summaryrefslogtreecommitdiff
path: root/libre/hplip-libre
diff options
context:
space:
mode:
authorroot <root@rshg054.dnsready.net>2013-10-14 00:05:52 -0700
committerroot <root@rshg054.dnsready.net>2013-10-14 00:05:52 -0700
commitd053938d834e74b0c881c12a5cb240ad4bab0d9b (patch)
tree7226e0e5e490369e54507fc9af134ba48d5f2b16 /libre/hplip-libre
parent39e9111d76d232d65ca0c43285dea5bd5d58d28e (diff)
Mon Oct 14 00:05:51 PDT 2013
Diffstat (limited to 'libre/hplip-libre')
-rw-r--r--libre/hplip-libre/PKGBUILD28
-rw-r--r--libre/hplip-libre/hplip-CVE-2013-4325.patch22
2 files changed, 42 insertions, 8 deletions
diff --git a/libre/hplip-libre/PKGBUILD b/libre/hplip-libre/PKGBUILD
index bd2820343..41ef21e4e 100644
--- a/libre/hplip-libre/PKGBUILD
+++ b/libre/hplip-libre/PKGBUILD
@@ -1,4 +1,4 @@
-# $Id: PKGBUILD 194375 2013-09-15 08:00:33Z andyrtr $
+# $Id: PKGBUILD 196443 2013-10-13 20:05:28Z andyrtr $
# Maintainer: Tom Gundersen <teg@jklm.no>
# Contributor : Rémy Oudompheng <remy@archlinux.org>
# Contributor: Morgan LEFIEUX <comete@archlinuxfr.org>
@@ -7,7 +7,7 @@
_pkgname=hplip
pkgname=hplip-libre
pkgver=3.13.9
-pkgrel=2
+pkgrel=3
pkgdesc="Drivers for HP DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet, without hplip-plugin binary blobs recommendation"
arch=('i686' 'x86_64')
url="http://hplipopensource.com"
@@ -30,17 +30,22 @@ provides=$_pkgname=$pkgver
options=('!libtool')
install=hplip.install
source=(http://downloads.sourceforge.net/${_pkgname}/$_pkgname-$pkgver.tar.gz{,.asc}
- hp-mkuri.patch)
+ hp-mkuri.patch
+ hplip-CVE-2013-4325.patch)
md5sums=('8fcbbd0d3a0b76550f325bd6cf46d9d9'
'SKIP'
- '0bd7779fdbc4d7a9386df04dce2cb8d4')
+ '0bd7779fdbc4d7a9386df04dce2cb8d4'
+ '947db41ee8556c78dd027a2f107957e6')
-build() {
- cd "$srcdir/$_pkgname-$pkgver"
+prepare() {
+ cd $_pkgname-$pkgver
# fix linking libnotify, FS#34283
patch -Np0 -i ${srcdir}/hp-mkuri.patch
+ # https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4325
+ patch -Np1 -i ${srcdir}/hplip-CVE-2013-4325.patch
+
export PYTHON=python2
find . -type f -exec sed -i 's~^#.*env python~#!/usr/bin/env python2~' {} +
@@ -65,7 +70,10 @@ build() {
export AUTOMAKE='automake --foreign'
autoreconf --force --install
+}
+build() {
+ cd $_pkgname-$pkgver
./configure --prefix=/usr \
--enable-qt4 \
--disable-foomatic-rip-hplip-install \
@@ -83,15 +91,19 @@ build() {
}
package() {
- #cd "$srcdir/$_pkgname-$pkgver"
- cd "$srcdir/$_pkgname-${pkgver/.a/a}"
+ #cd $_pkgname-$pkgver
+ cd $_pkgname-${pkgver/.a/a}
make rulesdir=/usr/lib/udev/rules.d DESTDIR="$pkgdir/" install
+
# remove config provided by sane and autostart of hp-daemon
rm -rf "$pkgdir"/etc/{sane.d,xdg}
+
# remove HAL .fdi file because HAL is no longer used
rm -rf "$pkgdir"/usr/share/hal
+
# log dir should not be world writeable
chmod 775 "$pkgdir"/var/log/hp{,/tmp}
+
# remove rc script
rm -rf "$pkgdir"/etc/init.d
}
diff --git a/libre/hplip-libre/hplip-CVE-2013-4325.patch b/libre/hplip-libre/hplip-CVE-2013-4325.patch
new file mode 100644
index 000000000..85bff893b
--- /dev/null
+++ b/libre/hplip-libre/hplip-CVE-2013-4325.patch
@@ -0,0 +1,22 @@
+diff -up hplip-3.13.7/base/pkit.py.CVE-2013-4325 hplip-3.13.7/base/pkit.py
+--- hplip-3.13.7/base/pkit.py.CVE-2013-4325 2013-07-23 06:18:29.000000000 +0100
++++ hplip-3.13.7/base/pkit.py 2013-09-11 10:54:13.252419283 +0100
+@@ -176,15 +176,10 @@ class PolicyKitService(dbus.service.Obje
+ "/org/freedesktop/PolicyKit1/Authority",
+ "org.freedesktop.PolicyKit1.Authority")
+ policy_kit = dbus.Interface(obj, "org.freedesktop.PolicyKit1.Authority")
+- info = dbus.Interface(connection.get_object("org.freedesktop.DBus",
+- "/org/freedesktop/DBus/Bus",
+- False),
+- "org.freedesktop.DBus")
+- pid = info.GetConnectionUnixProcessID(sender)
+
+ subject = (
+- 'unix-process',
+- { 'pid' : dbus.UInt32(pid, variant_level = 1) }
++ 'system-bus-name',
++ { 'name' : dbus.String(sender, variant_level = 1) }
+ )
+ details = { '' : '' }
+ flags = dbus.UInt32(1) # AllowUserInteraction = 0x00000001
+