Fri Sep 28 01:39:41 PDT 2012

9 files changed, 104 insertions, 32 deletions

diff --git a/extra/cppunit/PKGBUILD b/extra/cppunit/PKGBUILD
index 988124454..6fcb3d40d 100644
--- a/extra/cppunit/PKGBUILD
+++ b/extra/cppunit/PKGBUILD
@@ -1,11 +1,11 @@
-# $Id: PKGBUILD 163110 2012-07-07 09:30:05Z andyrtr $
+# $Id: PKGBUILD 167193 2012-09-27 15:30:04Z andyrtr $
 # Maintainer: Stéphane Gaudreault <stephane@archlinux.org>
 # Contributor: Jeff 'codemac' Mickey <jeff@archlinux.org>
 
 pkgname=cppunit
-pkgver=1.13.0
+pkgver=1.13.1
 pkgrel=1
-_hash=0c65c839854edd43d9294d1431a2b292
+_hash=fa9aa839145cdf860bf596532bb8af97
 pkgdesc="A C++ unit testing framework"
 arch=('i686' 'x86_64')
 url="http://www.freedesktop.org/wiki/Software/cppunit"
diff --git a/extra/feh/PKGBUILD b/extra/feh/PKGBUILD
index 1274c5c59..5098feb65 100644
--- a/extra/feh/PKGBUILD
+++ b/extra/feh/PKGBUILD
@@ -1,11 +1,11 @@
-# $Id: PKGBUILD 167159 2012-09-26 17:14:45Z bisson $
+# $Id: PKGBUILD 167203 2012-09-27 22:43:39Z bisson $
 # Maintainer: Gaetan Bisson <bisson@archlinux.org>
 # Contributor: Andrea Scarpino <andrea@archlinux.org>
 # Contributor: dorphell <dorphell@archlinux.org>
 # Contributor: Tom Newsom <Jeepster@gmx.co.uk>
 
 pkgname=feh
-pkgver=2.6.2
+pkgver=2.6.3
 pkgrel=1
 pkgdesc='Fast and light imlib2-based image viewer'
 url='http://feh.finalrewind.org/'
@@ -16,7 +16,7 @@ optdepends=('perl: feh-cam, webcam wrapper for feh'
             'imagemagick: support more file formats')
 makedepends=('libxt')
 source=("${url}${pkgname}-${pkgver}.tar.bz2")
-sha1sums=('a2c6cf99ef2128834d14c0367cb5a9a11957ba6c')
+sha1sums=('3aa991b1596d5bc1fb35e8a1b356b5f1a8a9c04e')
 
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
diff --git a/extra/gnutls/PKGBUILD b/extra/gnutls/PKGBUILD
index f35e89e63..ad28fdfc6 100644
--- a/extra/gnutls/PKGBUILD
+++ b/extra/gnutls/PKGBUILD
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD 165900 2012-09-03 09:49:29Z andyrtr $
+# $Id: PKGBUILD 167195 2012-09-27 15:45:57Z andyrtr $
 # Maintainer: Jan de Groot <jgc@archlinux.org>
 
 pkgname=gnutls
-pkgver=3.1.1
+pkgver=3.1.2
 pkgrel=1
 pkgdesc="A library which provides a secure layer over a reliable transport layer"
 arch=('i686' 'x86_64')
@@ -13,8 +13,8 @@ options=('!libtool' '!zipman')
 depends=('gcc-libs>=4.7.1-5' 'libtasn1' 'readline' 'zlib' 'nettle>=2.4' 'p11-kit>=0.12')
 makedepends=('valgrind' 'strace')
 source=(http://ftp.gnu.org/gnu/gnutls/${pkgname}-${pkgver}.tar.xz{,.sig})
-md5sums=('59c432df79108c74c34a4582c7d7e7e7'
-         '00d354ec9ac8ca4329b35ea397589b6c')
+md5sums=('5d722e5850d79269ba413b0e69b9e14f'
+         '2764135bac008654a0b2fdd9fc6e62d1')
 
