debian/0000775000000000000000000000000011767657540007212 5ustar debian/compat0000664000000000000000000000000211715252435010373 0ustar 8 debian/control0000664000000000000000000000150411767422264010606 0ustar Source: surf Section: web Priority: optional Build-Depends: debhelper (>= 9), libgtk2.0-dev, libwebkitgtk-dev, dpkg-dev (>= 1.16.1), pkg-config Standards-Version: 3.9.3 Maintainer: Vasudev Kamath Homepage: http://surf.suckless.org Vcs-Git: git://anonscm.debian.org/collab-maint/surf.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/surf.git;a=summary Package: surf Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends}, suckless-tools, x11-utils, xterm, wget Provides: www-browser Description: simple web browser surf is a simple web browser based on WebKit/GTK+. It is able to display websites and follow links. It supports the XEmbed protocol which makes it possible to embed it in another application. Furthermore, one can point surf to another URI by setting its XProperties. debian/patches/0000775000000000000000000000000011722431234010616 5ustar debian/patches/surf_0.4.1_mkdir_fix.patch0000664000000000000000000000161711715525731015407 0ustar Description: Patch to fix ~/.surf directory and cookies.txt file permission This patch is provided by Anslem Garbe to fix the permission of ~/.surf directory and cookies.txt file which had caused the CVE-2012-0842. Author: Anslem R Garbe Last-Update: 2012-02-11 Forwarded: http://lists.suckless.org/dev/1202/10987.html --- a/surf.c 2012-02-11 10:42:25.439766456 +0100 +++ b/surf.c 2012-02-11 17:49:08.110085898 +0100 @@ -126,12 +126,15 @@ apath = g_strconcat(g_get_home_dir(), "/", path, NULL); if((p = strrchr(apath, '/'))) { *p = '\0'; - g_mkdir_with_parents(apath, 0755); + g_mkdir_with_parents(apath, 0700); + g_chmod(apath, 0700); /* in case it existed */ *p = '/'; } /* creating file (gives error when apath ends with "/") */ - if((f = fopen(apath, "a"))) + if((f = fopen(apath, "a"))) { + g_chmod(apath, 0600); /* always */ fclose(f); + } return apath; } debian/patches/transparent_makefile.patch0000664000000000000000000000424211722431234016037 0ustar Description: Commands in Makefile should be visible while execution This patch removes @ from the Makefile so that command execution is visible to every one. Author: Vasudev Kamath Last-Update: 2012-02-22 Forwarded: not-needed --- a/Makefile +++ b/Makefile @@ -16,45 +16,45 @@ .c.o: @echo CC $< - @${CC} -c ${CFLAGS} $< + ${CC} -c ${CFLAGS} $< ${OBJ}: config.h config.mk config.h: @echo creating $@ from config.def.h - @cp config.def.h $@ + cp config.def.h $@ surf: ${OBJ} @echo CC -o $@ - @${CC} -o $@ surf.o ${LDFLAGS} + ${CC} -o $@ surf.o ${LDFLAGS} clean: @echo cleaning - @rm -f surf ${OBJ} surf-${VERSION}.tar.gz + rm -f surf ${OBJ} surf-${VERSION}.tar.gz dist: clean @echo creating dist tarball - @mkdir -p surf-${VERSION} - @cp -R LICENSE Makefile config.mk config.def.h README \ + mkdir -p surf-${VERSION} + cp -R LICENSE Makefile config.mk config.def.h README \ surf.1 ${SRC} surf-${VERSION} - @tar -cf surf-${VERSION}.tar surf-${VERSION} - @gzip surf-${VERSION}.tar - @rm -rf surf-${VERSION} + tar -cf surf-${VERSION}.tar surf-${VERSION} + gzip surf-${VERSION}.tar + rm -rf surf-${VERSION} install: