Date: Friday, April 30, 2010 @ 05:59:50 Author: andrea Revision: 79101
prepare for KDE 4.4.3 Modified: kdebase-workspace/trunk/PKGBUILD Deleted: kdebase-workspace/trunk/fix-powerdevil-suspend.patch kdebase-workspace/trunk/kdebase-workspace-4.3.5-CVE-2010-0436.diff --------------------------------------------+ PKGBUILD | 18 -- fix-powerdevil-suspend.patch | 13 - kdebase-workspace-4.3.5-CVE-2010-0436.diff | 196 --------------------------- 3 files changed, 5 insertions(+), 222 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2010-04-30 09:59:45 UTC (rev 79100) +++ PKGBUILD 2010-04-30 09:59:50 UTC (rev 79101) @@ -2,8 +2,8 @@ # Maintainer: Pierre Schmitz <[email protected]> pkgname=kdebase-workspace -pkgver=4.4.2 -pkgrel=4 +pkgver=4.4.3 +pkgrel=1 pkgdesc="KDE Base Workspace" arch=('i686' 'x86_64') url='http://www.kde.org' @@ -26,19 +26,15 @@ 'etc/pam.d/kscreensaver') source=("http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.bz2"; 'kdm-zsh-profile.patch' 'kdm' 'kde.pam' 'kde-np.pam' 'kscreensaver.pam' - 'fixpath.patch' 'terminate-server.patch' - 'kdebase-workspace-4.3.5-CVE-2010-0436.diff' - 'fix-powerdevil-suspend.patch') -md5sums=('6251e5d0060bd1529f90b9eaf5f84230' + 'fixpath.patch' 'terminate-server.patch') +md5sums=('c334e70b425cbae2efc5a7e7dda4365f' '721e97031b62aee8914e8617e86f9235' '363a36b63f84bac79959cfbefdb8309e' '10a490653b002e6f9e7476ff9d37c011' '552337fd9a3982d809ea16c7f0033d42' '367a3538f54db71f108b34cfa31088ac' '47a1f12673f66e62e2463efd7037a26a' - '814350c52c135d6f7bdada1e29223d38' - '68c1dfe76e80812e5e049bb599b3374e' - '3e50fd1dd00c724e7b28599492a37054') + '814350c52c135d6f7bdada1e29223d38') build() { cd ${srcdir}/${pkgname}-${pkgver} @@ -46,10 +42,6 @@ patch -p0 -i ${srcdir}/fixpath.patch || return 1 patch -p0 -i ${srcdir}/terminate-server.patch || return 1 - # fixed in 4.4.3 - patch -p0 -i ${srcdir}/kdebase-workspace-4.3.5-CVE-2010-0436.diff || return 1 - patch -p5 -i ${srcdir}/fix-powerdevil-suspend.patch || return 1 - cd ${srcdir} mkdir build cd build Deleted: fix-powerdevil-suspend.patch =================================================================== --- fix-powerdevil-suspend.patch 2010-04-30 09:59:45 UTC (rev 79100) +++ fix-powerdevil-suspend.patch 2010-04-30 09:59:50 UTC (rev 79101) @@ -1,13 +0,0 @@ ---- branches/KDE/4.4/kdebase/workspace/powerdevil/daemon/PowerDevilDaemon.cpp 2010/04/15 18:15:29 1115242 -+++ branches/KDE/4.4/kdebase/workspace/powerdevil/daemon/PowerDevilDaemon.cpp 2010/04/15 18:18:39 1115243 -@@ -985,10 +985,6 @@ - void PowerDevilDaemon::emitNotification(const QString &evid, const QString &message, - const char *slot, const QString &iconname) - { -- if (slot) { -- QTimer::singleShot(0, this, slot); -- } -- - if (!slot) { - KNotification::event(evid, message, KIcon(iconname).pixmap(20, 20), - 0, KNotification::CloseOnTimeout, d->applicationData); Deleted: kdebase-workspace-4.3.5-CVE-2010-0436.diff =================================================================== --- kdebase-workspace-4.3.5-CVE-2010-0436.diff 2010-04-30 09:59:45 UTC (rev 79100) +++ kdebase-workspace-4.3.5-CVE-2010-0436.diff 2010-04-30 09:59:50 UTC (rev 79101) @@ -1,196 +0,0 @@ ---- kdm/ConfigureChecks.cmake -+++ kdm/ConfigureChecks.cmake -@@ -37,6 +37,35 @@ int main() - } - " HAVE_SETLOGIN) - -+check_c_source_runs(" -+#include <sys/socket.h> -+#include <sys/un.h> -+#include <sys/stat.h> -+#include <sys/types.h> -+#include <string.h> -+#include <unistd.h> -+#include <errno.h> -+int main() -+{ -+ int fd, fd2; -+ struct sockaddr_un sa; -+ -+ if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) -+ return 2; -+ sa.sun_family = AF_UNIX; -+ strcpy(sa.sun_path, \"testsock\"); -+ unlink(sa.sun_path); -+ if (bind(fd, (struct sockaddr *)&sa, sizeof(sa))) -+ return 2; -+ chmod(sa.sun_path, 0); -+ setuid(getuid() + 1000); -+ if ((fd2 = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) -+ return 2; -+ connect(fd2, (struct sockaddr *)&sa, sizeof(sa)); -+ return errno != EACCES; -+} -+" HONORS_SOCKET_PERMS) -+ - # for config-kdm.h - check_function_exists(seteuid HAVE_SETEUID) - ---- kdm/backend/ctrl.c -+++ kdm/backend/ctrl.c -@@ -79,7 +79,25 @@ nukeSock( struct cmdsock *cs ) - } - - -+#ifdef HONORS_SOCKET_PERMS - static CtrlRec ctrl = { 0, 0, -1, 0 }; -+#else -+static CtrlRec ctrl = { 0, 0, 0, -1, 0 }; -+ -+static int mkTempDir( char *dir ) -+{ -+ int i, l = strlen( dir ) - 6; -+ -+ for (i = 0; i < 100; i++) { -+ randomStr( dir + l ); -+ if (!mkdir( dir, 0700 )) -+ return True; -+ if (errno != EEXIST) -+ break; -+ } -+ return False; -+} -+#endif - - void - openCtrl( struct display *d ) -@@ -113,22 +131,50 @@ openCtrl( struct display *d ) - if (strlen( cr->path ) >= sizeof(sa.sun_path)) - logError( "path %\"s too long; control socket will not be available\n", - cr->path ); -- else if (mkdir( sockdir, 0755 ) && errno != EEXIST) -+#ifdef HONORS_SOCKET_PERMS -+ else if (mkdir( sockdir, 0700 ) && errno != EEXIST) - logError( "mkdir %\"s failed: %m; control socket will not be available\n", - sockdir ); -+ else if (unlink( cr->path ) && errno != ENOENT) -+ logError( "unlink %\"s failed: %m; control socket will not be available\n", -+ cr->path ); - else { -- if (!d) -- chown( sockdir, -1, fifoGroup ); -+#else -+ else if (unlink( sockdir ) && errno != ENOENT) -+ logError( "unlink %\"s failed: %m; control socket will not be available\n", -+ sockdir ); -+ else if (!strApp( &cr->realdir, sockdir, "-XXXXXX", (char *)0)) -+ ; -+ else if (!mkTempDir( cr->realdir )) { -+ logError( "mkdir %\"s failed: %m; control socket will not be available\n", -+ cr->realdir ); -+ free( cr->realdir ); -+ cr->realdir = 0; -+ } else if (symlink( cr->realdir, sockdir )) { -+ logError( "symlink %\"s => %\"s failed: %m; control socket will not be available\n", -+ sockdir, cr->realdir ); -+ rmdir( cr->realdir ); -+ free( cr->realdir ); -+ cr->realdir = 0; -+ } else { -+ chown( sockdir, 0, d ? 0 : fifoGroup ); - chmod( sockdir, 0750 ); -+#endif - if ((cr->fd = socket( PF_UNIX, SOCK_STREAM, 0 )) < 0) - logError( "Cannot create control socket: %m\n" ); - else { -- unlink( cr->path ); - sa.sun_family = AF_UNIX; - strcpy( sa.sun_path, cr->path ); - if (!bind( cr->fd, (struct sockaddr *)&sa, sizeof(sa) )) { - if (!listen( cr->fd, 5 )) { -+#ifdef HONORS_SOCKET_PERMS -+ chmod( cr->path, 0660 ); -+ if (!d) -+ chown( cr->path, -1, fifoGroup ); -+ chmod( sockdir, 0755 ); -+#else - chmod( cr->path, 0666 ); -+#endif - registerCloseOnFork( cr->fd ); - registerInput( cr->fd ); - free( sockdir ); -@@ -143,6 +189,14 @@ openCtrl( struct display *d ) - close( cr->fd ); - cr->fd = -1; - } -+#ifdef HONORS_SOCKET_PERMS -+ rmdir( sockdir ); -+#else -+ unlink( sockdir ); -+ rmdir( cr->realdir ); -+ free( cr->realdir ); -+ cr->realdir = 0; -+#endif - } - free( cr->path ); - cr->path = 0; -@@ -163,7 +217,14 @@ closeCtrl( struct display *d ) - cr->fd = -1; - unlink( cr->path ); - *strrchr( cr->path, '/' ) = 0; -+#ifdef HONORS_SOCKET_PERMS - rmdir( cr->path ); -+#else -+ unlink( cr->path ); -+ rmdir( cr->realdir ); -+ free( cr->realdir ); -+ cr->realdir = 0; -+#endif - free( cr->path ); - cr->path = 0; - while (cr->css) { -@@ -177,12 +238,12 @@ closeCtrl( struct display *d ) - void - chownCtrl( CtrlRec *cr, int uid ) - { -- if (cr->path) { -- char *ptr = strrchr( cr->path, '/' ); -- *ptr = 0; -+ if (cr->path) -+#ifdef HONORS_SOCKET_PERMS - chown( cr->path, uid, -1 ); -- *ptr = '/'; -- } -+#else -+ chown( cr->realdir, uid, -1 ); -+#endif - } - - void ---- kdm/backend/dm.h -+++ kdm/backend/dm.h -@@ -232,6 +232,9 @@ typedef struct { - struct cmdsock *css; /* open connections */ - - char *path; /* filename of the socket */ -+#ifndef HONORS_SOCKET_PERMS -+ char *realdir; /* real dirname of the socket */ -+#endif - int fd; /* fd of the socket */ - int gid; /* owner group of the socket */ - } CtrlRec; ---- kdm/config-kdm.h.cmake -+++ kdm/config-kdm.h.cmake -@@ -129,6 +129,9 @@ - /* Define to 1 if the ck-connector library is found */ - #cmakedefine HAVE_CKCONNECTOR 1 - -+/* Define to 1 if OS honors permission bits on socket inodes */ -+#cmakedefine HONORS_SOCKET_PERMS 1 -+ - /* $PATH defaults set by KDM */ - #cmakedefine KDM_DEF_USER_PATH "${KDM_DEF_USER_PATH}" - #cmakedefine KDM_DEF_SYSTEM_PATH "${KDM_DEF_SYSTEM_PATH}" --- -1.6.6.20.g9bfff -
