diff options
| -rw-r--r-- | bitlbee.h | 4 | ||||
| -rw-r--r-- | debian/NEWS | 2 | ||||
| -rw-r--r-- | debian/changelog | 33 | ||||
| -rw-r--r-- | debian/control | 26 | ||||
| -rwxr-xr-x | debian/rules | 5 | ||||
| -rw-r--r-- | doc/CHANGES | 18 | ||||
| -rw-r--r-- | protocols/purple/ft.c | 4 |
7 files changed, 73 insertions, 19 deletions
@@ -36,11 +36,11 @@ extern "C" { #define PACKAGE "BitlBee" #ifndef BITLBEE_VERSION -#define BITLBEE_VERSION "3.5" +#define BITLBEE_VERSION "3.5.1" #endif #define VERSION BITLBEE_VERSION #define BITLBEE_VER(a, b, c) (((a) << 16) + ((b) << 8) + (c)) -#define BITLBEE_VERSION_CODE BITLBEE_VER(3, 5, 0) +#define BITLBEE_VERSION_CODE BITLBEE_VER(3, 5, 1) #define BITLBEE_ABI_VERSION_CODE 1 #define MAX_STRING 511 diff --git a/debian/NEWS b/debian/NEWS index e7087d23..b8552fe8 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,4 +1,4 @@ -bitlbee (3.5-1) UNRELEASED; urgency=medium +bitlbee (3.5-1) unstable; urgency=medium * /etc/default/bitlbee is now deprecated and no longer used. Any local modifications to the following settings won't be automatically migrated: diff --git a/debian/changelog b/debian/changelog index d373358f..7c411798 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,22 @@ -bitlbee (3.5-1) UNRELEASED; urgency=medium +bitlbee (3.5-2) unstable; urgency=medium + + * TFW you find out the corrected fix diff posted on #821967 was still the + broken one and you end up doing your third upload in a weekend. :-( + Obviously build-* targets shouldn't call into binary-*, as that one + starts requiring root. This broke builds on buildd's. + * Now contains the same fix like 3.4.2-1.1, which as it turns out 3.5-1.1 + did not. (Closes: #853017) + + -- Wilmer van der Gaast <wilmer@gaast.net> Sat, 28 Jan 2017 21:06:27 +0000 + +bitlbee (3.5-1.1) unstable; urgency=medium + + [ dequis ] + * Merge back changes from 3.4.2-1.1 (Closes: #852897) + + -- dequis <dx@dxzone.com.ar> Thu, 26 Jan 2017 21:39:24 -0300 + +bitlbee (3.5-1) unstable; urgency=medium [ Jochen Sprickerhof ] * Drop dependency on net-tools @@ -12,7 +30,18 @@ bitlbee (3.5-1) UNRELEASED; urgency=medium * Remove some mentions of yahoo in control and copyright * Remove outdated stuff from README.debian - -- dequis <dx@dxzone.com.ar> Mon, 02 Jan 2017 14:25:05 -0300 + [ Wilmer van der Gaast ] + * New upstream release. + + -- Wilmer van der Gaast <wilmer@gaast.net> Tue, 24 Jan 2017 22:21:33 +0000 + +bitlbee (3.4.2-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Adding build-{arch,indep} targets. (Closes: #821967) + * Added python to build depends. + + -- Michael Lustfield <michael@lustfield.net> Mon, 18 Jul 2016 01:02:17 -0700 bitlbee (3.4.2-1) unstable; urgency=medium diff --git a/debian/control b/debian/control index ff6eee43..89a7efb3 100644 --- a/debian/control +++ b/debian/control @@ -4,7 +4,7 @@ Priority: optional Maintainer: Wilmer van der Gaast <wilmer@gaast.net> Uploaders: Jelmer Vernooij <jelmer@debian.org> Standards-Version: 3.9.8 -Build-Depends: libglib2.0-dev (>= 2.4), libevent-dev, libgnutls28-dev | libgnutls-dev | gnutls-dev, po-debconf, libpurple-dev, libotr5-dev, debhelper (>= 6.0.7~), dh-systemd (>= 1.5) | debhelper (<< 9.20131227) +Build-Depends: libglib2.0-dev (>= 2.4), libevent-dev, libgnutls28-dev | libgnutls-dev | gnutls-dev, po-debconf, libpurple-dev, libotr5-dev, debhelper (>= 6.0.7~), dh-systemd (>= 1.5) | debhelper (<< 9.20131227), python Homepage: http://www.bitlbee.org/ Vcs-Git: https://github.com/bitlbee/bitlbee Vcs-Browser: https://github.com/bitlbee/bitlbee @@ -16,8 +16,8 @@ Conflicts: bitlbee-libpurple Replaces: bitlbee-libpurple Description: IRC to other chat networks gateway (default version) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. Package: bitlbee-libpurple Architecture: any @@ -26,8 +26,8 @@ Conflicts: bitlbee Replaces: bitlbee Description: IRC to other chat networks gateway (using libpurple) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. . This package contains a version of BitlBee that uses the libpurple instant messaging library instead of built-in