Bug#958192: stretch-pu: package xdg-utils/1.1.1-1+deb9u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#958192: stretch-pu: package xdg-utils/1.1.1-1+deb9u1
From: Nicholas Guriev <guriev-ns@ya.ru>
Date: Sun, 19 Apr 2020 17:16:22 +0300
Message-id: <[🔎] 202004191416.03JEGM2d017491@dandelion.mymedia.su>
Reply-to: Nicholas Guriev <guriev-ns@ya.ru>, 958192@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Dear release managers,

Along with 1.1.3-1+deb10u1 for buster I propose an update for stretch
with the same fixes that applicable for 1.1.1 version.

As #958141 the update can be found in Git repository[1] or on
mentors.d.n[2]. The debdiff is attached also.

 [1]: https://salsa.debian.org/freedesktop-team/xdg-utils/-/tree/stretch
 [2]: https://mentors.debian.net/package/xdg-utils


-- System Information:
Debian Release: buster/sid
  APT prefers eoan-updates
  APT policy: (500, 'eoan-updates'), (500, 'eoan-security'), (500, 'eoan')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.3.0-46-generic (SMP w/4 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE=ru (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

diffstat for xdg-utils-1.1.1 xdg-utils-1.1.1

 changelog                             |   12 ++++++++++
 patches/Create-data-apps-dir.patch    |   19 +++++++++++++++++
 patches/Directories-with-spaces.patch |   35 +++++++++++++++++++++++++++++++
 patches/Sanitise-window-name.patch    |   38 ++++++++++++++++++++++++++++++++++
 patches/series                        |    3 ++
 5 files changed, 107 insertions(+)

diff -Nru xdg-utils-1.1.1/debian/changelog xdg-utils-1.1.1/debian/changelog
--- xdg-utils-1.1.1/debian/changelog	2018-05-20 12:44:40.000000000 +0300
+++ xdg-utils-1.1.1/debian/changelog	2020-04-19 16:47:09.000000000 +0300
@@ -1,3 +1,15 @@
+xdg-utils (1.1.1-1+deb9u2) stretch; urgency=medium
+
+  * Apply patches:
+    - Sanitise-window-name.patch fixes crash in xdg-screensaver.
+      Closes: #910070, LP: #1743216, Upstream: BR108121.
+    - Directories-with-spaces.patch corrects handling directories with spaces
+      in the name. LP: #1848335, Upstream: #166.
+    - Create-data-apps-dir.patch fixes xdg-mime with temporary $XDG_DATA_HOME.
+      Closes: #652038.
+
+ -- Nicholas Guriev <guriev-ns@ya.ru>  Sun, 19 Apr 2020 16:47:09 +0300
+
 xdg-utils (1.1.1-1+deb9u1) stretch-security; urgency=high
 
