commit rhythmbox.688 for openSUSE:12.2:Update

Hello community, here is the log from the commit of package rhythmbox.688 for openSUSE:12.2:Update checked in at 2012-08-06 11:10:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.2:Update/rhythmbox.688 (Old) and /work/SRC/openSUSE:12.2:Update/.rhythmbox.688.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rhythmbox.688", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2012-08-03 19:43:57.387656292 +0200 +++ /work/SRC/openSUSE:12.2:Update/.rhythmbox.688.new/rhythmbox.changes 2012-08-06 11:10:29.000000000 +0200 @@ -0,0 +1,1143 @@ +------------------------------------------------------------------- +Tue Jul 24 11:15:36 UTC 2012 - vuntz@opensuse.org + +- Add rhythmbox-CVE-2012-3355.patch: fix insecure temporary + directory use in context plugin. Fix bnc#768681, CVE-2012-3355. + +------------------------------------------------------------------- +Tue Jun 12 07:22:02 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.97: + + Uses libmusicbrainz4 for audio CD metadata + + New more compact header layout, including album art + + Deprecated artdisplay plugin + + Fixed buffering for network streams + + Configurable encoding settings for the library, using GStreamer + presets or simple quality settings + + Doesn't preserve mtime on metadata updates + + Fixed audio CD extraction speed + + New podcast subscription interface, including iTunes and + Miroguide searching and auditioning before subscription. + + Bugs fixed: bgo#338452, bgo#343660, bgo#344595, bgo#419914, + bgo#447082, bgo#526838, bgo#540726, bgo#608295, bgo#612274, + bgo#635895, bgo#661217, bgo#661341, bgo#665402, bgo#666010, + bgo#666066, bgo#668262, bgo#668395, bgo#668402, bgo#671706, + bgo#671839, bgo#671840, bgo#671950, bgo#672084, bgo#672198, + bgo#672410, bgo#672412, bgo#673799, bgo#674897, bgo#675345, + bgo#676860, bgo#677318 + + Updated translations. +- Replace pkgconfig(libmusicbrainz3) BuildRequires with + pkgconfig(libmusicbrainz4), following upstreams switch. +- Add libdiscid-devel BuildRequires: new depenency. + +------------------------------------------------------------------- +Sun Mar 11 10:15:34 UTC 2012 - zaitor@opensuse.org + +- Update to version 2.96: + + Revived Magnatune plugin. + + Better handling of non-media files. + + Dbus media server plugin improved again. + + Bugs fixed: bgo#454247, bgo#622874, bgo#644045, bgo#654637, + bgo#661957, bgo#663353, bgo#667971, bgo#668864, bgo#670666, + bgo#670772, bgo#671379. + + Updated translations. +- Remove xz BuildRequires, since it comes for free in the + buildsystem now. + +------------------------------------------------------------------- +Tue Feb 21 21:31:23 UTC 2012 - dimstar@opensuse.org + +- Add pkgconfig(ice) and pkgconfig(sm) BuildRequires: this used to + be pulled in by something else, but the xorg-x11 packaging + relayout changed that. + +------------------------------------------------------------------- +Tue Jan 17 13:38:41 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.95: + + GTK+ 3, GObject introspection, GNOME 3 compatible + + New album art database + + Grilo plugin for UPNP and Jamendo + + Rewritten visualization plugin (using clutter) + + First steps in redesigning some parts of the UI that sorely + need it + + New encoding profile system + + Plugins now based on libpeas + + Much improved dbus media server plugin +- Some of those changes were already in our package thanks to + rhythmbox-port-gtk3.patch. Drop it now rhythmbox-port-gtk3.patch. +- Re-enable translation-update-upstream in %setup, now that + rhythmbox-port-gtk3.patch is gone. +- Remove gnome-common BuildRequires and call to gnome-autogen.sh, + that were only needed for rhythmbox-port-gtk3.patch. +- Remove fdupes BuildRequires since we don't call %fdupes. +- Add