code, which adds support for more IM @@ -42,8 +42,8 @@ Depends: ${misc:Depends}, adduser Replaces: bitlbee Description: IRC to other chat networks gateway (common files/docs) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. . This package contains common files (mostly documentation) for bitlbee and bitlbee-libpurple. @@ -53,8 +53,8 @@ Architecture: all Depends: ${misc:Depends}, bitlbee (>= ${source:Version}) | bitlbee-libpurple (>= ${source:Version}), bitlbee (<< ${source:Version}.1~) | bitlbee-libpurple (<< ${source:Version}.1~), bitlbee-common (= ${source:Version}) Description: IRC to other chat networks gateway (dev files) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. . This package holds development stuff for compiling plug-ins. @@ -63,8 +63,8 @@ Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends}, bitlbee (= ${binary:Version}) | bitlbee-libpurple (= ${binary:Version}), bitlbee-common (= ${source:Version}) Description: IRC to other chat networks gateway (OTR plugin) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. . This package contains a plugin that adds support for Off-The-Record encryption of instant messages. @@ -75,8 +75,8 @@ Depends: ${misc:Depends}, ${shlibs:Depends}, bitlbee (= ${binary:Version}) | bit Recommends: skyped Description: IRC to other chat networks gateway (Skype plugin) This program can be used as an IRC server which forwards everything you - say to people on other chat networks: Jabber (which includes Google Talk - and Facebook Chat), ICQ, AIM, MSN and Twitter/Identica/Status.net. + say to people on other chat networks: Jabber (which includes Google + Talk), ICQ, AIM, MSN and Twitter. . This package contains a plugin that adds support for the Skype IM network. You need to download and install the Skype client for this to work. diff --git a/debian/rules b/debian/rules index b1b3bd5c..4699d1c3 100755 --- a/debian/rules +++ b/debian/rules @@ -41,6 +41,11 @@ CONFIGURE_OVERRIDES:=CPPFLAGS="$(CPPFLAGS)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAG HAS_DH_SYSTEMD:=$(shell dpkg-query -W -f='$${Status}' dh-systemd 2>/dev/null | grep -c "ok installed") +# No difference at the build stage so just call main build target. +# (Well indep could be docs-only but we prebuild them plus it's really +# not that much work.) +build-arch build-indep: build + build: build-stamp build-stamp: dh_testdir diff --git a/doc/CHANGES b/doc/CHANGES index 6f8095f4..10c0c3f5 100644 --- a/doc/CHANGES +++ b/doc/CHANGES @@ -3,6 +3,22 @@ found in the git commit logs, for example you can try: https://github.com/bitlbee/bitlbee/commits/master +Version 3.5.1: + +- purple: + * Fix crash on file transfer requests from unknown contacts. This was the + result of an incomplete fix in the previous release and may result in + remote DoS. Read the full security advisory at: + https://bugs.bitlbee.org/ticket/1282 +- After some investigation we decided to reclassify a crash fix from the + previous release as a security issue. Read the full security advisory at: + https://bugs.bitlbee.org/ticket/1281 +- Included help.txt in the release tarball, which was missing in the previous + release and resulted in adding python as a build dependency. The release + tarball of 3.5.1 does not require python. + +Finished 30 Jan 2017 + Version 3.5: - ui: @@ -59,7 +75,7 @@ Version 3.5: for ABI version checking in the future. It's optional for now, but will be enforced later. See the commit log of d28fe1c for details. (jgeboski) -Finished ... 200XX +Finished 8 Jan 2017 Version 3.4.2: - irc: diff --git a/protocols/purple/ft.c b/protocols/purple/ft.c index 81fee8d0..79476ebc 100644 --- a/protocols/purple/ft.c +++ b/protocols/purple/ft.c @@ -145,6 +145,10 @@ static gboolean prplcb_xfer_new_send_cb(gpointer data, gint fd, b_input_conditio /* TODO(wilmer): After spreading some more const goodness in BitlBee, remove the evil cast below. */ px->ft = imcb_file_send_start(ic, (char *) who, xfer->filename, xfer->size); + + if (!px->ft) { + return FALSE; + } px->ft->data = px; px->ft->accept = prpl_xfer_accept; |