UPDATE: Check Gaim's site for a patch for the current gaim packages. The problems have been fixed and users should use the latest packages with the patch from gaim.sourceforge.net. I'll leave this howto up for those who are interested in generating rpms of gaim from cvs for other reasons.
You may wish to see Thomas Chung's article on building RPMs as a non root user.
With the recent amount of vulnerabilities found in gaim's current stable release, I thought I would write up this howto on how to make an rpm of the secure version from cvs.
To start out you need to pull the cvs code of gaim from gaim's cvs repository.
[user@localhost ~]$ cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/gaim login
Press enter when it prompts for a password. Next checkout gaim from the repository. This will pull down the gaim source to a directory called gaim. rename the directory to gaim-0.76cvs, so it will coincide with the spec file.
[user@localhost ~]$ cvs
-d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/gaim co gaim
[user@localhost ~]$ mv gaim gaim-0.76cvs
[user@localhost ~]$ cd gaim-0.76cvs
[user@localhost gaim-0.76cvs]$ ./autogen.sh
Running Autogen will run configure gaim and create the spec file.
[user@localhost ~]$ cd ..
[user@localhost ~]$ tar -czv gaim-0.76cvs > gaim-0.76cvs.tar.gz
su to root and move the tarball to /usr/src/redhat/SOURCES.
[root@localhost ~]$ mv gaim-0.76.tar.gz /usr/src/redhat/SOURCES/
Return to the original gaim-0.76cvs direcory.
[root@localhost ~]$ cd gaim-0.76cvs
before you can build the rpm you'll need to install the dependencies needed to build this package. Their will probably be 3 needed rpms. libao-devel, gtkspell-devel, and mozilla-nss-devel can all be obtained from yum.
[root@localhost gaim-0.76cvs]$ yum install libao-devel gtkspell-devel mozilla-nss-devel
Now we can built the gaim rpm.
[root@localhost gaim-0.76cvs]$ rpmbuild -ba gaim.spec
This will take a few minutes or so depending on the speed of your machine. When it finishes it will have created the gaim rpm in /usr/src/redhat/RPMS/i386. to install do the following.
[root@localhost ~]$ rpm -Uvh /usr/src/redhat/RPMS/i386/gaim-0.76cvs-0.i386.rpm
Now gaim will be no longer be vulnerable to the recent exploits.
-Daniel Owen