   * Fix CVE-2017-18266, closes: #898317.
diff -Nru xdg-utils-1.1.1/debian/patches/Create-data-apps-dir.patch xdg-utils-1.1.1/debian/patches/Create-data-apps-dir.patch
--- xdg-utils-1.1.1/debian/patches/Create-data-apps-dir.patch	1970-01-01 03:00:00.000000000 +0300
+++ xdg-utils-1.1.1/debian/patches/Create-data-apps-dir.patch	2020-04-19 16:45:54.000000000 +0300
@@ -0,0 +1,19 @@
+Description: Create applications directory if it does not exist yet
+Bug-Debian: https://bugs.debian.org/652038
+Author: Nicholas Guriev <guriev-ns@ya.ru>
+Last-Update: Sun, 19 Apr 2020 16:25:49 +0300
+
+---
+ scripts/xdg-mime.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/scripts/xdg-mime.in
++++ b/scripts/xdg-mime.in
+@@ -244,6 +244,7 @@ make_default_generic()
+     default_file="$xdg_user_dir/applications/mimeapps.list"
+     DEBUG 2 "make_default_generic $1 $2"
+     DEBUG 1 "Updating $default_file"
++    mkdir -p "$xdg_user_dir/applications"
+     [ -f "$default_file" ] || touch "$default_file"
+     awk -v mimetype="$2" -v application="$1" '
+     BEGIN {
diff -Nru xdg-utils-1.1.1/debian/patches/Directories-with-spaces.patch xdg-utils-1.1.1/debian/patches/Directories-with-spaces.patch
--- xdg-utils-1.1.1/debian/patches/Directories-with-spaces.patch	1970-01-01 03:00:00.000000000 +0300
+++ xdg-utils-1.1.1/debian/patches/Directories-with-spaces.patch	2020-04-19 16:27:38.000000000 +0300
@@ -0,0 +1,35 @@
+Author: Andrea Tarocchi <andrea.tarocchi@gmail.com>
+Desciption: xdg-open dos not search correctly in directories with spaces in the name
+Bug: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/166
+Bug-Ubuntu: https://launchpad.net/bugs/1848335
+Origin: https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/9816ebb3
+Acked-by: Nicholas Guriev <guriev-ns@ya.ru>
+Last-Update: Sun, 19 Apr 2020 16:25:49 +0300
+
+---
+ scripts/xdg-mime.in | 2 +-
+ scripts/xdg-open.in | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+--- a/scripts/xdg-mime.in
++++ b/scripts/xdg-mime.in
+@@ -302,7 +302,7 @@ search_desktop_file()
+ 
+     grep -l "$MIME;" "$dir/"*.desktop 2>/dev/null
+ 
+-    for f in $dir/*/; do
++    for f in "$dir/"*/; do
+       [ -d "$f" ] && search_desktop_file "$MIME" "$f"
+     done
+ }
+--- a/scripts/xdg-open.in
++++ b/scripts/xdg-open.in
+@@ -277,7 +277,7 @@ search_desktop_file()
+         fi
+     fi
+ 
+-    for d in $dir/*/; do
++    for d in "$dir/"*/; do
+         [ -d "$d" ] && search_desktop_file "$default" "$d" "$target"
+     done
+ }
diff -Nru xdg-utils-1.1.1/debian/patches/Sanitise-window-name.patch xdg-utils-1.1.1/debian/patches/Sanitise-window-name.patch
--- xdg-utils-1.1.1/debian/patches/Sanitise-window-name.patch	1970-01-01 03:00:00.000000000 +0300
+++ xdg-utils-1.1.1/debian/patches/Sanitise-window-name.patch	2020-04-19 16:27:28.000000000 +0300
@@ -0,0 +1,38 @@
+Description: Sanitise window name before sending it over D-Bus
+ libdbus expects string arguments to be valid UTF-8. If they are not,
+ then it aborts, which causes our backgrounded command to terminate
+ abnormally.
+Bug: https://gitlab.freedesktop.org/xdg/xdg-utils/issues/137
+Bug-Debian: https://bugs.debian.org/910070
+Bug-Ubuntu: https://launchpad.net/bugs/1743216
+Origin: https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/455d0661
+Author: Iain Lane <iain.lane@canonical.com>
+Acked-by: Simon Lees <sflees@suse.de>
+Acked-by: Nicholas Guriev <guriev-ns@ya.ru>
+Last-Update: Sun, 19 Apr 2020 16:25:49 +0300
+
+---
+ scripts/xdg-screensaver.in | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/scripts/xdg-screensaver.in
++++ b/scripts/xdg-screensaver.in
+@@ -451,6 +451,7 @@ screensaver_gnome_screensaver()
+         perl -e '
+ use strict;
+ use warnings;
++use Encode qw(decode);
+ use IO::File;
+ use Net::DBus;
+ use X11::Protocol;
+@@ -472,6 +473,10 @@ while (1) {
+   }
+ }
+ 
++# Replace any invalid unicode characters with U+FFFD, so we dont crash when we
++# pass them over to D-Bus
++$window_name = decode("utf8", $window_name, Encode::FB_DEFAULT);
++
+ # Inhibit idle detection (flags = 8) with window name and ID.
+ # We have no reason so just send the window name again.
+ my $bus = Net::DBus->session();
diff -Nru xdg-utils-1.1.1/debian/patches/series xdg-utils-1.1.1/debian/patches/series
--- xdg-utils-1.1.1/debian/patches/series	2018-05-20 12:44:40.000000000 +0300
+++ xdg-utils-1.1.1/debian/patches/series	2020-04-19 16:45:54.000000000 +0300
@@ -1 +1,4 @@
 CVE-2017-18266.patch
+Sanitise-window-name.patch
+Directories-with-spaces.patch
+Create-data-apps-dir.patch

Reply to:

Follow-Ups:
- Processed: Re: Bug#958192: stretch-pu: package xdg-utils/1.1.1-1+deb9u1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#958192: stretch-pu: package xdg-utils/1.1.1-1+deb9u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Bug#958192: xdg-utils 1.1.1-1+deb9u2 flagged for acceptance
  - From: Adam D Barratt <adam@adam-barratt.org.uk>

Prev by Date: Processed: cantor: Don't depend on scilab, RC buggy and prevents hdf5 migration
Next by Date: Bug#956895: marked as done (nmu: isc-dhcp_4.4.1-2.1)
Previous by thread: Processed: cantor: Don't depend on scilab, RC buggy and prevents hdf5 migration
Next by thread: Processed: Re: Bug#958192: stretch-pu: package xdg-utils/1.1.1-1+deb9u1
Index(es):
- Date
- Thread