and remove pkgconfig() BuildRequires, following upstream + changes: + + Added: clutter-1.0, clutter-gst-1.0, clutter-gtk-1.0, + clutter-x11-1.0, gconf-2.0, grilo-0.1, + gstreamer-interfaces-0.10, gstreamer-pbutils-0.10, mx-1.0, tdb. + + Removed: dbus-glib-1, libgnome-media-profiles-3.0. +- Change pkgconfig(pygobject-2.0) BuildRequires to + pkgconfig(pygobject-3.0). +- Add xz BuildRequires because we can't build a package for a + xz-compressed tarball without explicitly specifying that... See + bnc#697467 for more details. +- Remove python-coherence Recommends: the upnp-coherencde plugin is + now gone. +- Change --disable-vala configure option to --enable-vala. +- Remove now non-existing --disable-schemas-install configure + option. +- Stop changing libexecdir. + +------------------------------------------------------------------- +Thu Oct 6 15:24:58 UTC 2011 - vuntz@opensuse.org + +- Change vala-devel BuildRequires to vala as vala-devel is an old + deprecated name (bnc#720908). + +------------------------------------------------------------------- +Wed Jul 27 14:33:34 CEST 2011 - vuntz@opensuse.org + +- Remove mozilla-xulrunner-devel BuildRequires: it was only there + for the NPAPI headers, but rhythmbox actually uses a private copy + of those headers. + +------------------------------------------------------------------- +Thu Jul 7 16:15:27 CEST 2011 - vuntz@opensuse.org + +- Package the DAAP plugin again, now that the version of + libdmapsharing in Factory is new enough. + +------------------------------------------------------------------- +Mon Jul 4 11:30:52 CEST 2011 - vuntz@opensuse.org + +- Move to pkgconfig()-style BuildRequires: + + Note that the package won't build on old distributions anyway + because of the GNOME 3 port, so using pkgconfig()-style doesn't + break anything. + + Old ones: brasero-devel, dbus-1-glib-devel, + gstreamer010-plugins-base-devel, json-glib-devel, + libavahi-glib-devel, libgnome-keyring-devel, libgpod-devel, + libgudev-1_0-devel, libmtp-devel, libmusicbrainz3-devel, + libnotify-devel, libsoup-devel, totem-pl-parser-devel. + + New ones: avahi-glib, dbus-glib-1, json-glib-1.0, + gnome-keyring-1, gstreamer-0.10, gstreamer-plugins-base-0.10, + gudev-1.0, libbrasero-media3, libgpod-1.0, libmtp, + libmusicbrainz3, libnotify, libsoup-2.4, libsoup-gnome-2.4, + totem-plparser. +- Change libwebkit-devel BuildRequires to pkgconfig(), to build + against the GTK+ 3 version of webkit. +- Change python-gstreamer-0_10-devel, python-gtk-devel + BuildRequires to pkgconfig(pygobject-2.0) as only python-gobject + is needed for the GTK+ 3 port. +- Change python-gstreamer-0_10 Requires to python-gobject, for the + same reason. +- Remove unneeded gcc-c++, libmusicbrainz-devel BuildRequires. + +------------------------------------------------------------------- +Thu Jun 9 13:38:13 UTC 2011 - dimstar@opensuse.org + +- Add rhythmbox-port-gtk3.patch: Port rhythmbox to GTK3 and GNOME3 + infrastructure. This patch brings us to git commit e0e5d06e. +- Add gnome-common BuildRequires and call to gnome-autogen.sh, + needed for the patch. +- Disable translation-update-upstream for the moment as the patch + breaks this. +- Add pkgconfig() BuildRequires for GNOME 3: gtk+-3.0, + libgnome-media-profiles-3.0, libpeas-1.0, libpeas-gtk-1.0. +- Add gobject-introspection-devel BuildRequires. +- Remove now non-existing gnome-media-devel BuildRequires. +- Pass --disable-vala to configure. The plugins are not working + on the GNOME 3 platform yet. +- Replace gconf schema handling with gsettings schema handling. + +------------------------------------------------------------------- +Mon Feb 14 19:49:24 CET 2011 - sbrabec@suse.cz + +- Added support for translation-update-upstream. + +------------------------------------------------------------------- +Sat