 build() {
   cd "${srcdir}/${pkgname}-${pkgver}"
diff --git a/extra/imagemagick/PKGBUILD b/extra/imagemagick/PKGBUILD
index d7e3ab964..b3a717d40 100644
--- a/extra/imagemagick/PKGBUILD
+++ b/extra/imagemagick/PKGBUILD
@@ -1,9 +1,9 @@
-# $Id: PKGBUILD 166610 2012-09-13 02:13:20Z eric $
+# $Id: PKGBUILD 167199 2012-09-27 17:38:29Z eric $
 # Maintainer: Eric Bélanger <eric@archlinux.org>
 
 pkgbase=imagemagick
 pkgname=('imagemagick' 'imagemagick-doc')
-pkgver=6.7.9.4
+pkgver=6.7.9.8
 pkgrel=1
 arch=('i686' 'x86_64')
 url="http://www.imagemagick.org/"
@@ -12,7 +12,7 @@ makedepends=('libltdl' 'lcms2' 'libxt' 'fontconfig' 'libxext' 'ghostscript' \
              'openexr' 'libwmf' 'librsvg' 'libxml2' 'jasper' 'liblqr')
 source=(ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick-${pkgver%.*}-${pkgver##*.}.tar.xz \
         perlmagick.rpath.patch)
-sha1sums=('6fa1a160c85f9119047a94ad1c8d3f49d9a84492'
+sha1sums=('dc61335f931ea637e7bd2e711b520d221bfe464c'
           '23405f80904b1de94ebd7bd6fe2a332471b8c283')
 
 build() {
diff --git a/extra/libtasn1/PKGBUILD b/extra/libtasn1/PKGBUILD
index 20d5bf4cc..ffcdb9bb9 100644
--- a/extra/libtasn1/PKGBUILD
+++ b/extra/libtasn1/PKGBUILD
@@ -1,9 +1,9 @@
-# $Id: PKGBUILD 160686 2012-06-03 18:36:06Z andyrtr $
+# $Id: PKGBUILD 167197 2012-09-27 15:53:17Z andyrtr $
 # Maintainer: Jan de Groot <jgc@archlinux.org>
 # Contributor: judd <jvinet@zeroflux.org>
 
 pkgname=libtasn1
-pkgver=2.13
+pkgver=2.14
 pkgrel=1
 pkgdesc="The ASN.1 library used in GNUTLS"
 arch=('i686' 'x86_64')
@@ -13,8 +13,8 @@ depends=('glibc' 'texinfo')
 options=('!libtool')
 install=libtasn1.install
 source=(http://ftp.gnu.org/gnu/libtasn1/${pkgname}-${pkgver}.tar.gz{,.sig})
-sha1sums=('89120584bfedd244dab92df99e955a174c481851'
-          '2f9ce2aef6c1bd78f462e95de531b2b61f59d13c')
+sha1sums=('22f9e0b15f870c8e03ac9cc1ead969d4d84eb931'
+          'cd6fdde4f59f7c24eb738896904034f17ab490f2')
 
 build() {
   cd "${srcdir}/${pkgname}-${pkgver}"
diff --git a/extra/live-media/PKGBUILD b/extra/live-media/PKGBUILD
index 709eb00c7..0a69ffbc8 100644
--- a/extra/live-media/PKGBUILD
+++ b/extra/live-media/PKGBUILD
@@ -1,9 +1,9 @@
-# $Id: PKGBUILD 166690 2012-09-15 17:24:11Z giovanni $
+# $Id: PKGBUILD 167205 2012-09-27 23:00:52Z giovanni $
 # Maintainer: Giovanni Scafora <giovanni@archlinux.org>
 # Contributor: Gilles CHAUVIN <gcnweb@gmail.com>
 
 pkgname=live-media
-pkgver=2012.09.13
+pkgver=2012.09.27
 pkgrel=1
 pkgdesc="A set of C++ libraries for multimedia streaming"
 arch=('i686' 'x86_64')
@@ -11,7 +11,7 @@ license=('LGPL')
 url="http://live555.com/liveMedia"
 depends=('gcc-libs')
 source=("http://live555.com/liveMedia/public/live.${pkgver}.tar.gz")
-md5sums=('33ffc8df7f07a6db0e923d73dfdc0547')
+md5sums=('a587166b7830f1be4b829c2bf84ac195')
 
