irssi: security bump to version 1.0.3

Fixes: CVE-2017-9468 - Joseph Bisch discovered that Irssi does not properly handle DCC messages without source nick/host. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. CVE-2017-9469 - Joseph Bisch discovered that Irssi does not properly handle receiving incorrectly quoted DCC files. A remote attacker can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service. See https://irssi.org/security/irssi_sa_2017_06.txt for more details. Remove 0001-Get-back-to-using-pkg-config-to-check-for-OpenSSL.patch as it applied upstream and drop autoreconf as configure.ac is no longer patched. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-18 23:35:02 +02:00 · 2017-06-18 23:35:02 +02:00 · 2e19525f2f
parent c0ad6ded01
commit 2e19525f2f
3 changed files with 2 additions and 82 deletions
--- a/package/irssi/0001-Get-back-to-using-pkg-config-to-check-for-OpenSSL.patch
+++ b/package/irssi/0001-Get-back-to-using-pkg-config-to-check-for-OpenSSL.patch
@ -1,77 +0,0 @@
-From ed0c2c1b9504a99a6dcc3c0f5de3b3a1c0232758 Mon Sep 17 00:00:00 2001
-From: Rodrigo Rebello <rprebello@gmail.com>
-Date: Mon, 20 Mar 2017 13:17:42 -0300
-Subject: [PATCH] Get back to using pkg-config to check for OpenSSL
-
-Commit 6300dfec7 removed the option to disable SSL support from the
-configure script since it became a requirement, but it also removed the
-use of pkg-config for finding the OpenSSL library and its dependencies.
-
-This had the unfortunate consequence of breaking the correct detection
-of library flags in many static linking scenarios. In some cases, for
-example, OpenSSL might have been built with zlib, which requires `-lz`
-to be passed to the linker when doing a static link of the irssi
-executable. Thus, pkg-config becomes an invaluable tool in such
-situations, since no guessing work is needed as the OpenSSL .pc file
-provides all the necessary flags.
-
-So, this patch re-inserts the PKG_CHECK_MODULES macro in the configure
-script when looking for OpenSSL. The test using AC_CHECK_LIB remains,
-but only as a last resort in case the one using pkg-config fails.
-
-Also, because the macro AM_PATH_GLIB_2_0 contains an unconditional call
-to PKG_PROG_PKG_CONFIG, the OpenSSL checks are moved so that they come
-after the Glib ones in order to avoid doubly checking for the pkg-config
-binary (PKG_CHECK_MODULES skips that check if it has been performed
-before, but PKG_PROG_PKG_CONFIG does not).
-
-Upstream status: submitted
-https://github.com/irssi/irssi/pull/677
-
-Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
---
- configure.ac | 21 +++++++++++++++------
- 1 file changed, 15 insertions(+), 6 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 02b33497..9f191d3f 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -231,11 +231,6 @@ if test "x$want_socks" = "xyes"; then
- fi
- 
- dnl **
-dnl ** OpenSSL checks
-dnl **
-AC_CHECK_LIB([ssl], [SSL_library_init])
-
-dnl **
- dnl ** fe-text checks
- dnl **
- 
-@@ -276,7 +271,21 @@ if test -z "$GLIB_LIBS"; then
-   AC_ERROR([GLIB is required to build irssi.])
- fi
- 
-LIBS="$LIBS $GLIB_LIBS -lssl -lcrypto"
-+LIBS="$LIBS $GLIB_LIBS"
-+
-+dnl **
-+dnl ** OpenSSL checks
-+dnl **
-+PKG_CHECK_MODULES([OPENSSL], [openssl], [
-+	CFLAGS="$CFLAGS $OPENSSL_CFLAGS"
-+	LIBS="$LIBS $OPENSSL_LIBS"
-+], [
-+	AC_CHECK_LIB([ssl], [SSL_library_init], [
-+		LIBS="$LIBS -lssl -lcrypto"
-+	], [
-+		AC_MSG_ERROR([The OpenSSL library was not found])
-+	])
-+])
- 
- dnl **
- dnl ** curses checks
-- 
-2.11.0
-
--- a/package/irssi/irssi.hash
+++ b/package/irssi/irssi.hash
@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	5c1c3cc2caf103aad073fadeb000e0f8cb3b416833a7f43ceb8bd9fcf275fbe9	irssi-1.0.2.tar.xz
+sha256	838220297dcbe7c8c42d01005059779a82f5b7b7e7043db37ad13f5966aff581	irssi-1.0.3.tar.xz
--- a/package/irssi/irssi.mk
+++ b/package/irssi/irssi.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-IRSSI_VERSION = 1.0.2
+IRSSI_VERSION = 1.0.3
 IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz
 # Do not use the github helper here. The generated tarball is *NOT* the
 # same as the one uploaded by upstream for the release.
@ -13,9 +13,6 @@ IRSSI_LICENSE = GPL-2.0+
 IRSSI_LICENSE_FILES = COPYING
 IRSSI_DEPENDENCIES = host-pkgconf libglib2 ncurses openssl

-# We're patching configure.ac, so we need to autoreconf
-IRSSI_AUTORECONF = YES
-
 IRSSI_CONF_OPTS = \
 	--disable-glibtest \
 	--with-ncurses=$(STAGING_DIR)/usr \