Feb 12 19:50:10 CET 2011 - vuntz@opensuse.org + +- Call relevant macros in %post/%postun: + + %desktop_database_post/postun because the package ships at + least one desktop file. + + %icon_theme_cache_post/postun because the package ships themed + icons. +- Pass %{?no_lang_C} to %find_lang so that english documentation + can be packaged with the program, and not in the lang subpackage. +- Change Requires of lang subpackage to Recommends, since the + english documentation is not there anymore. + +------------------------------------------------------------------- +Mon Jan 17 12:28:12 CET 2011 - dimstar@opensuse.org + +- Update to version 0.13.3: + + Reimplemented source list, allowing for things that aren't + sources + + Updated notifications, mostly for GNOME Shell + + Expose playlists in MPRIS and MediaServer2 DBus interfaces + + New context pane tab showing links to various websites + + Bugs fixed: bgo#510679, bgo#599294, bgo#609009, bgo#622980, + bgo#633531, bgo#633542, bgo#634065, bgo#634114, bgo#635323, + bgo#635963, bgo#635964, bgo#636482, bgo#636550, bgo#637174, + bgo#637819, bgo#639266 + + Updated translations. +- Drop rhythmbox-fix-upnp-plugin.patch: fixed upstream. + +------------------------------------------------------------------- +Fri Nov 19 10:42:42 CET 2010 - vuntz@opensuse.org + +- Add json-glib-devel BuildRequires to build the last.fm plugin. +- Explicitly list the plugins in the file list, so we can know when + we lose a plugin because of missing dependencies. + +------------------------------------------------------------------- +Sat Nov 6 19:07:50 CET 2010 - dimstar@opensuse.org + ++++ 946 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:12.2:Update/.rhythmbox.688.new/rhythmbox.changes New: ---- rhythmbox-2.97.tar.xz rhythmbox-CVE-2012-3355.patch rhythmbox.changes rhythmbox.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rhythmbox.spec ++++++ # # spec file for package rhythmbox # # Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: rhythmbox Version: 2.97 Release: 0 Summary: GNOME Music Management Application License: GPL-2.0+ Group: Productivity/Multimedia/Sound/Players Url: http://www.gnome.org/projects/rhythmbox/ Source: http://download.gnome.org/sources/rhythmbox/2.97/%{name}-%{version}.tar.xz # PATCH-FIX-UPSTREAM rhythmbox-CVE-2012-3355.patch CVE-2012-3355 bnc#768681 vuntz@opensuse.org -- Fix insecure temporary directory use in context plugin Patch0: rhythmbox-CVE-2012-3355.patch BuildRequires: gnome-doc-utils-devel BuildRequires: gobject-introspection-devel BuildRequires: intltool BuildRequires: libdiscid-devel %if 0%{?suse_version} >= 1140 BuildRequires: libdmapsharing-devel %endif BuildRequires: lirc-devel BuildRequires: translation-update-upstream BuildRequires: update-desktop-files BuildRequires: vala BuildRequires: pkgconfig(avahi-glib) BuildRequires: pkgconfig(clutter-1.0) >= 1.2 BuildRequires: pkgconfig(clutter-gst-1.0) >= 1.0 BuildRequires: pkgconfig(clutter-gtk-1.0) >= 1.0 BuildRequires: pkgconfig(clutter-x11-1.0) >= 1.2 BuildRequires: pkgconfig(gconf-2.0) BuildRequires: pkgconfig(gnome-keyring-1) BuildRequires: pkgconfig(grilo-0.1) >= 0.1.17 BuildRequires: pkgconfig(gstreamer-0.10) >= 0.10.32 BuildRequires: pkgconfig(gstreamer-interfaces-0.10) >= 0.10.32 BuildRequires: pkgconfig(gstreamer-pbutils-0.10) >= 0.10.32 BuildRequires: pkgconfig(gstreamer-plugins-base-0.10) >= 0.10.32 BuildRequires: pkgconfig(gtk+-3.0) >= 3.2.0 BuildRequires: pkgconfig(gudev-1.0) BuildRequires: pkgconfig(ice) BuildRequires: pkgconfig(json-glib-1.0) BuildRequires: pkgconfig(libbrasero-media3) BuildRequires: pkgconfig(libgpod-1.0) BuildRequires: pkgconfig(libmtp) BuildRequires: pkgconfig(libmusicbrainz4) >= 4.0.0 BuildRequires: pkgconfig(libnotify) BuildRequires: pkgconfig(libpeas-1.0) >= 0.7.3 BuildRequires: pkgconfig(libpeas-gtk-1.0) >= 0.7.3 BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(libsoup-gnome-2.4) BuildRequires: pkgconfig(mx-1.0) >= 1.0.1 BuildRequires: pkgconfig(pygobject-3.0) >= 2.90.2 BuildRequires: pkgconfig(sm) BuildRequires: pkgconfig(tdb) BuildRequires: pkgconfig(totem-plparser) BuildRequires: pkgconfig(webkitgtk-3.0) Requires: gstreamer010-plugins-base Requires: gstreamer010-plugins-good # For python plugins Requires: python-gobject Recommends: %{name}-lang Recommends: media-player-info BuildRoot: %{_tmppath}/%{name}-%{version}-build %py_requires %glib2_gsettings_schema_requires %description Music Management application with support for ripping audio-CD's, playback of Ogg Vorbis and MP3 and burning of CD-ROMs. %package devel Summary: GNOME Music Management Application -- Development Files Group: Development/Languages/C and C++ Requires: %{name} = %{version} Provides: %{name}-doc = %{version} Obsoletes: %{name}-doc < %{version} %description devel Music Management application with support for ripping audio-CD's, playback of Ogg Vorbis and MP3 and burning of CD-ROMs. This package contains the development requirements to extend rhythmbox. %lang_package %prep %setup -q translation-update-upstream %patch0 -p1 %build export MOZILLA_PLUGINDIR=%{_libdir}/browser-plugins %configure\ --disable-static\ --disable-scrollkeeper\ --enable-lirc\ --enable-python\ --enable-vala %__make %{?_smp_mflags} V=1 %install %makeinstall %suse_update_desktop_file %name Player %suse_update_desktop_file rhythmbox-device %find_lang %{name} %{?no_lang_C} find %{buildroot} -type f -name "*.la" -delete -print %clean rm -rf %{buildroot} %post /sbin/ldconfig %if 0%{?suse_version} > 1130 %glib2_gsettings_schema_post %desktop_database_post %icon_theme_cache_post %endif %postun /sbin/ldconfig %if 0%{?suse_version} > 1130 %glib2_gsettings_schema_postun %desktop_database_postun %icon_theme_cache_postun %endif %files %defattr(-,root,root) %doc AUTHORS COPYING ChangeLog DOCUMENTERS INTERNALS MAINTAINERS MAINTAINERS.old NEWS README THANKS %dir %{_datadir}/gnome/ %dir %{_datadir}/gnome/help/ %dir %{_datadir}/gnome/help/%{name}/ %doc %{_datadir}/gnome/help/%{name}/C/ %dir %{_datadir}/omf/ %dir %{_datadir}/omf/%{name}/ %doc %{_datadir}/omf/%{name}/%{name}-C.omf %{_bindir}/rhythmbox %{_bindir}/rhythmbox-client %{_datadir}/applications/rhythmbox.desktop %{_datadir}/applications/rhythmbox-device.desktop %{_datadir}/dbus-1/services/org.gnome.Rhythmbox3.service %{_datadir}/glib-2.0/schemas/org.gnome.rhythmbox.gschema.xml %{_datadir}/icons/hicolor/*/apps/rhythmbox* %{_datadir}/icons/hicolor/*/places/music-library.* %{_datadir}/icons/hicolor/*/status/rhythmbox-missing-artwork.* %{_datadir}/rhythmbox/ %{_libdir}/girepository-1.0/MPID-3.0.typelib %{_libdir}/girepository-1.0/RB-3.0.typelib %{_libdir}/librhythmbox-core.so.* %{_libdir}/browser-plugins/librhythmbox-itms-detection-plugin.* %dir %{_libdir}/rhythmbox %dir %{_libdir}/rhythmbox/plugins %{_libdir}/rhythmbox/plugins/artsearch/ %{_libdir}/rhythmbox/plugins/audiocd/ %{_libdir}/rhythmbox/plugins/audioscrobbler/ %{_libdir}/rhythmbox/plugins/cd-recorder/ %{_libdir}/rhythmbox/plugins/context/ %{_libdir}/rhythmbox/plugins/daap/ %{_libdir}/rhythmbox/plugins/dbus-media-server/ %{_libdir}/rhythmbox/plugins/fmradio/ %{_libdir}/rhythmbox/plugins/generic-player/ %{_libdir}/rhythmbox/plugins/grilo/ %{_libdir}/rhythmbox/plugins/im-status/ %{_libdir}/rhythmbox/plugins/ipod/ %{_libdir}/rhythmbox/plugins/iradio/ %{_libdir}/rhythmbox/plugins/lyrics/ %{_libdir}/rhythmbox/plugins/magnatune/ %{_libdir}/rhythmbox/plugins/mmkeys/ %{_libdir}/rhythmbox/plugins/mpris/ %{_libdir}/rhythmbox/plugins/mtpdevice/ %{_libdir}/rhythmbox/plugins/notification/ %{_libdir}/rhythmbox/plugins/power-manager/ %{_libdir}/rhythmbox/plugins/python-console/ %{_libdir}/rhythmbox/plugins/rb/ %{_libdir}/rhythmbox/plugins/rblirc/ %{_libdir}/rhythmbox/plugins/rbzeitgeist/ %{_libdir}/rhythmbox/plugins/replaygain/ %{_libdir}/rhythmbox/plugins/sendto/ %{_libdir}/rhythmbox/plugins/visualizer/ %{_libexecdir}/rhythmbox-metadata %{_mandir}/man1/rhythmbox.