all @echo installing executable file to ${DESTDIR}${PREFIX}/bin - @mkdir -p ${DESTDIR}${PREFIX}/bin - @cp -f surf ${DESTDIR}${PREFIX}/bin - @chmod 755 ${DESTDIR}${PREFIX}/bin/surf + mkdir -p ${DESTDIR}${PREFIX}/bin + cp -f surf ${DESTDIR}${PREFIX}/bin + chmod 755 ${DESTDIR}${PREFIX}/bin/surf @echo installing manual page to ${DESTDIR}${MANPREFIX}/man1 - @mkdir -p ${DESTDIR}${MANPREFIX}/man1 - @sed "s/VERSION/${VERSION}/g" < surf.1 > ${DESTDIR}${MANPREFIX}/man1/surf.1 - @chmod 644 ${DESTDIR}${MANPREFIX}/man1/surf.1 + mkdir -p ${DESTDIR}${MANPREFIX}/man1 + sed "s/VERSION/${VERSION}/g" < surf.1 > ${DESTDIR}${MANPREFIX}/man1/surf.1 + chmod 644 ${DESTDIR}${MANPREFIX}/man1/surf.1 uninstall: @echo removing executable file from ${DESTDIR}${PREFIX}/bin - @rm -f ${DESTDIR}${PREFIX}/bin/surf + rm -f ${DESTDIR}${PREFIX}/bin/surf @echo removing manual page from ${DESTDIR}${MANPREFIX}/man1 - @rm -f ${DESTDIR}${MANPREFIX}/man1/surf.1 + rm -f ${DESTDIR}${MANPREFIX}/man1/surf.1 .PHONY: all options clean dist install uninstall debian/patches/series0000664000000000000000000000012511720740233012031 0ustar transparent_makefile.patch surf_0.4.1_mkdir_fix.patch dpkg-buildflags.patch X11.diff debian/patches/dpkg-buildflags.patch0000664000000000000000000000116011720740233014674 0ustar Description: Changes to introducing dpkg-buildflags This patch assists in introducing dpkg-buildflags in the rules file. Author: Vasudev Kamath Last-Updated: 2012-02-16 Forwaded: not-needed --- a/config.mk +++ b/config.mk @@ -16,9 +16,9 @@ LIBS = -L/usr/lib -lc ${GTKLIB} -lgthread-2.0 # flags -CPPFLAGS = -DVERSION=\"${VERSION}\" -CFLAGS = -std=c99 -pedantic -Wall -Os ${INCS} ${CPPFLAGS} -LDFLAGS = -g ${LIBS} +CPPFLAGS += -DVERSION=\"${VERSION}\" +CFLAGS += -std=c99 -pedantic -Wall ${INCS} ${CPPFLAGS} +LDFLAGS += -g ${LIBS} # Solaris #CFLAGS = -fast ${INCS} -DVERSION=\"${VERSION}\" debian/patches/X11.diff0000664000000000000000000000077311720740233012030 0ustar Description: Patch fixing FTBFS #615780 This patch was introduced to provide missing -lX11 linking flag which was causing a FTBFS Author: Bart Matens Last-Update: 2012-01-26 Bug-Debian: http://bugs.debian.org/615780 --- ../orig/surf-0.4.1/./Makefile 2010-06-08 09:06:41.000000000 +0200 +++ ./Makefile 2011-10-02 20:11:01.000000000 +0200 @@ -26,7 +26,7 @@ surf: ${OBJ} @echo CC -o $@ - ${CC} -o $@ surf.o ${LDFLAGS} + ${CC} -o $@ surf.o ${LDFLAGS} -lX11 clean: @echo cleaning debian/patches/fix-insecure-permissions.patch0000664000000000000000000000143411715525731016623 0ustar Description: Fix for world readable cookie jar vulnerability This is the patch provided by upstream to fix the world readable cookie jar vulnerability filed as http://bugs.debian.org/659296. Thanks to Peter Hartman from the upstream for quick patch. Author: Peter Hartman Last-Update: 2012-02-10 Bug-Debian: http://bugs.debian.org/659296 Forwarded: http://lists.suckless.org/dev/1202/10972.html --- a/surf.c Wed Feb 01 15:23:39 2012 +0100 +++ b/surf.c Fri Feb 10 11:46:18 2012 -0500 @@ -127,7 +127,7 @@ apath = g_strconcat(g_get_home_dir(), "/", path, NULL); if((p = strrchr(apath, '/'))) { *p = '\0'; - g_mkdir_with_parents(apath, 0755); + g_mkdir_with_parents(apath, 0700); *p = '/'; } /* creating file (gives error when apath ends with "/") */ debian/copyright0000664000000000000000000000466311767657540011156 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Surf Source: http://surf.suckless.org Files: * Copyright: (C) 2009-2010 Enno Boland License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Files: debian/* Copyright: (C) 2012 Vasudev Kamath , (C) 2010 Kai Hendry , (C) 2009-2010 Daniel Baumann , License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. debian/watch0000664000000000000000000000007011715252435010223 0ustar version=3 http://dl.suckless.org/surf/surf-(.*)\.tar\.gzdebian/surf.prerm0000664000000000000000000000037411715252435011227 0ustar #!/bin/sh set -e case "${1}" in remove|deconfigure) update-alternatives --remove x-www-browser /usr/bin/surf ;; upgrade|failed-upgrade) ;; *) echo "prerm called with unknown argument \`${1}'" >&2 exit 1 ;; esac #DEBHELPER# exit 0 debian/changelog0000664000000000000000000001060011767657540011061 0ustar surf (0.4.1-8) unstable; urgency=low * debian/copyright: + Format URI now confirms Debian copyright-format 1.0 + Added myself to the copyright holders of debian directory * debian/control + Increased minimum version of debhelper required to 9 + Bumped Standards-Version to 3.9.3. This did not require any changes to package source. -- Vasudev Kamath Sun, 17 Jun 2012 20:39:35 +0530 surf (0.4.1-7) unstable; urgency=low * New Maintainer (Closes: #647091) * debian/control: + Added myself as maintainer of package. * debian/patches: + Added surf_0.4.1_mkdir_fix.patch provided by Anslem Grabe to fix the ~/.surf directory permission even if the directory already exists also patch makes the cookies.txt only user readable. + Removed fix-insecure-permission.patch as the new patch contains the all the changes which was there in this patch. + Removed debian-changes-0.4.1-3 patch + Modified the dpkg-buildflags.patch to remove -Os from CFLAGS to allow DEB_BUILD_OPTIONS=noopt + Added transparent_makefile.patch to allow the command execution in Makefile visible. + Modified X11.diff patch to allow clean application of transparent_makefile.patch * debian/rules: + Overrode dh_clean to remove config.h created by Makefile during build -- Vasudev Kamath Wed, 22 Feb 2012 22:42:59 +0530 surf (0.4.1-6) unstable; urgency=high * QA upload. * debian/patches: + Added fix-insecure-permissions.patch to fix world readable cookie jar vulnerability CVE-2012-0842. (Closes: #659296) -- Vasudev Kamath Sat, 11 Feb 2012 00:01:08 +0530 surf (0.4.1-5) unstable; urgency=low * QA upload. * Added Debian QA Group as maintainer for package. * debian/control: + Bumped Standards-Version to 3.9.2. This did not require any change to the package source. + Vcs-* fields now point to collab-maint repository + Added Build-Depends: on dpkg-dev (>= 1.16.1) to introduce dpkg-buildflags + In Build-Depends: renamed libwebkit-dev to libwebkitgtk-dev (Closes: #635427) + Added pkg-config to Build-Depends as config.mk is using it. * debian/watch: + Introduced watch file * debian/surf.postinst: + Reduced the update-alternative priority to 30 (Closes: #657646) * debian/patches: + Added dpkg-buildflags.patch to config.mk to make it honour {C,CPP,LD}FLAGS environment variables + Added DEP3 