Hi, attached is a fix for this issue. It will be also archived on: http://people.debian.org/~nion/nmu-diff/gnome-screensaver-2.22.0-1_2.22.0-1.1.patch
Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u gnome-screensaver-2.22.0/debian/changelog gnome-screensaver-2.22.0/debian/changelog
--- gnome-screensaver-2.22.0/debian/changelog
+++ gnome-screensaver-2.22.0/debian/changelog
@@ -1,3 +1,12 @@
+gnome-screensaver (2.22.0-1.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix screensaver crashing and thus unlocking the screen on a network
+ outage if a remote directory service like NIS is used for login
+ credentials (CVE-2008-0887; Closes: #475154).
+
+ -- Nico Golde <[EMAIL PROTECTED]> Sun, 13 Apr 2008 19:19:00 +0200
+
gnome-screensaver (2.22.0-1) unstable; urgency=medium
[ Josselin Mouette ]
only in patch2:
unchanged:
--- gnome-screensaver-2.22.0.orig/debian/patches/02_CVE-2008-0887.patch
+++ gnome-screensaver-2.22.0/debian/patches/02_CVE-2008-0887.patch
@@ -0,0 +1,225 @@
+Index: gnome-screensaver/src/gnome-screensaver-dialog.c
+===================================================================
+--- gnome-screensaver/src/gnome-screensaver-dialog.c (revision 1398)
++++ gnome-screensaver/src/gnome-screensaver-dialog.c (working copy)
+@@ -41,6 +41,8 @@
+
+ #include "gs-debug.h"
+
++#define MAX_FAILURES 5
++
+ static gboolean verbose = FALSE;
+ static gboolean show_version = FALSE;
+ static gboolean enable_logout = FALSE;
+@@ -299,8 +301,6 @@ do_auth_check (GSLockPlug *plug)
+ gs_lock_plug_show_message (plug, _("Authentication failed."));
+ }
+
+- g_timeout_add (3000, (GSourceFunc)reset_idle_cb, plug);
+-
+ printf ("NOTICE=AUTH FAILED\n");
+ fflush (stdout);
+
+@@ -325,15 +325,28 @@ response_cb (GSLockPlug *plug,
+ static gboolean
+ auth_check_idle (GSLockPlug *plug)
+ {
+- gboolean res;
++ gboolean res;
++ gboolean again;
++ static guint loop_counter = 0;
+
++ again = TRUE;
+ res = do_auth_check (plug);
+
+ if (res) {
++ again = FALSE;
+ g_idle_add ((GSourceFunc)quit_response_ok, NULL);
++ } else {
++ loop_counter++;
++
++ if (loop_counter < MAX_FAILURES) {
++ g_timeout_add (3000, (GSourceFunc)reset_idle_cb, plug);
++ } else {
++ again = FALSE;
++ gtk_main_quit ();
++ }
+ }
+
+- return !res;
++ return again;
+ }
+
+ static void
+Index: gnome-screensaver/src/setuid.c
+===================================================================
+--- gnome-screensaver/src/setuid.c (revision 1398)
++++ gnome-screensaver/src/setuid.c (working copy)
+@@ -48,7 +48,7 @@ uid_gid_string (uid_t uid,
+ return buf;
+ }
+
+-static int
++static gboolean
+ set_ids_by_number (uid_t uid,
+ gid_t gid,
+ char **message_ret)
+@@ -96,7 +96,7 @@ set_ids_by_number (uid_t uid,
+
+ g_free (reason);
+
+- return 0;
++ return TRUE;
+ } else {
+ char *reason = NULL;
+
+@@ -141,9 +141,9 @@ set_ids_by_number (uid_t uid,
+ g_free (reason);
+ reason = NULL;
+ }
+-
+- return -1;
++ return FALSE;
+ }
++ return FALSE;
+ }
+
+
+@@ -165,12 +165,21 @@ hack_uid (char **nolock_reason,
+ char **orig_uid,
+ char **uid_message)
+ {
+- if (nolock_reason)
++ char *reason;
++ gboolean ret;
++
++ ret = TRUE;
++ reason = NULL;
++
++ if (nolock_reason != NULL) {
+ *nolock_reason = NULL;
+- if (orig_uid)
++ }
++ if (orig_uid != NULL) {
+ *orig_uid = NULL;
+- if (uid_message)
++ }
++ if (uid_message != NULL) {
+ *uid_message = NULL;
++ }
+
+ /* Discard privileges, and set the effective user/group ids to the
+ real user/group ids. That is, give up our "chmod +s" rights.
