Bug#987877: unblock: hyperkitty/1.3.4-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package hyperkitty
Hyperkitty 1.3.4-3 fixes RC bug #987654 (the web application loads remote
Google fonts, causing privacy breach). The patch is cherry-picked from upstream,
simple and straight-forward and has been tested.
Here's the changelog and full debdiff is attached:
> hyperkitty (1.3.4-3) unstable; urgency=high
>
> * d/p/0004_remove_link_to_google_fonts.patch: Don't load remote Google
> fonts. Thanks to Kunal Mehta for bugreport and testing. (Closes: #987654)
>
> -- Jonas Meurer <jonas@freesources.org> Thu, 29 Apr 2021 11:55:45 +0200
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock hyperkitty/1.3.4-3
Thanks for your work as Release Team <3
Cheers
jonas
diff -Nru hyperkitty-1.3.4/debian/changelog hyperkitty-1.3.4/debian/changelog
--- hyperkitty-1.3.4/debian/changelog 2021-03-03 16:25:55.000000000 +0100
+++ hyperkitty-1.3.4/debian/changelog 2021-04-29 11:55:45.000000000 +0200
@@ -1,3 +1,10 @@
+hyperkitty (1.3.4-3) unstable; urgency=high
+
+ * d/p/0004_remove_link_to_google_fonts.patch: Don't load remote Google
+ fonts. Thanks to Kunal Mehta for bugreport and testing. (Closes: #987654)
+
+ -- Jonas Meurer <jonas@freesources.org> Thu, 29 Apr 2021 11:55:45 +0200
+
hyperkitty (1.3.4-2) unstable; urgency=medium
* Replace bootstrap3 usage with bootstrap4.
diff -Nru hyperkitty-1.3.4/debian/patches/0004_remove_link_to_google_fonts.patch hyperkitty-1.3.4/debian/patches/0004_remove_link_to_google_fonts.patch
--- hyperkitty-1.3.4/debian/patches/0004_remove_link_to_google_fonts.patch 1970-01-01 01:00:00.000000000 +0100
+++ hyperkitty-1.3.4/debian/patches/0004_remove_link_to_google_fonts.patch 2021-04-29 11:55:45.000000000 +0200
@@ -0,0 +1,33 @@
+From: Jonas Meurer <jonas@freesources.org>
+Date: Thu, 29 Apr 2021 11:43:23 +0200
+Subject: Remove link to google fonts
+
+Author: nd notandy <git@notandy.de>
+Applied-Upstream: https://gitlab.com/mailman/hyperkitty/-/commit/b35d20f45aafbd152e059abe3d4052485ffae305
+Last-Update: 2021-04-29
+---
+ hyperkitty/static/hyperkitty/libs/fonts/droid/droid.css | 8 ++------
+ 1 file changed, 2 insertions(+), 6 deletions(-)
+
+diff --git a/hyperkitty/static/hyperkitty/libs/fonts/droid/droid.css b/hyperkitty/static/hyperkitty/libs/fonts/droid/droid.css
+index 0d90e79..dc93f12 100644
+--- a/hyperkitty/static/hyperkitty/libs/fonts/droid/droid.css
++++ b/hyperkitty/static/hyperkitty/libs/fonts/droid/droid.css
+@@ -2,15 +2,11 @@
+ font-family: 'Droid Sans';
+ font-style: normal;
+ font-weight: 400;
+- src: local('Droid Sans'), local('DroidSans'),
+- url(https://fonts.gstatic.com/s/droidsans/v6/s-BiyweUPV0v-yRb-cjciC3USBnSvpkopQaUR-2r7iU.ttf) format('truetype'),
+- url(DroidSans.ttf) format('truetype');
++ src: local('Droid Sans'), local('DroidSans'), url(DroidSans.ttf) format('truetype');
+ }
+ @font-face {
+ font-family: 'Droid Sans Mono';
+ font-style: normal;
+ font-weight: 400;
+- src: local('Droid Sans Mono'), local('DroidSansMono'),
+- url(https://fonts.gstatic.com/s/droidsansmono/v7/ns-m2xQYezAtqh7ai59hJYW_AySPyikQrZReizgrnuw.ttf) format('truetype'),
+- url(DroidSansMono.ttf) format('truetype');
++ src: local('Droid Sans Mono'), local('DroidSansMono'), url(DroidSansMono.ttf) format('truetype');
+ }
diff -Nru hyperkitty-1.3.4/debian/patches/series hyperkitty-1.3.4/debian/patches/series
--- hyperkitty-1.3.4/debian/patches/series 2021-03-03 16:25:55.000000000 +0100
+++ hyperkitty-1.3.4/debian/patches/series 2021-04-29 11:55:45.000000000 +0200
@@ -1,3 +1,4 @@
0001_README_remove_embedded_images.patch
0002_Use_python3_by_default.patch
0003-run-sassc-at-build-time.patch
+0004_remove_link_to_google_fonts.patch
Reply to: