Hello community, here is the log from the commit of package sddm for openSUSE:Factory checked in at 2015-10-22 12:57:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sddm (Old) and /work/SRC/openSUSE:Factory/.sddm.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sddm" Changes: -------- --- /work/SRC/openSUSE:Factory/sddm/sddm.changes 2015-09-27 14:31:26.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.sddm.new/sddm.changes 2015-10-22 12:57:56.000000000 +0200 @@ -1,0 +2,20 @@ +Sun Oct 18 16:38:26 UTC 2015 - [email protected] + +- openSUSE branding now needs to require plasma5-workspace-branding + +------------------------------------------------------------------- +Thu Oct 15 17:21:21 UTC 2015 - [email protected] + +- Added patches from upstream: + 0001-Don-t-cast-QByteArray-to-char.patch + (https://github.com/sddm/sddm/issues/489) + and 0002-Disable-greeters-from-loading-KDE-s-debug-hander.patch + (boo#950491, CVE-2015-0856) + +------------------------------------------------------------------- +Sun Oct 11 12:07:58 UTC 2015 - [email protected] + +- Added boo949903.patch: Let sddm also default to plasma5 for last + used session (boo#949903) + +------------------------------------------------------------------- New: ---- 0001-Don-t-cast-QByteArray-to-char.patch 0002-Disable-greeters-from-loading-KDE-s-debug-hander.patch boo949903.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sddm.spec ++++++ --- /var/tmp/diff_new_pack.H88ECF/_old 2015-10-22 12:57:57.000000000 +0200 +++ /var/tmp/diff_new_pack.H88ECF/_new 2015-10-22 12:57:57.000000000 +0200 @@ -42,6 +42,12 @@ # PATCH-FIX-OPENSUSE sddm-service-handle-plymouth.patch -- sddm has some rudimentary support for plymouth handling, which only works with plymouth-quit.service # (the servce is not enabled on openSUSE). For users of sddm.service, we need to issue plymouth quit command by hand in this case Patch4: sddm-service-handle-plymouth.patch +# PATCH-FIX-OPENSUSE boo949903.patch -- Let sddm also default to plasma5 for last used session (boo#949903) +Patch5: boo949903.patch +# PATCH-FIX-UPSTREAM 0001-Don-t-cast-QByteArray-to-char.patch +Patch6: 0001-Don-t-cast-QByteArray-to-char.patch +# PATCH-FIX-UPSTREAM 0002-Disable-greeters-from-loading-KDE-s-debug-hander.patch +Patch7: 0002-Disable-greeters-from-loading-KDE-s-debug-hander.patch BuildRequires: cmake BuildRequires: fdupes BuildRequires: kf5-filesystem @@ -72,7 +78,7 @@ Summary: Lightweight QML-based display manager. openSUSE branding Group: System/GUI/KDE PreReq: sddm -Requires: plasma5-workspace +Requires: plasma5-workspace-branding Supplements: packageand(plasma5-workspace:branding-openSUSE) Provides: sddm-branding = %{version} Conflicts: otherproviders(sddm-branding) @@ -103,6 +109,9 @@ %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 %build %cmake \ @@ -137,7 +146,7 @@ -d /var/lib/sddm sddm 2> /dev/null || : %post branding-openSUSE -if [ $1 -eq 1 -a -f /etc/sddm.conf ]; then +if [ $1 -ge 1 -a -f /etc/sddm.conf ]; then sed -i -e 's/^Current=maui$/Current=breeze/g' /etc/sddm.conf fi ++++++ 0001-Don-t-cast-QByteArray-to-char.patch ++++++ >From ef31b386d16cdf2042b62c45702a01d4e5de7ee9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=C4=81vis?