[arch-commits] Commit in menu-cache/repos (6 files)
Balló György
bgyorgy at archlinux.org
Sun Jun 18 09:15:19 UTC 2017
Date: Sunday, June 18, 2017 @ 09:15:18
Author: bgyorgy
Revision: 238023
archrelease: copy trunk to community-i686, community-x86_64
Added:
menu-cache/repos/community-i686/Fix-CVE-2017-8933.patch
(from rev 238022, menu-cache/trunk/Fix-CVE-2017-8933.patch)
menu-cache/repos/community-i686/PKGBUILD
(from rev 238022, menu-cache/trunk/PKGBUILD)
menu-cache/repos/community-x86_64/Fix-CVE-2017-8933.patch
(from rev 238022, menu-cache/trunk/Fix-CVE-2017-8933.patch)
menu-cache/repos/community-x86_64/PKGBUILD
(from rev 238022, menu-cache/trunk/PKGBUILD)
Deleted:
menu-cache/repos/community-i686/PKGBUILD
menu-cache/repos/community-x86_64/PKGBUILD
------------------------------------------+
/PKGBUILD | 74 +++++++++++++++++++++++++++++
community-i686/Fix-CVE-2017-8933.patch | 71 +++++++++++++++++++++++++++
community-i686/PKGBUILD | 30 -----------
community-x86_64/Fix-CVE-2017-8933.patch | 71 +++++++++++++++++++++++++++
community-x86_64/PKGBUILD | 30 -----------
5 files changed, 216 insertions(+), 60 deletions(-)
Copied: menu-cache/repos/community-i686/Fix-CVE-2017-8933.patch (from rev 238022, menu-cache/trunk/Fix-CVE-2017-8933.patch)
===================================================================
--- community-i686/Fix-CVE-2017-8933.patch (rev 0)
+++ community-i686/Fix-CVE-2017-8933.patch 2017-06-18 09:15:18 UTC (rev 238023)
@@ -0,0 +1,71 @@
+From 56f66684592abf257c4004e6e1fff041c64a12ce Mon Sep 17 00:00:00 2001
+From: Andriy Grytsenko <andrej at rep.kiev.ua>
+Date: Sun, 14 May 2017 21:28:00 +0300
+Subject: [PATCH] Fix potential access violation, use runtime user dir instead
+ of tmp dir.
+
+Note: it limits libmenu-cache compatibility to menu-cached >= 0.7.0.
+---
+ NEWS | 3 +++
+ libmenu-cache/menu-cache.c | 7 ++++++-
+ menu-cache-daemon/menu-cached.c | 3 +++
+ 3 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/NEWS b/NEWS
+index f7f12e6..6177e9d 100644
+--- a/NEWS
++++ b/NEWS
+@@ -3,6 +3,9 @@
+ * Added new API menu_cache_app_get_generic_name() to get generic
+ name for application.
+
++* Fixed potential access violation, use runtime user dir instead of tmp dir.
++ It limits libmenu-cache compatibility to menu-cached >= 0.7.0.
++
+
+ Changes in 1.0.2 since 1.0.1:
+
+diff --git a/libmenu-cache/menu-cache.c b/libmenu-cache/menu-cache.c
+index 9e3e0db..d914127 100644
+--- a/libmenu-cache/menu-cache.c
++++ b/libmenu-cache/menu-cache.c
+@@ -3,7 +3,7 @@
+ *
+ * Copyright 2008 PCMan <pcman.tw at gmail.com>
+ * Copyright 2009 Jürgen Hötzel <juergen at archlinux.org>
+- * Copyright 2012-2015 Andriy Grytsenko (LStranger) <andrej at rep.kiev.ua>
++ * Copyright 2012-2017 Andriy Grytsenko (LStranger) <andrej at rep.kiev.ua>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -1538,8 +1538,13 @@ static void get_socket_name( char* buf, int len )
+ if(*p)
+ *p = '\0';
+ }
++#if GLIB_CHECK_VERSION(2, 28, 0)
++ g_snprintf( buf, len, "%s/menu-cached-%s", g_get_user_runtime_dir(),
++ dpy ? dpy : ":0" );
++#else
+ g_snprintf( buf, len, "%s/.menu-cached-%s-%s", g_get_tmp_dir(),
+ dpy ? dpy : ":0", g_get_user_name() );
++#endif
+ g_free(dpy);
+ }
+
+diff --git a/menu-cache-daemon/menu-cached.c b/menu-cache-daemon/menu-cached.c
+index a6895ee..c100484 100644
+--- a/menu-cache-daemon/menu-cached.c
++++ b/menu-cache-daemon/menu-cached.c
+@@ -473,6 +473,9 @@ static void get_socket_name( char* buf, int len )
+ if(*p)
+ *p = '\0';
+ }
++ /* NOTE: this socket name is incompatible with versions > 1.0.2,
++ although this function is never used since 0.7.0 but
++ libmenu-cache always requests exact socket name instead */
