commit gnome-maps for openSUSE:Factory

Source-Sync Wed, 30 Aug 2023 01:21:54 -0700

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package gnome-maps for openSUSE:Factory 
checked in at 2023-08-30 10:19:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gnome-maps (Old)
 and      /work/SRC/openSUSE:Factory/.gnome-maps.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "gnome-maps"

Wed Aug 30 10:19:15 2023 rev:83 rq:1106272 version:44.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/gnome-maps/gnome-maps.changes    2023-07-06 
18:28:29.271077586 +0200
+++ /work/SRC/openSUSE:Factory/.gnome-maps.new.1766/gnome-maps.changes  
2023-08-30 10:21:39.598667915 +0200
@@ -1,0 +2,7 @@
+Fri Aug 25 20:08:15 UTC 2023 - BjÃ¸rn Lie <bjorn....@gmail.com>
+
+- Update to version 44.4:
+  + Fix for potential security issue.
+  + Restrict GraphHopper geocoder to supported languages.
+
+-------------------------------------------------------------------

Old:
----
  gnome-maps-44.3.tar.xz

New:
----
  gnome-maps-44.4.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gnome-maps.spec ++++++
--- /var/tmp/diff_new_pack.ov1oi6/_old  2023-08-30 10:21:40.670706181 +0200
+++ /var/tmp/diff_new_pack.ov1oi6/_new  2023-08-30 10:21:40.678706467 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           gnome-maps
-Version:        44.3
+Version:        44.4
 Release:        0
 Summary:        Maps Application for GNOME
 License:        GPL-2.0-or-later

++++++ gnome-maps-44.3.tar.xz -> gnome-maps-44.4.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gnome-maps-44.3/NEWS new/gnome-maps-44.4/NEWS
--- old/gnome-maps-44.3/NEWS    2023-07-01 22:52:33.000000000 +0200
+++ new/gnome-maps-44.4/NEWS    2023-08-25 22:03:38.000000000 +0200
@@ -1,3 +1,14 @@
+44.4 - Aug 25, 2023
+=========================
+
+Changes since 44.3
+ - Fix for potential security issue
+ - Restrict GraphHopper geocoder to supported languages
+
+All contributors to this release
+Marcus Lundblad <m...@dfupdate.se>
+Michael Evans <michaelgrahamev...@gmail.com>
+
 44.3 - Jul 1, 2023
 =========================
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gnome-maps-44.3/data/maps-service.json 
new/gnome-maps-44.4/data/maps-service.json
--- old/gnome-maps-44.3/data/maps-service.json  2023-07-01 22:52:33.000000000 
+0200
+++ new/gnome-maps-44.4/data/maps-service.json  2023-08-25 22:03:38.000000000 
+0200
@@ -32,6 +32,7 @@
         "baseUrl": "https://graphhopper.com";,
         "attribution": "GraphHopper",
         "attributionUrl": "https://graphhopper.com/";,
-       "apiKey": "VCIHrHj0pDKb8INLpT4s5hVadNmJ1Q3vi0J4nJYP"
+       "apiKey": "VCIHrHj0pDKb8INLpT4s5hVadNmJ1Q3vi0J4nJYP",
+       "supportedLanguages": ["de", "en", "fr"]
     }
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/gnome-maps-44.3/data/org.gnome.Maps.appdata.xml.in.in 
new/gnome-maps-44.4/data/org.gnome.Maps.appdata.xml.in.in
--- old/gnome-maps-44.3/data/org.gnome.Maps.appdata.xml.in.in   2023-07-01 
22:52:33.000000000 +0200
+++ new/gnome-maps-44.4/data/org.gnome.Maps.appdata.xml.in.in   2023-08-25 
22:03:38.000000000 +0200
@@ -31,6 +31,14 @@
     </screenshot>
   </screenshots>
   <releases>
+    <release date="2023-08-25" version="44.4">
+      <description>
+        <ul>
+          <li>Fix for potential security issue</li>
+          <li>Restrict GraphHopper geocoder to supported languages</li>
+        </ul>
+      </description>
+    </release>
     <release date="2023-07-01" version="44.3">
       <description>
         <ul>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gnome-maps-44.3/meson.build 
new/gnome-maps-44.4/meson.build
--- old/gnome-maps-44.3/meson.build     2023-07-01 22:52:33.000000000 +0200
+++ new/gnome-maps-44.4/meson.build     2023-08-25 22:03:38.000000000 +0200
@@ -1,5 +1,5 @@
 project('gnome-maps', 'c',
-       version: '44.3',
+       version: '44.4',
        license: 'GPL-2.0-or-later',
        meson_version: '>= 0.61.0',
 )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gnome-maps-44.3/src/graphHopperGeocode.js 
new/gnome-maps-44.4/src/graphHopperGeocode.js
--- old/gnome-maps-44.3/src/graphHopperGeocode.js       2023-07-01 
22:52:33.000000000 +0200
+++ new/gnome-maps-44.4/src/graphHopperGeocode.js       2023-08-25 
22:03:38.000000000 +0200
@@ -157,11 +157,19 @@
 
     _readService() {
         let graphHopperGeocode = Service.getService().graphHopperGeocode;
-        this._language = Utils.getLanguage();
 
         if (graphHopperGeocode) {
             this._baseUrl = graphHopperGeocode.baseUrl;
             this._apiKey = graphHopperGeocode.apiKey;
+
+            let language = Utils.getLanguage();
+            let supportedLanguages =
+                graphHopperGeocode.supportedLanguages ?? [];
+
+            if (supportedLanguages.includes(language))
+                this._language = language;
+            else
+                this._language = null;
         }
     }
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gnome-maps-44.3/src/transitRouter.js 
new/gnome-maps-44.4/src/transitRouter.js
--- old/gnome-maps-44.3/src/transitRouter.js    2023-07-01 22:52:33.000000000 
+0200
+++ new/gnome-maps-44.4/src/transitRouter.js    2023-08-25 22:03:38.000000000 
+0200
@@ -32,6 +32,7 @@
 import {OpenTripPlanner} from './transitplugins/openTripPlanner.js';
 import {Resrobot} from './transitplugins/resrobot.js';
 
+const ALL_PLUGINS = ["GoMetro", "OpendataCH", "OpenTripPlanner", "Resrobot"];
 
 /**
  * Class responsible for delegating requests to perform routing in transit
@@ -67,8 +68,7 @@
             // override plugin was specified, try instanciating if not done yet
             if (!this._currPluginInstance) {
                 try {
-                    this._currentPluginInstance =
-                        eval(`new ${pluginOverride}()`);
+                    this._currentPluginInstance = 
this._instantiatePlugin(pluginOverride);
                 } catch (e) {
                     Utils.debug('Unable to instanciate plugin: ' + 
pluginOverride);
                     throw e;
@@ -230,9 +230,7 @@
 
             try {
                 let params = provider.params;
-                let instance =
-                    params ? eval(`new ${plugin}(params)`):
-                             eval(`new ${plugin}()`);
+                let instance = this._instantiatePlugin(plugin, params);
 
                 this._providerCache[provider.name] = instance;
 
@@ -263,4 +261,12 @@
         else
             return 0;
     }
+
+    _instantiatePlugin(plugin, params) {
+        if (!ALL_PLUGINS.includes(plugin))
+            throw 'Unknown plugin: ' + plugin;
+        return params
+            ? eval(`new ${plugin}(params)`)
+            : eval(`new ${plugin}()`);
+    }
 };

commit gnome-maps for openSUSE:Factory

Reply via email to