 build() {
   cd ${srcdir}/live
diff --git a/extra/qt/PKGBUILD b/extra/qt/PKGBUILD
index a29c185e7..c2002dea7 100644
--- a/extra/qt/PKGBUILD
+++ b/extra/qt/PKGBUILD
@@ -1,11 +1,11 @@
-# $Id: PKGBUILD 166954 2012-09-23 09:22:55Z andrea $
+# $Id: PKGBUILD 167191 2012-09-27 12:38:07Z andrea $
 # Maintainer: Andrea Scarpino <andrea@archlinux.org>
 # Contributor: Pierre Schmitz <pierre@archlinux.de>
 
 pkgbase=qt
 pkgname=('qt' 'qt-private-headers')
 pkgver=4.8.3
-pkgrel=3
+pkgrel=4
 arch=('i686' 'x86_64')
 url='http://qt-project.org/'
 license=('GPL3' 'LGPL')
@@ -20,7 +20,8 @@ source=("http://releases.qt-project.org/qt4/source/${_pkgfqn}.tar.gz"
         'qtconfig.desktop'
         'improve-cups-support.patch'
         'fix-crash-in-assistant.patch'
-        'undo-fix-jit-crash-on-x86_64.patch')
+        'undo-fix-jit-crash-on-x86_64.patch'
+        'disable-ssl-compression.patch')
 md5sums=('a663b6c875f8d7caa8ac9c30e4a4ec3b'
          'fc211414130ab2764132e7370f8e5caa'
          '85179f5e0437514f8639957e1d8baf62'
@@ -28,7 +29,8 @@ md5sums=('a663b6c875f8d7caa8ac9c30e4a4ec3b'
          '6b771c8a81dd90b45e8a79afa0e5bbfd'
          'c439c7731c25387352d8453ca7574971'
          '57590084078b6379f0501f7728b02ae2'
-         '094e5a4e30e52423c77daa4a9c782df5')
+         '094e5a4e30e52423c77daa4a9c782df5'
+         '94e9e433342018bf35e8d6d968b7432c')
 
 build() {
   cd "${srcdir}"/${_pkgfqn}
@@ -41,6 +43,9 @@ build() {
 
   # (FS#31654)
   patch -Rp1 -i "${srcdir}"/undo-fix-jit-crash-on-x86_64.patch
+
+  # Security fix
+  patch -p1 -i "${srcdir}"/disable-ssl-compression.patch
   
