--- ktorrent-1.0.orig/debian/control +++ ktorrent-1.0/debian/control @@ -0,0 +1,15 @@ +Source: ktorrent +Section: net +Priority: optional +Maintainer: Ubuntu MOTU Developers +XSBC-Original-Maintainer: Joel Johnson +Build-Depends: debhelper (>= 4.0.0), autotools-dev, kdelibs4-dev, libpcre3-dev, libx11-dev, dpatch +Standards-Version: 3.6.1 + +Package: ktorrent +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: BitTorrent client for KDE + KTorrent is a BitTorrent program for KDE. Its features include speed + capping, internet search using bittorrent.com, UDP trackers and + integration into the KDE panel. --- ktorrent-1.0.orig/debian/rules +++ ktorrent-1.0/debian/rules @@ -0,0 +1,129 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + + +CFLAGS = -Wall -g + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif + +config.status: configure + dh_testdir + + if test ! -f patch-stamp; then \ + for patch in $(CURDIR)/debian/patches/*.diff ;\ + do \ + echo APPLYING PATCH\: $${patch##*/};\ + patch -p1 < $$patch ;\ + done ;\ + touch patch-stamp ;\ + fi + + + # Add here commands to configure the package. + CFLAGS="$(CFLAGS)" ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info --disable-rpath + + +build: build-stamp + +build-stamp: config.status + dh_testdir + + # Add here commands to compile the package. + $(MAKE) + #docbook-to-man debian/ktorrent.sgml > ktorrent.1 + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + # Remove Debian specific patches + if test -f patch-stamp; then \ + for patch in $(CURDIR)/debian/patches/*.diff ;\ + do \ + echo REMOVING PATCH\: $${patch##*/};\ + patch -p1 -R < $$patch ;\ + done ;\ + rm -f patch-stamp ;\ + fi + + # Add here commands to clean up after the build process. + -$(MAKE) distclean +ifneq "$(wildcard /usr/share/misc/config.sub)" "" + cp -f /usr/share/misc/config.sub config.sub +endif +ifneq "$(wildcard /usr/share/misc/config.guess)" "" + cp -f /usr/share/misc/config.guess config.guess +endif + + + dh_clean + rm -f config.guess config.sub + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/ktorrent. + $(MAKE) install DESTDIR=$(CURDIR)/debian/ktorrent + install -D -o root -g root -m 0644 debian/lintian $(CURDIR)/debian/ktorrent/usr/share/lintian/overrides/ktorrent + rm -f debian/ktorrent/usr/share/applnk/Internet/ktorrent.desktop + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs + dh_installexamples +# dh_install +# dh_installmenu +# dh_installdebconf +# dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime +# dh_installinit +# dh_installcron +# dh_installinfo + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms +# dh_perl +# dh_python + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- ktorrent-1.0.orig/debian/changelog +++ ktorrent-1.0/debian/changelog @@ -0,0 +1,37 @@ +ktorrent (1.0-0ubuntu1.1) breezy-security; urgency=low + + * SECURITY UPDATE: allows .. in file name which could cause the user + to overwrite files (if ran as root, system files). + * Add 'debian/patches/kubuntu_04_security_fix.diff': backported upstream fix + * References + http://websvn.kde.org/?view=rev&revision=640661 + CVE-2007-1384 CVE-2007-1385 + + -- Richard A. Johnson Sun, 11 Mar 2007 12:27:03 -0500 + +ktorrent (1.0-0ubuntu1) breezy; urgency=low + + * Initial Ubuntu upload + * Alter debian/rules for patches + * Add kubuntu_01_xdg_desktop.diff for XDG menu compliance + * Clean config.guess and config.sub to keep diff tidy + * Change description to use prose not a list + * disable rpath in ./configure + * Add lintian override file + * Use dh_makeshlibs + * Rule to remove applnk .desktop file + + -- Jonathan Riddell Thu, 21 Jul 2005 01:51:30 +0100 + +ktorrent (1.0-1) unstable; urgency=low + + * Updated to final 1.0 upstream release. + + -- Joel Johnson Thu, 14 Jul 2005 10:47:09 -0700 + +ktorrent (1.0rc2-1) unstable; urgency=low + + * Initial Release. + + -- Joel Johnson Tue, 21 Jun 2005 11:19:46 -0700 + --- ktorrent-1.0.orig/debian/lintian +++ ktorrent-1.0/debian/lintian @@ -0,0 +1,4 @@ +ktorrent: