Update to dino 0.2.1

https://github.com/dino/dino/releases/tag/v0.2.1
Maintenance release with fix for CVE-2021-33896 and bug fixes.

https://nvd.nist.gov/vuln/detail/CVE-2021-33896
"Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal
(only for creation of new files) via URI-encoded path separators."

devel/quirks/Makefile

@@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.1282 2021/08/30 01:19:18 danj Exp $
+# $OpenBSD: Makefile,v 1.1283 2021/08/30 14:40:05 kn Exp $
 
 COMMENT =	exceptions to pkg_add rules
 CATEGORIES =	devel databases
 DISTFILES =
 
 # API.rev
-PKGNAME =	quirks-4.35
+PKGNAME =	quirks-4.36
 PKG_ARCH =	*
 MAINTAINER =	Marc Espie <espie@openbsd.org>
 

devel/quirks/files/Quirks.pm

@@ -1,7 +1,7 @@
 #! /usr/bin/perl
 
 # ex:ts=8 sw=4:
-# $OpenBSD: Quirks.pm,v 1.1298 2021/08/29 23:11:57 ian Exp $
+# $OpenBSD: Quirks.pm,v 1.1299 2021/08/30 14:40:05 kn Exp $
 #
 # Copyright (c) 2009 Marc Espie <espie@openbsd.org>
 #
@@ -1435,6 +1435,7 @@ my $cve = {
 	'multimedia/libquicktime' => 'libquicktime-<1.2.4p13',
 	'net/curl' => 'curl-<7.65.0',
 	'net/dhcpcd' => 'dhcpcd-<7.2.2',
+	'net/dino' => 'dino-<0.2.1',
 	'net/haproxy' => 'haproxy-<2.0.14',
 	'net/icecast' => 'icecast-<2.4.4',
 	'net/irssi' => 'irssi-<1.2.1',

net/dino/Makefile

@@ -1,10 +1,9 @@
-# $OpenBSD: Makefile,v 1.3 2021/08/29 12:59:17 solene Exp $
+# $OpenBSD: Makefile,v 1.4 2021/08/30 14:40:05 kn Exp $
 
 COMMENT=	XMPP desktop client
-VERSION=	0.2.0
+VERSION=	0.2.1
 DISTNAME=	dino-${VERSION}
 CATEGORIES=	net x11
-REVISION=	0
 
 SHARED_LIBS +=	dino                      0.0 # 0.0
 SHARED_LIBS +=	qlite                     0.0 # 0.1
@@ -31,8 +30,8 @@ LIB_DEPENDS=	x11/gtk+3 \
 		textproc/icu4c \
 		net/libsignal-protocol-c
 
-WANTLIB += atk-1.0 c cairo cairo-gobject gcrypt gdk-3 gdk_pixbuf-2.0
-WANTLIB += gee-0.8 gio-2.0 glib-2.0 gmodule-2.0 gobject-2.0 gpgme
+WANTLIB += assuan atk-1.0 c cairo cairo-gobject gcrypt gdk-3 gdk_pixbuf-2.0
+WANTLIB += gee-0.8 gio-2.0 glib-2.0 gmodule-2.0 gobject-2.0 gpg-error gpgme
 WANTLIB += gtk-3 harfbuzz icudata icuuc intl m pango-1.0 pangocairo-1.0
 WANTLIB += qrencode signal-protocol-c soup-2.4 sqlite3
 

net/dino/distinfo

@@ -1,2 +1,2 @@
-SHA256 (dino-0.2.0.tar.gz) = VluV2fxpdBLtyJgiWJD5XSbUKjWU4SaAy9fQONeBL0Y=
-SIZE (dino-0.2.0.tar.gz) = 514257
+SHA256 (dino-0.2.1.tar.gz) = L/Rz/YVoeGnKpJIsX7kKQ3Ce3jghRsDE+KoMqcFCM48=
+SIZE (dino-0.2.1.tar.gz) = 514504

net/dino/patches/patch-qlite_src_column_vala

@@ -1,34 +0,0 @@
-$OpenBSD: patch-qlite_src_column_vala,v 1.1 2021/03/06 19:16:31 jasper Exp $
-
-https://github.com/dino/dino/commit/9acb54df9254609f2fe4de83c9047d408412de28
-
-Index: qlite/src/column.vala
---- qlite/src/column.vala.orig
-+++ qlite/src/column.vala
-@@ -96,12 +96,14 @@ public abstract class Column<T> {
-         }
-     }
- 
--    public class Real : Column<double> {
--        public Real(string name) {
-+    public class NullableReal : Column<double?> {
-+        public NullableReal(string name) {
-             base(name, FLOAT);
-         }
- 
--        public override double get(Row row, string? table_name = DEFALT_TABLE_NAME) {
-+        public override bool not_null { get { return false; } set {} }
-+
-+        public override double? get(Row row, string? table_name = DEFALT_TABLE_NAME) {
-             return row.get_real(name, table_name == DEFALT_TABLE_NAME ? table.name : table_name);
-         }
- 
-@@ -109,7 +111,7 @@ public abstract class Column<T> {
-             return !row.has_real(name, table_name == DEFALT_TABLE_NAME ? table.name : table_name);
-         }
- 
--        internal override void bind(Statement stmt, int index, double value) {
-+        internal override void bind(Statement stmt, int index, double? value) {
-             stmt.bind_double(index, value);
-         }
-     }