Hello community, here is the log from the commit of package xawtv for openSUSE:Factory checked in at 2020-06-03 20:32:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xawtv (Old) and /work/SRC/openSUSE:Factory/.xawtv.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xawtv" Wed Jun 3 20:32:35 2020 rev:8 rq:811116 version:3.103 Changes: -------- --- /work/SRC/openSUSE:Factory/xawtv/xawtv.changes 2020-05-03 22:46:46.547098689 +0200 +++ /work/SRC/openSUSE:Factory/.xawtv.new.3606/xawtv.changes 2020-06-03 20:33:05.121278471 +0200 @@ -1,0 +2,13 @@ +Wed Jun 3 10:31:36 UTC 2020 - Matthias Gerstner <[email protected]> + +- add gcc-10.patch: fixes multiple definitions of global variables across the + code. These cause errors with new major gcc 10 version. + +------------------------------------------------------------------- +Fri May 29 09:02:03 UTC 2020 - Matthias Gerstner <[email protected]> + +- v4l-conf: add v4l-conf-fix-CVE-2020-13696.patch: fix security issue in + setuid-root program that allows for arbitrary file existence tests and + open() with O_RDWR (bsc#1171655, CVE-2020-13696) + +------------------------------------------------------------------- New: ---- gcc-10.patch v4l-conf-fix-CVE-2020-13696.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xawtv.spec ++++++ --- /var/tmp/diff_new_pack.mfmijg/_old 2020-06-03 20:33:05.845280740 +0200 +++ /var/tmp/diff_new_pack.mfmijg/_new 2020-06-03 20:33:05.845280740 +0200 @@ -1,7 +1,7 @@ # # spec file for package xawtv # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + %ifarch %arm aarch64 %define _lto_cflags %{nil} %endif @@ -35,6 +36,8 @@ Patch1: xawtv-fixblitframesegfault.patch # PATCH-FIX-UPSTREAM Patch2: fix-build-with-recent-glibc.patch +Patch3: v4l-conf-fix-CVE-2020-13696.patch +Patch4: gcc-10.patch BuildRequires: aalib-devel BuildRequires: alsa-devel BuildRequires: gcc-c++ @@ -152,6 +155,8 @@ %patch0 %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 %build export CFLAGS="%{optflags} -fno-strict-aliasing" ++++++ gcc-10.patch ++++++ Index: xawtv-3.103/common/commands.c =================================================================== --- xawtv-3.103.orig/common/commands.c +++ xawtv-3.103/common/commands.c @@ -63,7 +63,7 @@ void (*capture_get_hook)(void); void (*capture_rel_hook)(void); void (*movie_hook)(int argc, char **argv); -int debug; +extern int debug; int do_overlay; char *snapbase = "snap"; int have_shmem; Index: xawtv-3.103/console/streamer.c =================================================================== --- xawtv-3.103.orig/console/streamer.c +++ xawtv-3.103/console/streamer.c @@ -59,7 +59,7 @@ static int quiet = 0, fps = 10000; static int signaled = 0, wait_seconds = 0; -int debug = 0, have_dga = 0; +int debug = 0; /* ---------------------------------------------------------------------- */ Index: xawtv-3.103/libng/grab-ng.h =================================================================== --- xawtv-3.103.orig/libng/grab-ng.h +++ xawtv-3.103/libng/grab-ng.h @@ -481,9 +481,9 @@ void ng_color_yuv2rgb_init(void); void ng_writefile_init(void); /* for yuv2rgb using lookup tables (color_lut.c, color_yuv2rgb.c) */ -unsigned long ng_lut_red[256]; -unsigned long ng_lut_green[256]; -unsigned long ng_lut_blue[256]; +extern unsigned long ng_lut_red[256]; +extern unsigned long ng_lut_green[256]; +extern unsigned long ng_lut_blue[256]; void ng_yuv422_to_lut2(unsigned char *dest, unsigned char *s, int p); void ng_yuv422_to_lut4(unsigned char *dest, unsigned char *s, int p); void ng_yuv420p_to_lut2(void *h, struct ng_video_buf *out, Index: xawtv-3.103/console/ttv.c =================================================================== --- xawtv-3.103.orig/console/ttv.c +++ xawtv-3.103/console/ttv.c @@ -33,6 +33,8 @@ static struct ng_video_conv *conv; static struct ng_convert_handle *ch; static int fast; +int debug = 0; + static void grabber_init(void) { Index: xawtv-3.103/x11/xawtv.c =================================================================== --- xawtv-3.103.orig/x11/xawtv.c +++ xawtv-3.103/x11/xawtv.c @@ -82,7 +82,7 @@ Widget chan_viewport, chan_bo Pixmap tv_pix; struct vbi_window *vtx; -int have_config = 0; +extern int have_config; XtIntervalId audio_timer; XtIntervalId unmute_timer; int unmute_pending = 0; Index: xawtv-3.103/console/fbtv.c =================================================================== --- xawtv-3.103.orig/console/fbtv.c +++ xawtv-3.103/console/fbtv.c @@ -72,7 +72,6 @@ static struct ng_video_conv *conv; static struct ng_convert_handle *ch; static int dx,dy; -int have_config; int x11_native_format,have_dga=1,debug; /*--- channels ------------------------------------------------------------*/ Index: xawtv-3.103/x11/wmhooks.h =================================================================== --- xawtv-3.103.orig/x11/wmhooks.h +++ xawtv-3.103/x11/wmhooks.h @@ -1,3 +1,3 @@ void wm_detect(Display *dpy); -void (*wm_stay_on_top)(Display *dpy, Window win, int state); -void (*wm_fullscreen)(Display *dpy, Window win, int state); +extern void (*wm_stay_on_top)(Display *dpy, Window win, int state); +extern void (*wm_fullscreen)(Display *dpy, Window win, int state); ++++++ v4l-conf-fix-CVE-2020-13696.patch ++++++ >From 31f31f9cbaee7be806cba38e0ff5431bd44b20a3 Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab <[email protected]> Date: Sat, 16 May 2020 01:22:07 +0200 Subject: [PATCH 1/3] v4l-conf: check file type before opening it Let's avoid open the file if it doesn't exist or it is not a file of the right type. Signed-off-by: Mauro Carvalho Chehab <[email protected]> --- console/v4l-conf.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/console/v4l-conf.c b/console/v4l-conf.c index c38bf16..c96886b 100644 --- a/console/v4l-conf.c +++ b/console/v4l-conf.c @@ -141,20 +141,23 @@ dev_open(const char *device, int major) exit(1); } - /* open & check v4l device */ - if (-1 == (fd = open(device,O_RDWR))) { - fprintf(stderr, "can't open %s: %s\n", device, strerror(errno)); + /* First check if the device is really a devnode of the right type */ + if (-1 == stat(device, &stb)) { + fprintf(stderr, "stat(%s): %s\n", device, strerror(errno)); exit(1); } - if (-1 == fstat(fd,&stb)) { - fprintf(stderr, "fstat(%s): %s\n", device, strerror(errno)); - exit(1); - } if (!S_ISCHR(stb.st_mode) || (major(stb.st_rdev) != major)) { fprintf(stderr, "%s: wrong device\n", device); exit(1); } + + /* Then open it */ + if (-1 == (fd = open(device,O_RDWR))) { + fprintf(stderr, "can't open %s: %s\n", device, strerror(errno)); + exit(1); + } + return fd; } -- 2.26.2 >From 36dc44e68e5886339b4a0fbe3f404fb1a4fd2292 Mon Sep 17 00:00:00 2001 From: Mauro Carvalho Chehab <[email protected]> Date: Thu, 28 May 2020 11:58:34 +0200 Subject: [PATCH 3/3] v4l-conf: simplify stat message No need to print an error code here. Signed-off-by: Mauro Carvalho Chehab <[email protected]> --- console/v4l-conf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/console/v4l-conf.c b/console/v4l-conf.c index c96886b..0e8d3e3 100644 --- a/console/v4l-conf.c +++ b/console/v4l-conf.c @@ -143,7 +143,7 @@ dev_open(const char *device, int major) /* First check if the device is really a devnode of the right type */ if (-1 == stat(device, &stb)) { - fprintf(stderr, "stat(%s): %s\n", device, strerror(errno)); + fprintf(stderr, "stat failed on %s\n", device); exit(1); } -- 2.26.2 diff --git a/console/v4l-conf.c b/console/v4l-conf.c index 0e8d3e3..d6fb960 100644 --- a/console/v4l-conf.c +++ b/console/v4l-conf.c @@ -143,12 +143,12 @@ dev_open(const char *device, int major) /* First check if the device is really a devnode of the right type */ if (-1 == stat(device, &stb)) { - fprintf(stderr, "stat failed on %s\n", device); + fprintf(stderr, "invalid path or file is not of the right type %s\n", device); exit(1); } if (!S_ISCHR(stb.st_mode) || (major(stb.st_rdev) != major)) { - fprintf(stderr, "%s: wrong device\n", device); + fprintf(stderr, "invalid path or file is not of the right type %s\n", device); exit(1); }
