REALLY fix CVE-2012-5560

This commit is contained in:
Dan Mashal 2012-11-24 08:52:33 -08:00
parent b2d3195c8a
commit ec3bda847d
2 changed files with 22 additions and 5 deletions

View File

@ -1,6 +1,6 @@
diff -uNrp a/configure.ac b/configure.ac diff -uNrp a/configure.ac b/configure.ac
--- a/configure.ac 2012-10-27 07:58:47.000000000 -0700 --- a/configure.ac 2012-10-27 07:58:47.000000000 -0700
+++ b/configure.ac 2012-11-23 16:26:42.388325974 -0800 +++ b/configure.ac 2012-11-24 08:47:43.106193262 -0800
@@ -394,7 +394,7 @@ fi @@ -394,7 +394,7 @@ fi
# Plugins # Plugins
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------
@ -12,7 +12,7 @@ diff -uNrp a/configure.ac b/configure.ac
dnl --------------------------------------------------------------------------- dnl ---------------------------------------------------------------------------
diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/mate-settings-daemon.install diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/mate-settings-daemon.install
--- a/distro/archlinux/mate-settings-daemon.install 1969-12-31 16:00:00.000000000 -0800 --- a/distro/archlinux/mate-settings-daemon.install 1969-12-31 16:00:00.000000000 -0800
+++ b/distro/archlinux/mate-settings-daemon.install 2012-11-23 16:26:42.389326115 -0800 +++ b/distro/archlinux/mate-settings-daemon.install 2012-11-24 08:47:43.108193538 -0800
@@ -0,0 +1,22 @@ @@ -0,0 +1,22 @@
+pkgname=mate-settings-daemon +pkgname=mate-settings-daemon
+ +
@ -38,7 +38,7 @@ diff -uNrp a/distro/archlinux/mate-settings-daemon.install b/distro/archlinux/ma
+} +}
diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD
--- a/distro/archlinux/PKGBUILD 1969-12-31 16:00:00.000000000 -0800 --- a/distro/archlinux/PKGBUILD 1969-12-31 16:00:00.000000000 -0800
+++ b/distro/archlinux/PKGBUILD 2012-11-23 16:26:42.389326115 -0800 +++ b/distro/archlinux/PKGBUILD 2012-11-24 08:47:43.108193538 -0800
@@ -0,0 +1,39 @@ @@ -0,0 +1,39 @@
+pkgname=mate-settings-daemon +pkgname=mate-settings-daemon
+pkgver=1.1.1 +pkgver=1.1.1
@ -81,7 +81,7 @@ diff -uNrp a/distro/archlinux/PKGBUILD b/distro/archlinux/PKGBUILD
+} +}
diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf
--- a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-10-27 07:58:43.000000000 -0700 --- a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-10-27 07:58:43.000000000 -0700
+++ b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-11-23 16:28:12.241937824 -0800 +++ b/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf 2012-11-24 08:47:43.114194366 -0800
@@ -9,11 +9,13 @@ @@ -9,11 +9,13 @@
<policy user="root"> <policy user="root">
<allow own="org.mate.SettingsDaemon.DateTimeMechanism"/> <allow own="org.mate.SettingsDaemon.DateTimeMechanism"/>
@ -96,3 +96,15 @@ diff -uNrp a/plugins/datetime/org.mate.SettingsDaemon.DateTimeMechanism.conf b/p
</policy> </policy>
</busconfig> </busconfig>
diff -uNrp a/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in b/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in
--- a/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in 2012-10-27 07:58:43.000000000 -0700
+++ b/plugins/datetime/org.mate.settingsdaemon.datetimemechanism.policy.in 2012-11-24 08:47:43.114194366 -0800
@@ -13,7 +13,7 @@
<_message>Privileges are required to change the system time zone.</_message>
<defaults>
<allow_inactive>no</allow_inactive>
- <allow_active>auth_self_keep</allow_active>
+ <allow_active>auth_admin_keep</allow_active>
</defaults>
</action>

View File

@ -1,6 +1,6 @@
Name: mate-settings-daemon Name: mate-settings-daemon
Version: 1.5.3 Version: 1.5.3
Release: 4%{?dist} Release: 5%{?dist}
Summary: MATE Desktop settings daemon Summary: MATE Desktop settings daemon
License: GPLv2+ License: GPLv2+
URL: http://mate-desktop.org URL: http://mate-desktop.org
@ -26,6 +26,7 @@ Requires: mate-icon-theme
#Fix CVE-2012-5560 and stop generating version specific libdirs #Fix CVE-2012-5560 and stop generating version specific libdirs
#https://github.com/mate-desktop/mate-settings-daemon/pull/22 #https://github.com/mate-desktop/mate-settings-daemon/pull/22
#Remove archlinux bits from configure.ac
Patch0: commit_rollup.patch Patch0: commit_rollup.patch
%description %description
@ -99,6 +100,10 @@ fi
%changelog %changelog
* Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-5
- Remove archlinux configure.ac bits.
- REALLY fix CVE-2012-5560
* Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-4 * Fri Nov 23 2012 Dan Mashal <dan.mashal@fedoraproject.org> - 1.5.3-4
- stop generating version specific libdirs for plugins and fix CVE-2012-5560 - stop generating version specific libdirs for plugins and fix CVE-2012-5560