Control: tag -1 moreinfo
gregor herrmann <gregoa@debian.org> (2017-05-20):
> I've prepared an upload of shutter for stable. The new version
> includes two patches:
> - one fixing CVE-2016-10081 / #849777
> - another one which dod uploaded together with this one as 0.93.1-1.3
> in January which is also security relevant (replaces
> system("string") with system(@array)).
That's a long patch… Comments below (see last hunk, mainly).
> +shutter (0.92-0.1+deb8u2) UNRELEASED; urgency=medium
As usual, target jessie when uploading.
> ++ system(
> ++ convert =>
> ++ -caption => $text,
> ++ -fill => sprintf( "#%04x%04x%04x%04x",
> ++ $color->red,
> ++ $color->green,
> ++ $color->blue,
> ++ $stroke_color->get_alpha
> ++ ),
> ++ $filename,
> ++ -pointsize => $pointsize_sbutton->get_value,
> ++ -gravity => $gravity_combo->get_active_text,
> ++ qw/-bordercolor snow -background black/,
> ++ -polaroid => $angle_sbutton->get_value,
> ++ $tmpfilename
> ++ );
Nice variations on the “how to build a list” topic, thanks for making
sure the release team folks are fluent in Perl.
> ++ #execute imagemagick command
> ++ system(
> ++ convert =>
> ++ -background => '#00000000',
I wasn't sure that worked, but that seems to do the trick; Perl is fun.
> + sub nautilus_sendto {
> + my ( $self, $user_data ) = @_;
> +- system("nautilus-sendto $user_data &");
> ++ system('nautilus-sendto', $user_data);
> + if($?){
> + my $response = $self->{_dialogs}->dlg_error_message(
> + sprintf( $self->{_d}->get("Error while executing %s."), "'nautilus-sendto'"),
Was the '&' really meant to go away?
KiBi.
Attachment:
signature.asc
Description: Digital signature