* %{_mandir}/man1/rhythmbox-client.* %files devel %defattr(-, root, root) %{_datadir}/gir-1.0/*.gir %doc %{_datadir}/gtk-doc/html/rhythmbox/ %{_includedir}/rhythmbox/ %{_libdir}/pkgconfig/rhythmbox.pc %{_libdir}/librhythmbox-core.so %{_libdir}/rhythmbox/plugins/sample-vala/ %files lang -f %{name}.lang %changelog ++++++ rhythmbox-CVE-2012-3355.patch ++++++

From 01a829f549a0fd90ad8c8befd0793fa5f133f8f8 Mon Sep 17 00:00:00 2001 From: Jonathan Matthew Date: Tue, 24 Jul 2012 10:43:36 +0000 Subject: context: remove the module_context parameter (bug #678661)

Caching the template modules doesn't really buy us anything, and there is the possibility that it could be used to load hostile code into another user's process (since the module directory was under /tmp). If it turns out we need the cache, we should put it somewhere under the XDG cache dir. --- diff --git a/plugins/context/AlbumTab.py b/plugins/context/AlbumTab.py index 5d32171..61b3a1a 100644 --- a/plugins/context/AlbumTab.py +++ b/plugins/context/AlbumTab.py @@ -125,10 +125,8 @@ class AlbumView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file (self.plugin, 'tmpl/album-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.album_template = Template (filename = self.path, - module_directory = '/tmp/context') - self.loading_template = Template (filename = self.loading_path, - module_directory = '/tmp/context') + self.album_template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def album_list_ready (self, ds): diff --git a/plugins/context/ArtistTab.py b/plugins/context/ArtistTab.py index daa6027..4859991 100644 --- a/plugins/context/ArtistTab.py +++ b/plugins/context/ArtistTab.py @@ -123,8 +123,8 @@ class ArtistView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file(self.plugin, 'tmpl/artist-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.template = Template (filename = self.path, module_directory = '/tmp/context/') - self.loading_template = Template (filename = self.loading_path, module_directory = '/tmp/context') + self.template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def connect_signals (self): diff --git a/plugins/context/LinksTab.py b/plugins/context/LinksTab.py index 326024a..519e46c 100644 --- a/plugins/context/LinksTab.py +++ b/plugins/context/LinksTab.py @@ -106,8 +106,7 @@ class LinksView (GObject.GObject): self.path = rb.find_plugin_file(self.plugin, 'tmpl/links-tmpl.html') self.images = self.basepath + '/img/links/' self.styles = self.basepath + '/tmpl/main.css' - self.template = Template (filename = self.path, - module_directory = '/tmp/context/') + self.template = Template (filename = self.path) self.file = self.template.render (error = ds.get_error (), artist = ds.get_artist(), diff --git a/plugins/context/LyricsTab.py b/plugins/context/LyricsTab.py index 96b44c4..c8b1fed 100644 --- a/plugins/context/LyricsTab.py +++ b/plugins/context/LyricsTab.py @@ -110,10 +110,8 @@ class LyricsView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file(self.plugin, 'tmpl/lyrics-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.template = Template (filename = self.path, - module_directory = '/tmp/context/') - self.loading_template = Template (filename = self.loading_path, - module_directory = '/tmp/context') + self.template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def lyrics_ready (self, ds, entry, lyrics): -- cgit v0.9.0.2 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org