Date: Saturday, February 12, 2022 @ 02:16:37 Author: heftig Revision: 1132391
3.0.4-2: FS#73517 add libcanberra dep Added: ukui-control-center/trunk/6.patch Modified: ukui-control-center/trunk/PKGBUILD ----------+ 6.patch | 23 +++++++++++++++++++++++ PKGBUILD | 15 +++++++++++---- 2 files changed, 34 insertions(+), 4 deletions(-) Added: 6.patch =================================================================== --- 6.patch (rev 0) +++ 6.patch 2022-02-12 02:16:37 UTC (rev 1132391) @@ -0,0 +1,23 @@ +From d827d4850e405f098ed0967f02ef3034dbddd661 Mon Sep 17 00:00:00 2001 +From: Xeonacid <[email protected]> +Date: Wed, 19 Jan 2022 23:19:35 +0800 +Subject: [PATCH] fix(changeUserPwd/run-passwd.cpp): format security + +Add "%s" format to g_error_new, to fix the format string security issue. +--- + changeUserPwd/run-passwd.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/changeUserPwd/run-passwd.cpp b/changeUserPwd/run-passwd.cpp +index 59a76501..aca032f1 100644 +--- a/changeUserPwd/run-passwd.cpp ++++ b/changeUserPwd/run-passwd.cpp +@@ -377,7 +377,7 @@ static gboolean io_watch_stdout (GIOChannel *source, GIOCondition condition, Pas + "Your password has been changed after you verify!"); + } */else { + error = g_error_new (PASSWD_ERROR, PASSWD_ERROR_UNKNOWN, +- str->str); ++ "%s", str->str); + } + + /* At this point, passwd might have exited, in which case Modified: PKGBUILD =================================================================== --- PKGBUILD 2022-02-12 02:04:47 UTC (rev 1132390) +++ PKGBUILD 2022-02-12 02:16:37 UTC (rev 1132391) @@ -2,7 +2,7 @@ pkgname=ukui-control-center pkgver=3.0.4 -pkgrel=1 +pkgrel=2 pkgdesc="Utilities to configure the UKUI desktop" arch=('x86_64') license=('GPL') @@ -11,13 +11,20 @@ depends=('bluez-qt' 'boost-libs' 'ddcutil' 'kconfig' 'kconfigwidgets' 'ki18n' 'kscreen' 'kwidgetsaddons' 'libpwquality' 'lsb-release' 'peony' 'qt5-quickcontrols' 'ukui-interface' 'ukui-panel' 'ukui-media' 'ukui-menus' 'ukui-power-manager' 'ukui-screensaver' - 'ukui-settings-daemon' 'upower') + 'ukui-settings-daemon' 'upower' 'libcanberra') makedepends=('boost' 'qt5-tools') -source=("$pkgname-$pkgver.tar.gz::https://github.com/ukui/ukui-control-center/archive/v$pkgver.tar.gz";) -sha512sums=('f751502d66a36d8a6fe0199ec4408c3c371923c9a9b1e722f75bff66090f3b6eac18df2c8fd5b7c4d223a7938f491e4b89a91636cf15944574ecdeb43b995f4c') +source=("$pkgname-$pkgver.tar.gz::https://github.com/ukui/ukui-control-center/archive/v$pkgver.tar.gz"; + 6.patch) +sha512sums=('f751502d66a36d8a6fe0199ec4408c3c371923c9a9b1e722f75bff66090f3b6eac18df2c8fd5b7c4d223a7938f491e4b89a91636cf15944574ecdeb43b995f4c' + 'b15fc2f32fac0fbae3bf30d9cc19c78375bd50c35815d540c79ac9a7ba561b52ca599c0385826529603146f7a368045f1a861b5173f2538b226376e9f4cd9129') prepare() { cd ukui-control-center-$pkgver + + # Fix format-security + # https://github.com/ukui/ukui-control-center/pull/6 + patch -Np1 -i ../6.patch + # QSysInfo::productVersion() returns "unknown" on Arch #TODO: sed -i 's/productVersion/prettyProductName/' plugins/messages-task/about/about.cpp