non-dev-pkg-with-shlib-symlink usr/lib/libktorrent.so.0.0.0 usr/lib/libktorrent.so +ktorrent: description-synopsis-starts-with-a-capital-letter +ktorrent: binary-without-manpage ktorrent + --- ktorrent-1.0.orig/debian/katapult/usr/share/lintian/overrides/ktorrent +++ ktorrent-1.0/debian/katapult/usr/share/lintian/overrides/ktorrent @@ -0,0 +1,6 @@ +ktorrent: desktop-file-in-wrong-dir usr/share/applnk/Internet/ktorrent.desktop +ktorrent: non-dev-pkg-with-shlib-symlink usr/lib/libktorrent.so.0.0.0 usr/lib/libktorrent.so +ktorrent: no-shlibs-control-file usr/lib/libktorrent.so.0.0.0 +ktorrent: description-synopsis-starts-with-a-capital-letter +ktorrent: binary-without-manpage ktorrent + --- ktorrent-1.0.orig/debian/compat +++ ktorrent-1.0/debian/compat @@ -0,0 +1 @@ +4 --- ktorrent-1.0.orig/debian/substvars +++ ktorrent-1.0/debian/substvars @@ -0,0 +1 @@ +shlibs:Depends=libc6 (>= 2.3.4-1), libgcc1 (>= 1:4.0.0-7), libstdc++6 (>= 4.0.1) --- ktorrent-1.0.orig/debian/patches/kubuntu_04_security_fix.diff +++ ktorrent-1.0/debian/patches/kubuntu_04_security_fix.diff @@ -0,0 +1,48 @@ +diff -Nru ktorrent-1.0.orig/libtorrent/peer.cpp ktorrent-1.0/libtorrent/peer.cpp +--- ktorrent-1.0.orig/libtorrent/peer.cpp 2005-07-11 04:22:18.000000000 -0500 ++++ ktorrent-1.0/libtorrent/peer.cpp 2007-03-11 13:17:03.000000000 -0500 +@@ -161,11 +161,20 @@ + { + Out() << "len err HAVE" << endl; + error(0); +- return; + } +- +- haveChunk(this,ReadUint32(tmp_buf,1)); +- pieces.set(ReadUint32(tmp_buf,1),true); ++ else ++ { ++ Uint32 ch = ReadUint32(tmp_buf,1); ++ if (ch < pieces.getNumBits()) ++ { ++ haveChunk(this,ch); ++ pieces.set(ch,true); ++ } ++ else ++ { ++ error(0); ++ } ++ } + break; + case BITFIELD: + if (len != 1 + pieces.getNumBytes()) +diff -Nru ktorrent-1.0.orig/libtorrent/torrent.cpp ktorrent-1.0/libtorrent/torrent.cpp +--- ktorrent-1.0.orig/libtorrent/torrent.cpp 2005-07-11 04:22:18.000000000 -0500 ++++ ktorrent-1.0/libtorrent/torrent.cpp 2007-03-11 13:09:39.000000000 -0500 +@@ -132,9 +132,13 @@ + if (!v || v->data().getType() != Value::STRING) + throw Error("Corrupted torrent !"); + +- file.path += v->data().toString(encoding); +- if (j + 1 < ln->getNumChildren()) +- file.path += "/"; ++ QString sd = v->data().toString(encoding); ++ if (sd != "..") ++ { ++ file.path += sd; ++ if (j + 1 < ln->getNumChildren()) ++ file.path += bt::DirSeparator(); ++ } + } + files.append(file); + } --- ktorrent-1.0.orig/debian/patches/kubuntu_01_xdg_desktop.diff +++ ktorrent-1.0/debian/patches/kubuntu_01_xdg_desktop.diff @@ -0,0 +1,7 @@ +--- ktorrent/src/ktorrent.desktop-orig 2005-07-21 02:07:14.000000000 +0100 ++++ ktorrent/src/ktorrent.desktop 2005-07-21 12:31:41.725113528 +0100 +@@ -44,3 +44,4 @@ + Comment[sv]=Ett BitTorrent-program för KDE + Comment[uk]=Програма BitTorrent для KDE + Terminal=false ++Categories=Qt;KDE;Network; --- ktorrent-1.0.orig/debian/patches/kubuntu_03_close_icon.diff +++ ktorrent-1.0/debian/patches/kubuntu_03_close_icon.diff @@ -0,0 +1,11 @@ +--- ktorrent/src/ktorrent.cpp 2005-07-21 13:03:31.957714032 +0100 ++++ ktorrent/src/ktorrent.cpp 2005-07-21 13:03:48.080263032 +0100 +@@ -240,7 +240,7 @@ + actionCollection(), "Stop"); + + m_remove = new KAction( +- i18n("Remove"), "remove",0,this, SLOT(removeDownload()), ++ i18n("Remove"), "file_close",0,this, SLOT(removeDownload()), + actionCollection(), "Remove"); + + createGUI(); --- ktorrent-1.0.orig/debian/patches/kubuntu_02_no_systray.diff +++ ktorrent-1.0/debian/patches/kubuntu_02_no_systray.diff @@ -0,0 +1,11 @@ +--- ktorrent/src/ktorrent.kcfg 2005-07-21 12:54:38.474815760 +0100 ++++ ktorrent/src/ktorrent.kcfg 2005-07-21 12:55:19.118636960 +0100 +@@ -29,7 +29,7 @@ + + + +- true ++ false + + + --- ktorrent-1.0.orig/debian/copyright +++ ktorrent-1.0/debian/copyright @@ -0,0 +1,26 @@ +This package was debianized by Joel Johnson on +Tue, 21 Jun 2005 11:19:46 -0700. + +It was downloaded from http://ktorrent.pwsp.net/ + +Copyright 2005 Joris Guisson + +License: + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. +