+ g_snprintf( buf, len, "%s/.menu-cached-%s-%s", g_get_tmp_dir(),
+ dpy ? dpy : ":0", g_get_user_name() );
+ g_free(dpy);
+--
+2.1.4
+
Deleted: community-i686/PKGBUILD
===================================================================
--- community-i686/PKGBUILD 2017-06-18 09:15:09 UTC (rev 238022)
+++ community-i686/PKGBUILD 2017-06-18 09:15:18 UTC (rev 238023)
@@ -1,30 +0,0 @@
-# $Id$
-# Maintainer: Balló György <ballogyor+arch at gmail dot com>
-# Contributor: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
-# Contributor: Angel Velasquez <angvp at archlinux.org>
-# Contributor: Juergen Hoetzel <juergen at archlinux.org>
-
-pkgname=menu-cache
-pkgver=1.0.2
-pkgrel=1
-pkgdesc='Caching mechanism for freedesktop.org compliant menus'
-arch=('i686' 'x86_64')
-license=('GPL2')
-url='http://lxde.org/'
-depends=('libfm-extra')
-makedepends=('gtk-doc')
-source=(https://downloads.sourceforge.net/lxde/$pkgname-$pkgver.tar.xz)
-sha256sums=('6f83edf2de34f83e701dcb52145d755250a5677580cd413476cc4d7f2d2012d5')
-
-build() {
- cd $pkgname-$pkgver
- ./configure --prefix=/usr --sysconfdir=/etc \
- --libexecdir=/usr/lib \
- --enable-gtk-doc
- make
-}
-
-package() {
- cd $pkgname-$pkgver
- make DESTDIR="$pkgdir" install
-}
Copied: menu-cache/repos/community-i686/PKGBUILD (from rev 238022, menu-cache/trunk/PKGBUILD)
===================================================================
--- community-i686/PKGBUILD (rev 0)
+++ community-i686/PKGBUILD 2017-06-18 09:15:18 UTC (rev 238023)
@@ -0,0 +1,37 @@
+# $Id$
+# Maintainer: Balló György <ballogyor+arch at gmail dot com>
+# Contributor: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
+# Contributor: Angel Velasquez <angvp at archlinux.org>
+# Contributor: Juergen Hoetzel <juergen at archlinux.org>
+
+pkgname=menu-cache
+pkgver=1.0.2
+pkgrel=2
+pkgdesc='Caching mechanism for freedesktop.org compliant menus'
+arch=('i686' 'x86_64')
+license=('GPL2')
+url='http://lxde.org/'
+depends=('libfm-extra')
+makedepends=('gtk-doc')
+source=(https://downloads.sourceforge.net/lxde/$pkgname-$pkgver.tar.xz
+ Fix-CVE-2017-8933.patch)
+sha256sums=('6f83edf2de34f83e701dcb52145d755250a5677580cd413476cc4d7f2d2012d5'
+ 'd0ee65717d07ae423bac48d0676989cec624674bdacd3619f5d9fcc64c9e5796')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../Fix-CVE-2017-8933.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr --sysconfdir=/etc \
+ --libexecdir=/usr/lib \
+ --enable-gtk-doc
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+}
Copied: menu-cache/repos/community-x86_64/Fix-CVE-2017-8933.patch (from rev 238022, menu-cache/trunk/Fix-CVE-2017-8933.patch)
===================================================================
--- community-x86_64/Fix-CVE-2017-8933.patch (rev 0)
+++ community-x86_64/Fix-CVE-2017-8933.patch 2017-06-18 09:15:18 UTC (rev 238023)
@@ -0,0 +1,71 @@
+From 56f66684592abf257c4004e6e1fff041c64a12ce Mon Sep 17 00:00:00 2001
+From: Andriy Grytsenko <andrej at rep.kiev.ua>
+Date: Sun, 14 May 2017 21:28:00 +0300
+Subject: [PATCH] Fix potential access violation, use runtime user dir instead
+ of tmp dir.
+
+Note: it limits libmenu-cache compatibility to menu-cached >= 0.7.0.
+---
+ NEWS | 3 +++
+ libmenu-cache/menu-cache.c | 7 ++++++-
+ menu-cache-daemon/menu-cached.c | 3 +++
+ 3 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/NEWS b/NEWS
+index f7f12e6..6177e9d 100644
+--- a/NEWS
++++ b/NEWS
+@@ -3,6 +3,9 @@
+ * Added new API menu_cache_app_get_generic_name() to get generic
+ name for application.
+
++* Fixed potential access violation, use runtime user dir instead of tmp dir.
++ It limits libmenu-cache compatibility to menu-cached >= 0.7.0.
