!7 Update to 4.18.0

From: @misaka00251 Reviewed-by: @dillon_chen Signed-off-by: @dillon_chen
2023-01-05 01:52:39 +00:00 · 2023-01-05 01:52:39 +00:00 · 1fd49638fc
commit 1fd49638fc
parent 2f69c6c71c bfb2a5fbf9
6 changed files with 9 additions and 123 deletions
--- a/CVE-2022-32278.ptach
+++ b/CVE-2022-32278.ptach
@ -1,39 +0,0 @@
-From 09c97951e91980e345b274063e3600769172c05f Mon Sep 17 00:00:00 2001
-From: yinyongkang <yinyongkang@kylinos.cn>
-Date: Fri, 8 Jul 2022 10:10:07 +0800
-Subject: [PATCH] exo-open : Only execute local .desktop files
-
-CVE-2022-32278
-
-This patch prevents executing possibly malicious .desktop files
-from online sources (ftp://, http:// etc.).
-
-Original patch authored by Alexander Schwinn <alexxcons@xfce.org>
---
- exo-open/main.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/exo-open/main.c b/exo-open/main.c
-index a471c78..0176bc3 100644
--- a/exo-open/main.c
-+++ b/exo-open/main.c
-@@ -156,6 +156,16 @@ exo_open_launch_desktop_file (const gchar *arg)
-   if (G_UNLIKELY (gfile == NULL))
-     return FALSE;
- 
-+  /* Only execute local .desktop files to prevent execution of malicious launchers from  foreign locations */
-+  if (g_file_has_uri_scheme (gfile, "file") == FALSE)
-+    {
-+      char *uri = g_file_get_uri (gfile);
-+      g_warning ("Execution of remote .desktop file '%s' was skipped due to security concerns.", uri);
-+      g_object_unref (gfile);
-+      g_free (uri);
-+      return FALSE;
-+    }
-+
-   /* load the contents of the file */
-   result = g_file_load_contents (gfile, NULL, &contents, &length, NULL, NULL);
-   g_object_unref (G_OBJECT (gfile));
-- 
-2.33.0
-
--- a/README.en.md
+++ b/README.en.md
@ -1,36 +0,0 @@
-# exo
-
-#### Description
-Application library for the Xfce desktop environment
-
-#### Software Architecture
-Software architecture description
-
-#### Installation
-
-1.  xxxx
-2.  xxxx
-3.  xxxx
-
-#### Instructions
-
-1.  xxxx
-2.  xxxx
-3.  xxxx
-
-#### Contribution
-
-1.  Fork the repository
-2.  Create Feat_xxx branch
-3.  Commit your code
-4.  Create Pull Request
-
-
-#### Gitee Feature
-
-1.  You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md
-2.  Gitee blog [blog.gitee.com](https://blog.gitee.com)
-3.  Explore open source project [https://gitee.com/explore](https://gitee.com/explore)
-4.  The most valuable open source project [GVP](https://gitee.com/gvp)
-5.  The manual of Gitee [https://gitee.com/help](https://gitee.com/help)
-6.  The most popular members  [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/README.md
+++ b/README.md
@ -1,37 +0,0 @@
-# exo
-
-#### 介绍
-Application library for the Xfce desktop environment
-
-#### 软件架构
-软件架构说明
-
-
-#### 安装教程
-
-1.  xxxx
-2.  xxxx
-3.  xxxx
-
-#### 使用说明
-
-1.  xxxx
-2.  xxxx
-3.  xxxx
-
-#### 参与贡献
-
-1.  Fork 本仓库
-2.  新建 Feat_xxx 分支
-3.  提交代码
-4.  新建 Pull Request
-
-
-#### 码云特技
-
-1.  使用 Readme\_XXX.md 来支持不同的语言，例如 Readme\_en.md, Readme\_zh.md
-2.  码云官方博客 [blog.gitee.com](https://blog.gitee.com)
-3.  你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目
-4.  [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目，是码云综合评定出的优秀开源项目
-5.  码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help)
-6.  码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/exo-4.16.2.tar.bz2
+++ b/exo-4.16.2.tar.bz2
--- a/exo-4.18.0.tar.bz2
+++ b/exo-4.18.0.tar.bz2
--- a/exo.spec
+++ b/exo.spec
@ -1,12 +1,12 @@
-%global xfceversion 4.16
+%global xfceversion 4.18
 Name:           exo
-Version:        4.16.2
-Release:        2
+Version:        4.18.0
+Release:        1
 Summary:        An extension library to Xfce
 License:        LGPLv2+ and GPLv2+
 #Group:          Development/Libraries
 URL:            http://xfce.org/
-Source0:        https://archive.xfce.org/src/xfce/exo/4.16/exo-4.16.2.tar.bz2
+Source0:        https://archive.xfce.org/src/xfce/%{name}/%{xfceversion}/%{name}-%{version}.tar.bz2

 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 #BuildArch:      noarch
@ -24,9 +24,6 @@ BuildRequires:  chrpath
 BuildRequires:  desktop-file-utils
 BuildRequires:  gobject-introspection-devel

-#patch
-Patch0001: CVE-2022-32278.ptach
-
 %description
 An extension library for Xfce, targeted at application development.

@ -41,7 +38,6 @@ Development tools and static libraries and header files for the exo library.

 %prep
 %setup -q
-%patch0001 -p1


 %build
@ -53,18 +49,17 @@ Development tools and static libraries and header files for the exo library.

 find %{buildroot} -type f -name "*.la" -exec rm -f {} ';'

-%find_lang exo-2
+%find_lang exo

 %ldconfig_scriptlets

-%files -f exo-2.lang
+%files -f exo.lang
 %license COPYING
 %doc AUTHORS ChangeLog NEWS THANKS
 %{_bindir}/exo-desktop-item-edit
 %{_bindir}/exo-open
 %{_libdir}/libexo-2.so.0
 %{_libdir}/libexo-2.so.0.1.0
-%{_datadir}/icons/hicolor/*/*/*
 %{_datadir}/pixmaps/exo
 %{_mandir}/man1/exo-open.1.*

@ -75,6 +70,9 @@ find %{buildroot} -type f -name "*.la" -exec rm -f {} ';'
 %{_libdir}/pkgconfig/*.pc

 %changeLog
+* Wed Jan 04 2023 misaka00251 <liuxin@iscas.ac.cn> - 4.18.0-1
+- Update to 4.18.0
+
 * Fri Jul 8 2022 yinyongkang <yinyongkang@kylinos.cn> - 4.16.2-2
 - Fix CVE-2022-32278