rpms/mate-settings-daemon
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix CVE-2012-5560 and stop generating version specific libdirs

Browse Source
This commit is contained in:
Dan Mashal 2012-11-23 17:04:08 -08:00
parent 879844bbce
commit b2d3195c8a
2 changed files with 108 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
commit_rollup.patch Normal file
View File

@ -0,0 +1,98 @@
diff -uNrp a/configure.ac b/configure.ac
--- a/configure.ac 2012-10-27 07:58:47.000000000 -0700
+++ b/configure.ac 2012-11-23 16:26:42.388325974 -0800
@@ -394,7 +394,7 @@ fi
# Plugins
# ---------------------------------------------------------------------------
-plugindir='$(libdir)/mate-settings-daemon-msd_api_version'
+plugindir='$(libdir)/mate-settings-daemon'
AC_SUBST([plugindir])
dnl ---------------------------------------------------------------------------
diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/mate-settings-daemon.install
--- a/distro/archlinux/mate-settings-daemon.install 1969-12-31 16:00:00.000000000 -0800
+++ b/distro/archlinux/mate-settings-daemon.install 2012-11-23 16:26:42.389326115 -0800
@@ -0,0 +1,22 @@
+pkgname=mate-settings-daemon
+
+post_install() {
+ usr/sbin/mateconfpkg --install ${pkgname}
+ gtk-update-icon-cache -q -t -f usr/share/icons/hicolor
+}
+
+pre_upgrade() {
+ pre_remove $1
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ usr/sbin/mateconfpkg --uninstall ${pkgname}
+}
+
+post_remove() {
+ gtk-update-icon-cache -q -t -f usr/share/icons/hicolor
+}
diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD
--- a/distro/archlinux/PKGBUILD 1969-12-31 16:00:00.000000000 -0800
+++ b/distro/archlinux/PKGBUILD 2012-11-23 16:26:42.389326115 -0800
@@ -0,0 +1,39 @@
+pkgname=mate-settings-daemon
+pkgver=1.1.1
+pkgrel=2
+pkgdesc="The MATE Settings daemon"
+arch=('i686' 'x86_64')
+license=('GPL')
+depends=('libmatekbd' 'mate-desktop' 'libmatenotify' 'gstreamer0.10-base' 'hicolor-icon-theme')
+makedepends=('intltool' 'pkgconfig')
+options=('!libtool')
+url="http://matsusoft.com.ar/projects/mate/"
+install=mate-settings-daemon.install
+groups=('mate')
+source=()
+sha256sums=()
+
+build() {
+ cd "$srcdir/../../../"
+ # Remove --disable-pulse if you want pulseaudio support
+ ./autogen.sh \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --libexecdir=/usr/lib/mate-settings-daemon \
+ --disable-static \
+ --disable-pulse \
+ --disable-schemas-install \
+ --enable-polkit || return 1
+ make || return 1
+}
+
+package() {
+ cd "${srcdir}/../../../"
+
+ make DESTDIR="${pkgdir}" MATECONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 install || return 1
+
+ install -d -m755 "${pkgdir}/usr/share/mateconf/schemas"
+ mateconf-merge-schema "${pkgdir}/usr/share/mateconf/schemas/${pkgname}.schemas" --domain ${pkgname} ${pkgdir}/etc/mateconf/schemas/*.schemas || return 1
+ rm -f ${pkgdir}/etc/mateconf/schemas/*.schemas
+}
diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf
--- a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-10-27 07:58:43.000000000 -0700
+++ b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-11-23 16:28:12.241937824 -0800
@@ -9,11 +9,13 @@
<policy user="root">
<allow own="org.mate.SettingsDaemon.DateTimeMechanism"/>
<allow send_destination="org.mate.SettingsDaemon.DateTimeMechanism"/>
+ <allow receive_sender="org.mate.SettingsDaemon.DateTimeMechanism"/>
</policy>
<!-- Allow anyone to invoke methods on the interfaces -->
<policy context="default">
<allow send_destination="org.mate.SettingsDaemon.DateTimeMechanism"/>
+ <allow receive_sender="org.mate.SettingsDaemon.DateTimeMechanism"/>
</policy>
</busconfig>

12
mate-settings-daemon.spec
View File

@ -1,6 +1,6 @@
Name: mate-settings-daemon
Version: 1.5.3
Release: 3%{?dist}
Release: 4%{?dist}
Summary: MATE Desktop settings daemon
License: GPLv2+
URL: http://mate-desktop.org
@ -24,6 +24,10 @@ BuildRequires: pkgconfig(gsettings-desktop-schemas)
Requires: gsettings-desktop-schemas
Requires: mate-icon-theme
#Fix CVE-2012-5560 and stop generating version specific libdirs
#https://github.com/mate-desktop/mate-settings-daemon/pull/22
Patch0: commit_rollup.patch
%description
MATE Desktop settings daemon
@ -36,6 +40,7 @@ Development files for mate-settings-daemon
%prep
%setup -q
%patch0 -p1 -b .commit_rollup.patch
NOCONFIGURE=1 ./autogen.sh
@ -77,7 +82,7 @@ fi
%doc AUTHORS COPYING README
%config %{_sysconfdir}/dbus-1/system.d/org.mate.SettingsDaemon.DateTimeMechanism.conf
%config %{_sysconfdir}/xdg/autostart/mate-settings-daemon.desktop
%{_libdir}/mate-settings-daemon-*/
%{_libdir}/mate-settings-daemon
%{_libexecdir}/mate-settings-daemon
%{_libexecdir}/msd-datetime-mechanism
%{_libexecdir}/msd-locate-pointer
@ -94,6 +99,9 @@ fi
%changelog
* Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-4
- stop generating version specific libdirs for plugins and fix CVE-2012-5560
* Thu Nov 22 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-3
- fix build failures