++
+
+ Changes in 1.0.2 since 1.0.1:
+
+diff --git a/libmenu-cache/menu-cache.c b/libmenu-cache/menu-cache.c
+index 9e3e0db..d914127 100644
+--- a/libmenu-cache/menu-cache.c
++++ b/libmenu-cache/menu-cache.c
+@@ -3,7 +3,7 @@
+ *
+ * Copyright 2008 PCMan <pcman.tw at gmail.com>
+ * Copyright 2009 Jürgen Hötzel <juergen at archlinux.org>
+- * Copyright 2012-2015 Andriy Grytsenko (LStranger) <andrej at rep.kiev.ua>
++ * Copyright 2012-2017 Andriy Grytsenko (LStranger) <andrej at rep.kiev.ua>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -1538,8 +1538,13 @@ static void get_socket_name( char* buf, int len )
+ if(*p)
+ *p = '\0';
+ }
++#if GLIB_CHECK_VERSION(2, 28, 0)
++ g_snprintf( buf, len, "%s/menu-cached-%s", g_get_user_runtime_dir(),
++ dpy ? dpy : ":0" );
++#else
+ g_snprintf( buf, len, "%s/.menu-cached-%s-%s", g_get_tmp_dir(),
+ dpy ? dpy : ":0", g_get_user_name() );
++#endif
+ g_free(dpy);
+ }
+
+diff --git a/menu-cache-daemon/menu-cached.c b/menu-cache-daemon/menu-cached.c
+index a6895ee..c100484 100644
+--- a/menu-cache-daemon/menu-cached.c
++++ b/menu-cache-daemon/menu-cached.c
+@@ -473,6 +473,9 @@ static void get_socket_name( char* buf, int len )
+ if(*p)
+ *p = '\0';
+ }
++ /* NOTE: this socket name is incompatible with versions > 1.0.2,
++ although this function is never used since 0.7.0 but
++ libmenu-cache always requests exact socket name instead */
+ g_snprintf( buf, len, "%s/.menu-cached-%s-%s", g_get_tmp_dir(),
+ dpy ? dpy : ":0", g_get_user_name() );
+ g_free(dpy);
+--
+2.1.4
+
Deleted: community-x86_64/PKGBUILD
===================================================================
--- community-x86_64/PKGBUILD 2017-06-18 09:15:09 UTC (rev 238022)
+++ community-x86_64/PKGBUILD 2017-06-18 09:15:18 UTC (rev 238023)
@@ -1,30 +0,0 @@
-# $Id$
-# Maintainer: Balló György <ballogyor+arch at gmail dot com>
-# Contributor: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
-# Contributor: Angel Velasquez <angvp at archlinux.org>
-# Contributor: Juergen Hoetzel <juergen at archlinux.org>
-
-pkgname=menu-cache
-pkgver=1.0.2
-pkgrel=1
-pkgdesc='Caching mechanism for freedesktop.org compliant menus'
-arch=('i686' 'x86_64')
-license=('GPL2')
-url='http://lxde.org/'
-depends=('libfm-extra')
-makedepends=('gtk-doc')
-source=(https://downloads.sourceforge.net/lxde/$pkgname-$pkgver.tar.xz)
-sha256sums=('6f83edf2de34f83e701dcb52145d755250a5677580cd413476cc4d7f2d2012d5')
-
-build() {
- cd $pkgname-$pkgver
- ./configure --prefix=/usr --sysconfdir=/etc \
- --libexecdir=/usr/lib \
- --enable-gtk-doc
- make
-}
-
-package() {
- cd $pkgname-$pkgver
- make DESTDIR="$pkgdir" install
-}
Copied: menu-cache/repos/community-x86_64/PKGBUILD (from rev 238022, menu-cache/trunk/PKGBUILD)
===================================================================
--- community-x86_64/PKGBUILD (rev 0)
+++ community-x86_64/PKGBUILD 2017-06-18 09:15:18 UTC (rev 238023)
@@ -0,0 +1,37 @@
+# $Id$
+# Maintainer: Balló György <ballogyor+arch at gmail dot com>
+# Contributor: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
+# Contributor: Angel Velasquez <angvp at archlinux.org>
+# Contributor: Juergen Hoetzel <juergen at archlinux.org>
+
+pkgname=menu-cache
+pkgver=1.0.2
+pkgrel=2
+pkgdesc='Caching mechanism for freedesktop.org compliant menus'
+arch=('i686' 'x86_64')
+license=('GPL2')
+url='http://lxde.org/'
+depends=('libfm-extra')
+makedepends=('gtk-doc')
+source=(https://downloads.sourceforge.net/lxde/$pkgname-$pkgver.tar.xz
+ Fix-CVE-2017-8933.patch)
+sha256sums=('6f83edf2de34f83e701dcb52145d755250a5677580cd413476cc4d7f2d2012d5'
+ 'd0ee65717d07ae423bac48d0676989cec624674bdacd3619f5d9fcc64c9e5796')
+
+prepare() {
+ cd $pkgname-$pkgver
+ patch -Np1 -i ../Fix-CVE-2017-8933.patch
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure --prefix=/usr --sysconfdir=/etc \
+ --libexecdir=/usr/lib \
+ --enable-gtk-doc
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+ make DESTDIR="$pkgdir" install
+}
More information about the arch-commits
mailing list