header to X11.diff * debian/rules: + Export {C,CPP,LD}FLAGS environment variables for introducing dpkg-buildflags -- Vasudev Kamath Thu, 02 Feb 2012 22:09:57 +0530 surf (0.4.1-4.1) unstable; urgency=low * Non-maintainer upload. * debian/patches/X11.diff: Added. Fixed FTBFS. Closes: #615780. -- Bart Martens Sun, 02 Oct 2011 20:08:59 +0200 surf (0.4.1-4) unstable; urgency=low * Fix "needs to depend on suckless-tools, x11-utils, xterm and wget" (Closes: #608556) -- Kai Hendry Mon, 03 Jan 2011 10:49:20 +0000 surf (0.4.1-3) unstable; urgency=low * New maintainer -- Kai Hendry Sun, 05 Dec 2010 14:38:31 +0000 surf (0.4.1-2) unstable; urgency=low * Updating standards version to 3.9.0. * Switching to source format 3.0 (quilt). * Updating to debhelper version 8. * Updating to standards version 3.9.1. -- Daniel Baumann Mon, 29 Nov 2010 21:19:05 +0100 surf (0.4.1-1) unstable; urgency=low * Merging upstream version 0.4.1. -- Daniel Baumann Thu, 10 Jun 2010 17:24:00 +0200 surf (0.4-1) unstable; urgency=low * Adding explicit debian source version 1.0 until switch to 3.0. * Updating year in copyright file. * Updating to standards 3.8.4. * Merging upstream version 0.4. * Updating year in copyright file. -- Daniel Baumann Tue, 01 Jun 2010 08:07:12 +0200 surf (0.3-1) unstable; urgency=low * Merging upstream version 0.3. -- Daniel Baumann Fri, 30 Oct 2009 17:14:47 +0100 surf (0.2-1) unstable; urgency=low * Merging upstream version 0.2. * Sorting depends. -- Daniel Baumann Sun, 18 Oct 2009 20:35:54 +0200 surf (0.1.2-1) unstable; urgency=low * Initial release. -- Daniel Baumann Sun, 13 Sep 2009 10:21:11 +0200 debian/NEWS0000664000000000000000000000110411716241553007670 0ustar surf (0.4.1-6) unstable; urgency=high This release of surf fixes ~/.surf directory permission vulnerability CVE-2012-0842 reported in #659296. If you are upgrading from a previous version of surf you should manually change the permission of ~/.surf directory from 0755 to 0700 and permission for files inside ~/.surf directory from 0644 to 0600 using chmod. If you fail to do so other local users can steal your cookies. If this is a fresh install of surf you can ignore this message. -- Vasudev Kamath Sat, 11 Feb 2012 00:23:30 +0530 debian/surf.postinst0000664000000000000000000000060711715252435011764 0ustar #!/bin/sh set -e case "${1}" in configure|abort-upgrade) update-alternatives --install /usr/bin/x-www-browser x-www-browser /usr/bin/surf 30 --slave /usr/share/man/man1/x-www-browser.1.gz x-www-browser.1.gz /usr/share/man/man1/surf.1.gz ;; abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`${1}'" >&2 exit 1 ;; esac #DEBHELPER# exit 0 debian/source/0000775000000000000000000000000011715252435010475 5ustar debian/source/format0000664000000000000000000000001411715252435011703 0ustar 3.0 (quilt) debian/source/options0000664000000000000000000000005111715252435012107 0ustar compression = gzip compression-level = 9 debian/rules0000775000000000000000000000040311716241553010252 0ustar #!/usr/bin/make -f #export DH_VERBOSE=1 include /usr/share/dpkg/buildflags.mk export CPPFLAGS CFLAGS LDFLAGS %: dh ${@} override_dh_clean: rm -rf config.h dh_clean override_dh_auto_install: $(MAKE) DESTDIR=$(CURDIR)/debian/surf PREFIX=/usr install