+@@ -181,12 +190,18 @@ hack_uid (char **nolock_reason,
+ uid_t uid = getuid ();
+ gid_t gid = getgid ();
+
+- if (orig_uid)
++ if (orig_uid != NULL) {
+ *orig_uid = uid_gid_string (euid, egid);
++ }
++
++ if (uid != euid || gid != egid) {
++ if (! set_ids_by_number (uid, gid, uid_message)) {
++ reason = g_strdup ("unable to discard privileges.");
+
+- if (uid != euid || gid != egid)
+- if (set_ids_by_number (uid, gid, uid_message) != 0)
+- return FALSE;
++ ret = FALSE;
++ goto out;
++ }
++ }
+ }
+
+
+@@ -200,81 +215,16 @@ hack_uid (char **nolock_reason,
+ and "USING XDM".
+ */
+ if (getuid () == (uid_t) 0) {
+- if (nolock_reason)
+- *nolock_reason = g_strdup ("running as root");
+- return FALSE;
++ reason = g_strdup ("running as root");
++ ret = FALSE;
++ goto out;
+ }
+
+- /* If we're running as root, switch to a safer user. This is above and
+- beyond the fact that we've disabling locking, above -- the theory is
+- that running graphics demos as root is just always a stupid thing
+- to do, since they have probably never been security reviewed and are
+- more likely to be buggy than just about any other kind of program.
+- (And that assumes non-malicious code. There are also attacks here.)
+-
+- *** WARNING: DO NOT DISABLE THIS CODE!
+- If you do so, you will open a security hole. See the sections
+- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
+- and "USING XDM".
+- */
+- if (getuid () == (uid_t) 0) {
+- struct passwd *p;
+-
+- p = getpwnam ("nobody");
+- if (! p) p = getpwnam ("noaccess");
+- if (! p) p = getpwnam ("daemon");
+- if (! p) {
+- g_warning ("running as root, and couldn't find a safer uid.");
+- return FALSE;
+- }
+-
+- if (set_ids_by_number (p->pw_uid, p->pw_gid, uid_message) != 0)
+- return FALSE;
+- }
+-
+-
+- /* If there's anything even remotely funny looking about the passwd struct,
+- or if we're running as some other user from the list below (a
+- non-comprehensive selection of users known to be privileged in some way,
+- and not normal end-users) then disable locking. If it was possible,
+- switching to "nobody" would be the thing to do, but only root itself has
+- the privs to do that.
+-
+- *** WARNING: DO NOT DISABLE THIS CODE!
+- If you do so, you will open a security hole. See the sections
+- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
+- and "USING XDM".
+- */
+- {
+- uid_t uid = getuid (); /* get it again */
+- struct passwd *p = getpwuid (uid); /* get it again */
+-
+- if (!p ||
+- uid == (uid_t) 0 ||
+- uid == (uid_t) -1 ||
+- uid == (uid_t) -2 ||
+- p->pw_uid == (uid_t) 0 ||
+- p->pw_uid == (uid_t) -1 ||
+- p->pw_uid == (uid_t) -2 ||
+- !p->pw_name ||
+- !*p->pw_name ||
+- !strcmp (p->pw_name, "root") ||
+- !strcmp (p->pw_name, "nobody") ||
+- !strcmp (p->pw_name, "noaccess") ||
+- !strcmp (p->pw_name, "operator") ||
+- !strcmp (p->pw_name, "daemon") ||
+- !strcmp (p->pw_name, "bin") ||
+- !strcmp (p->pw_name, "adm") ||
+- !strcmp (p->pw_name, "sys") ||
+- !strcmp (p->pw_name, "games")) {
+- if (nolock_reason)
+- *nolock_reason = g_strdup_printf ("running as %s",
+- (p && p->pw_name
+- && *p->pw_name
+- ? p->pw_name : "<unknown>"));
+- return FALSE;
+- }
++ out:
++ if (nolock_reason != NULL) {
++ *nolock_reason = g_strdup (reason);
+ }
++ g_free (reason);
+
+- return TRUE;
++ return ret;
+ }
pgp0NX4NUctD3.pgp
Description: PGP signature

