REALLY fix CVE-2012-5560

2012-11-24 08:52:33 -08:00 · 2012-11-24 08:52:33 -08:00 · ec3bda847d
commit ec3bda847d
parent b2d3195c8a
2 changed files with 22 additions and 5 deletions
--- a/commit_rollup.patch
+++ b/commit_rollup.patch
@ -1,6 +1,6 @@
 diff -uNrp a/configure.ac b/configure.ac
 --- a/configure.ac	2012-10-27 07:58:47.000000000 -0700
-+++ b/configure.ac	2012-11-23 16:26:42.388325974 -0800
+++ b/configure.ac	2012-11-24 08:47:43.106193262 -0800
@@ -394,7 +394,7 @@ fi
 # Plugins
 # ---------------------------------------------------------------------------
@ -12,7 +12,7 @@ diff -uNrp a/configure.ac b/configure.ac
 dnl ---------------------------------------------------------------------------
 diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/mate-settings-daemon.install
 --- a/distro/archlinux/mate-settings-daemon.install	1969-12-31 16:00:00.000000000 -0800
-+++ b/distro/archlinux/mate-settings-daemon.install	2012-11-23 16:26:42.389326115 -0800
+++ b/distro/archlinux/mate-settings-daemon.install	2012-11-24 08:47:43.108193538 -0800
@@ -0,0 +1,22 @@
 +pkgname=mate-settings-daemon
 +
@ -38,7 +38,7 @@ diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/ma
 +}
 diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD
 --- a/distro/archlinux/PKGBUILD	1969-12-31 16:00:00.000000000 -0800
-+++ b/distro/archlinux/PKGBUILD	2012-11-23 16:26:42.389326115 -0800
+++ b/distro/archlinux/PKGBUILD	2012-11-24 08:47:43.108193538 -0800
@@ -0,0 +1,39 @@
 +pkgname=mate-settings-daemon
 +pkgver=1.1.1
@ -81,7 +81,7 @@ diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD
 +}
 diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf
 --- a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf	2012-10-27 07:58:43.000000000 -0700
-+++ b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf	2012-11-23 16:28:12.241937824 -0800
+++ b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf	2012-11-24 08:47:43.114194366 -0800
@@ -9,11 +9,13 @@
   <policy user="root">
     <allow own="org.mate.SettingsDaemon.DateTimeMechanism"/>
@ -96,3 +96,15 @@ diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/p
   </policy>
 
 </busconfig>
+diff -uNrp a/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in b/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in
+--- a/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in	2012-10-27 07:58:43.000000000 -0700
+++ b/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in	2012-11-24 08:47:43.114194366 -0800
+@@ -13,7 +13,7 @@
+     <_message>Privileges are required to change the system time zone.</_message>
+     <defaults>
+       <allow_inactive>no</allow_inactive>
+-      <allow_active>auth_self_keep</allow_active>
+      <allow_active>auth_admin_keep</allow_active>
+     </defaults>
+   </action>
+ 
--- a/mate-settings-daemon.spec
+++ b/mate-settings-daemon.spec
@ -1,6 +1,6 @@
 Name:           mate-settings-daemon
 Version:        1.5.3
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        MATE Desktop settings daemon
 License:        GPLv2+
 URL:            http://mate-desktop.org
@ -26,6 +26,7 @@ Requires: mate-icon-theme

 #Fix CVE-2012-5560 and stop generating version specific libdirs
 #https://github.com/mate-desktop/mate-settings-daemon/pull/22
+#Remove archlinux bits from configure.ac
 Patch0: commit_rollup.patch

 %description
@ -99,6 +100,10 @@ fi


 %changelog
+* Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-5
+- Remove archlinux configure.ac bits.
+- REALLY fix CVE-2012-5560
+
 * Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-4
 - stop generating version specific libdirs for plugins and fix CVE-2012-5560