= <[email protected]> Date: Thu, 24 Sep 2015 02:52:46 +0300 Subject: [PATCH 1/2] Don't cast QByteArray to (char *) They're obsolete members [1] and caused #489. [1] http://doc.qt.io/qt-5/qbytearray-obsolete.html (cherry picked from commit c637727c958286659e9905993fca276a63f6f6d5) --- CMakeLists.txt | 2 +- src/helper/UserSession.cpp | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0f10f9201925cf1fb94485497dc1f0b73e882a12..c2192a01ec265c453e5bd849f90a479dba8ed482 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -33,7 +33,7 @@ option(BUILD_MAN_PAGES "Build man pages" OFF) option(ENABLE_JOURNALD "Enable logging to journald" ON) # Definitions -add_definitions(-Wall -std=c++11 -DQT_NO_CAST_FROM_ASCII) +add_definitions(-Wall -std=c++11 -DQT_NO_CAST_FROM_ASCII -DQT_NO_CAST_FROM_BYTEARRAY) # Default build type if(NOT CMAKE_BUILD_TYPE) diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp index 68c87d156ba9a8a2c91f52fb2e159eff88fc9238..0f3d7fff80bb7b1e2fc32a83c4d9fdc1b0ae7dd3 100644 --- a/src/helper/UserSession.cpp +++ b/src/helper/UserSession.cpp @@ -110,8 +110,8 @@ namespace SDDM { } } - const char *username = qobject_cast<HelperApp*>(parent())->user().toLocal8Bit(); - struct passwd *pw = getpwnam(username); + const QByteArray username = qobject_cast<HelperApp*>(parent())->user().toLocal8Bit(); + struct passwd *pw = getpwnam(username.constData()); if (setgid(pw->pw_gid) != 0) { qCritical() << "setgid(" << pw->pw_gid << ") failed for user: " << username; exit(Auth::HELPER_OTHER_ERROR); -- 2.6.0 ++++++ 0002-Disable-greeters-from-loading-KDE-s-debug-hander.patch ++++++ >From 505226cae81a97d15a665c87accf042bf17a223d Mon Sep 17 00:00:00 2001 From: David Edmundson <[email protected]> Date: Wed, 14 Oct 2015 00:08:59 +0100 Subject: [PATCH 2/2] Disable greeters from loading KDE's debug hander Some themes may use KDE components which will automatically load KDE's crash handler. If the greeter were to then somehow crash, that would leave a crash handler allowing other actions, albeit as the locked down SDDM user. Only SDDM users using the breeze theme from plasma-workspace are affected. Safest and simplest fix is to handle this inside SDDM disabling kcrash via an environment variable for all future themes that may use these libraries. CVE-2015-0856 (cherry picked from commit 4cfed6b0a625593fb43876f04badc4dd99799d86) --- src/daemon/Greeter.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/daemon/Greeter.cpp b/src/daemon/Greeter.cpp index 32f4a40a1a2f55fcb08aa9dfe563bf39e0c2a633..57307cbc7f19c4bdd951ed02329bc186ace119ad 100644 --- a/src/daemon/Greeter.cpp +++ b/src/daemon/Greeter.cpp @@ -141,6 +141,10 @@ namespace SDDM { env.insert(QStringLiteral("XDG_VTNR"), QString::number(m_display->terminalId())); env.insert(QStringLiteral("XDG_SESSION_CLASS"), QStringLiteral("greeter")); env.insert(QStringLiteral("XDG_SESSION_TYPE"), m_display->sessionType()); + + //some themes may use KDE components and that will automatically load KDE's crash handler which we don't want + //counterintuitively setting this env disables that handler + env.insert(QStringLiteral("KDE_DEBUG"), QStringLiteral("1")); m_auth->insertEnvironment(env); // log message -- 2.6.0 ++++++ boo949903.patch ++++++ --- sddm-0.12.0.orig/src/common/Configuration.h 2015-10-11 14:03:22.510105030 +0200 +++ sddm-0.12.0/src/common/Configuration.h 2015-10-11 14:06:02.148109280 +0200 @@ -91,7 +91,7 @@ namespace SDDM { Config(StateConfig, []()->QString{auto tmp = getpwnam("sddm"); return tmp ? QString::fromLocal8Bit(tmp->pw_dir) : QStringLiteral(STATE_DIR);}().append(QStringLiteral("/state.conf")), Section(Last, - Entry(Session, QString, QString(), _S("Name of the session file of the last session selected. This session will be preselected when the login screen shows up.")); + Entry(Session, QString, _S("/usr/share/xsessions/plasma5.desktop"), _S("Name of the session file of the last session selected. This session will be preselected when the login screen shows up.")); Entry(User, QString, QString(), _S("Name of the last logged-in user. This username will be preselected/shown when the login screen shows up")); ); );