   export QT4DIR="${srcdir}"/${_pkgfqn}
   export LD_LIBRARY_PATH=${QT4DIR}/lib:${LD_LIBRARY_PATH}
diff --git a/extra/qt/disable-ssl-compression.patch b/extra/qt/disable-ssl-compression.patch
new file mode 100644
index 000000000..443af57f3
--- /dev/null
+++ b/extra/qt/disable-ssl-compression.patch
@@ -0,0 +1,68 @@
+From d41dc3e101a694dec98d7bbb582d428d209e5401 Mon Sep 17 00:00:00 2001
+From: Richard Moore <rich@kde.org>
+Date: Fri, 14 Sep 2012 00:13:08 +0100
+Subject: [PATCH] Disable SSL compression by default.
+
+Disable SSL compression by default since this appears to be the a likely
+cause of the currently hyped CRIME attack.
+
+This is a backport of 5ea896fbc63593f424a7dfbb11387599c0025c74
+
+Change-Id: I6eeefb23c6b140a9633b28ed85879459c474348a
+Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
+Reviewed-by: Peter Hartmann <phartmann@rim.com>
+---
+ src/network/ssl/qssl.cpp              |    5 +++--
+ src/network/ssl/qsslconfiguration.cpp |    4 +++-
+ src/network/ssl/qsslconfiguration_p.h |    4 +++-
+ 3 files changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/src/network/ssl/qssl.cpp b/src/network/ssl/qssl.cpp
+index 49e086f..9578178 100644
+--- a/src/network/ssl/qssl.cpp
++++ b/src/network/ssl/qssl.cpp
+@@ -148,8 +148,9 @@ QT_BEGIN_NAMESPACE
+ 
+     By default, SslOptionDisableEmptyFragments is turned on since this causes
+     problems with a large number of servers. SslOptionDisableLegacyRenegotiation
+-    is also turned on, since it introduces a security risk. The other options
+-    are turned off.
++    is also turned on, since it introduces a security risk.
++    SslOptionDisableCompression is turned on to prevent the attack publicised by
++    CRIME. The other options are turned off.
+ 
+     Note: Availability of above options depends on the version of the SSL
+     backend in use.
+diff --git a/src/network/ssl/qsslconfiguration.cpp b/src/network/ssl/qsslconfiguration.cpp
+index 24c7b77..3a05f54 100644
+--- a/src/network/ssl/qsslconfiguration.cpp
++++ b/src/network/ssl/qsslconfiguration.cpp
+@@ -201,7 +201,9 @@ bool QSslConfiguration::isNull() const
+             d->privateKey.isNull() &&
+             d->peerCertificate.isNull() &&
+             d->peerCertificateChain.count() == 0 &&
+-            d->sslOptions == (QSsl::SslOptionDisableEmptyFragments|QSsl::SslOptionDisableLegacyRenegotiation));
++            d->sslOptions == ( QSsl::SslOptionDisableEmptyFragments
++                              |QSsl::SslOptionDisableLegacyRenegotiation
++                              |QSsl::SslOptionDisableCompression));
+ }
+ 
+ /*!
+diff --git a/src/network/ssl/qsslconfiguration_p.h b/src/network/ssl/qsslconfiguration_p.h
+index 74f17cd..c36b651 100644
+--- a/src/network/ssl/qsslconfiguration_p.h
++++ b/src/network/ssl/qsslconfiguration_p.h
+@@ -83,7 +83,9 @@ public:
+         : protocol(QSsl::SecureProtocols),
+           peerVerifyMode(QSslSocket::AutoVerifyPeer),
+           peerVerifyDepth(0),
+-          sslOptions(QSsl::SslOptionDisableEmptyFragments|QSsl::SslOptionDisableLegacyRenegotiation)
++          sslOptions(QSsl::SslOptionDisableEmptyFragments
++                     |QSsl::SslOptionDisableLegacyRenegotiation
++                     |QSsl::SslOptionDisableCompression)
+     { }
+ 
+     QSslCertificate peerCertificate;
+-- 
+1.7.10
+
diff --git a/extra/quota-tools/PKGBUILD b/extra/quota-tools/PKGBUILD
index 33474d7e9..41bb7f216 100644
--- a/extra/quota-tools/PKGBUILD
+++ b/extra/quota-tools/PKGBUILD
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD 163746 2012-07-18 22:38:58Z eric $
+# $Id: PKGBUILD 167201 2012-09-27 19:22:41Z eric $
 # Maintainer: Eric Bélanger <eric@archlinux.org>
 
 pkgname=quota-tools
-pkgver=4.00
+pkgver=4.01
 pkgrel=1
 epoch=1
 pkgdesc="Tools to manage kernel-level quotas in Linux"
@@ -12,21 +12,20 @@ license=('GPL' 'BSD')
 depends=('e2fsprogs')
 backup=('etc/warnquota.conf' 'etc/quotatab' 'etc/quotagrpadmins')
 options=('!emptydirs')
-source=(http://downloads.sourceforge.net/sourceforge/linuxquota/quota-${pkgver}.tar.gz \
-        LICENSE)
-sha1sums=('9ef79933bebfd80f007600fd422616ad161c5fd0'
-          '57297bdc9e638c500506169bbbe12eb89bcf7d07')
+source=(http://downloads.sourceforge.net/sourceforge/linuxquota/quota-${pkgver}.tar.gz)
+sha1sums=('64d2ab8b039cfea1aa4bd9e77e8c373488a7f0bf')
 
 build() {
   cd "${srcdir}/${pkgname}"
   ./configure --prefix=/usr --sysconfdir=/etc
-  make RPCGEN="rpcgen -Y /usr/bin"
+  make
 }
 
 package() {
   cd "${srcdir}/${pkgname}"
   make ROOTDIR="${pkgdir}" install
-  install -D -m644 "${srcdir}/LICENSE" "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+  install -d "${pkgdir}/usr/share/licenses/${pkgname}"
+  head -33 quota.c > "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
 
 # remove conflicts with glibc
   rm "${pkgdir}"/usr/include/rpcsvc/rquota.{h,x}