to: