diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2020-01-23 22:57:16 +0100 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2020-01-23 22:57:16 +0100 |
| commit | db0e9fe42c419c8c8010dbad6080ed66028c03ec (patch) | |
| tree | 514a0d8fe5465db9a950ac20579e5d3e37bc385b /gnu/packages/patches | |
| parent | 43190ac64c5181841d68beade4d19e792f4f38a2 (diff) | |
| parent | 82a2bd3a4ee09c04b51b948f1e952402d6a26f88 (diff) | |
| download | guix-db0e9fe42c419c8c8010dbad6080ed66028c03ec.tar.gz | |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
| -rw-r--r-- | gnu/packages/patches/libmemcached-build-with-gcc7.patch | 28 | ||||
| -rw-r--r-- | gnu/packages/patches/libvnc-CVE-2018-20750.patch | 44 | ||||
| -rw-r--r-- | gnu/packages/patches/libvnc-CVE-2019-15681.patch | 23 | ||||
| -rw-r--r-- | gnu/packages/patches/mes-remove-store-name.patch | 121 | ||||
| -rw-r--r-- | gnu/packages/patches/udiskie-no-appindicator.patch | 72 |
5 files changed, 131 insertions, 157 deletions
diff --git a/gnu/packages/patches/libmemcached-build-with-gcc7.patch b/gnu/packages/patches/libmemcached-build-with-gcc7.patch new file mode 100644 index 0000000000..51e319d2c0 --- /dev/null +++ b/gnu/packages/patches/libmemcached-build-with-gcc7.patch @@ -0,0 +1,28 @@ +Author: Tobias Geerinckx-Rice <me@tobias.gr> +Date: Wed 22 Jan 22:58:13 CET 2020 +Subject: gnu: memcached: Fix build with GCC 7. + +Taken verbating from this bug report: +<https://bugs.launchpad.net/libmemcached/+bug/1663985>. + +diff -up ./clients/memflush.cc.old ./clients/memflush.cc +--- ./clients/memflush.cc.old 2017-02-12 10:12:59.615209225 +0100 ++++ ./clients/memflush.cc 2017-02-12 10:13:39.998382783 +0100 +@@ -39,7 +39,7 @@ int main(int argc, char *argv[]) + { + options_parse(argc, argv); + +- if (opt_servers == false) ++ if (!opt_servers) + { + char *temp; + +@@ -48,7 +48,7 @@ int main(int argc, char *argv[]) + opt_servers= strdup(temp); + } + +- if (opt_servers == false) ++ if (!opt_servers) + { + std::cerr << "No Servers provided" << std::endl; + exit(EXIT_FAILURE); diff --git a/gnu/packages/patches/libvnc-CVE-2018-20750.patch b/gnu/packages/patches/libvnc-CVE-2018-20750.patch new file mode 100644 index 0000000000..146243670a --- /dev/null +++ b/gnu/packages/patches/libvnc-CVE-2018-20750.patch @@ -0,0 +1,44 @@ +From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> +Date: Mon, 7 Jan 2019 10:40:01 +0100 +Subject: [PATCH] Limit lenght to INT_MAX bytes in + rfbProcessFileTransferReadBuffer() + +This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap +out-of-bound write access in rfbProcessFileTransferReadBuffer() when +reading a transfered file content in a server. The former fix did not +work on platforms with a 32-bit int type (expected by rfbReadExact()). + +CVE-2018-15127 +<https://github.com/LibVNC/libvncserver/issues/243> +<https://github.com/LibVNC/libvncserver/issues/273> +--- + libvncserver/rfbserver.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 7af84906..f2edbeea 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -88,6 +88,8 @@ + #include <errno.h> + /* strftime() */ + #include <time.h> ++/* INT_MAX */ ++#include <limits.h> + + #ifdef LIBVNCSERVER_WITH_WEBSOCKETS + #include "rfbssl.h" +@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) + 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF + will safely be allocated since this check will never trigger and malloc() can digest length+1 + without problems as length is a uint32_t. ++ We also later pass length to rfbReadExact() that expects a signed int type and ++ that might wrap on platforms with a 32-bit int type if length is bigger ++ than 0X7FFFFFFF. + */ +- if(length == SIZE_MAX) { ++ if(length == SIZE_MAX || length > INT_MAX) { + rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); + rfbCloseClient(cl); + return NULL; diff --git a/gnu/packages/patches/libvnc-CVE-2019-15681.patch b/gnu/packages/patches/libvnc-CVE-2019-15681.patch new file mode 100644 index 0000000000..e328d87920 --- /dev/null +++ b/gnu/packages/patches/libvnc-CVE-2019-15681.patch @@ -0,0 +1,23 @@ +From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 +From: Christian Beier <dontmind@freeshell.org> +Date: Mon, 19 Aug 2019 22:32:25 +0200 +Subject: [PATCH] rfbserver: don't leak stack memory to the remote + +Thanks go to Pavel Cheremushkin of Kaspersky for reporting. +--- + libvncserver/rfbserver.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 3bacc891..310e5487 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) + rfbServerCutTextMsg sct; + rfbClientIteratorPtr iterator; + ++ memset((char *)&sct, 0, sizeof(sct)); ++ + iterator = rfbGetClientIterator(rfbScreen); + while ((cl = rfbClientIteratorNext(iterator)) != NULL) { + sct.type = rfbServerCutText; diff --git a/gnu/packages/patches/mes-remove-store-name.patch b/gnu/packages/patches/mes-remove-store-name.patch deleted file mode 100644 index ad055c51f2..0000000000 --- a/gnu/packages/patches/mes-remove-store-name.patch +++ /dev/null @@ -1,121 +0,0 @@ -From d8f361705325cf91fc6c2ec84f281cdcd6bfa8b1 Mon Sep 17 00:00:00 2001 -From: Jan Nieuwenhuizen <janneke@gnu.org> -Date: Tue, 3 Dec 2019 21:23:24 +0100 -Subject: [PATCH] core: Remove MES_PKGDATADIR. - -* configure: Do not add MES_PKGDATADIR to config.h. -* configure.sh: Likewise. -* simple.sh: Likewise. -* src/mes.c (open_boot): Do not use MES_PKGDATADIR; rely on -MES_PREFIX or cwd. ---- - configure | 1 - - configure.sh | 1 - - simple.sh | 2 -- - src/mes.c | 13 ------------- - 4 files changed, 17 deletions(-) - -diff --git a/configure b/configure -index 8edb2ce7b..12d8323f2 100755 ---- a/configure -+++ b/configure -@@ -666,7 +666,6 @@ See \"Porting GNU Mes\" in the manual, or try --with-courage\n" mes-system) - ")) - (display (string-append " - #define MES_VERSION \"" VERSION "\" --#define MES_PKGDATADIR \"" pkgdatadir "\" - "))))) - (substitute (string-append srcdest "build-aux/config.make.in") pairs #:target ".config.make")) - -diff --git a/configure.sh b/configure.sh -index 947ddd851..0139cbc36 100755 ---- a/configure.sh -+++ b/configure.sh -@@ -244,7 +244,6 @@ EOF - fi - cat >> include/mes/config.h <<EOF - #define MES_VERSION "$VERSION" --#define MES_PKGDATADIR "$pkgdatadir" - EOF - - cat <<EOF -diff --git a/simple.sh b/simple.sh -index db6950354..b54398a59 100755 ---- a/simple.sh -+++ b/simple.sh -@@ -33,7 +33,6 @@ mes_bits=64 - cat > include/mes/config.h <<EOF - #define SYSTEM_LIBC 1 - #define MES_VERSION "git" --#define MES_PKGDATADIR "/usr/local/share/mes" - EOF - - ## Build ## -@@ -126,7 +125,6 @@ mes_cpu=x86_64 - cat > include/mes/config.h <<EOF - // #define SYSTEM_LIBC 0 - #define MES_VERSION "git" --#define MES_PKGDATADIR "/usr/local/share/mes" - EOF - - ## Build ## -diff --git a/src/mes.c b/src/mes.c -index d9760fad6..a5e7f2b69 100644 ---- a/src/mes.c -+++ b/src/mes.c -@@ -1775,12 +1775,6 @@ open_boot () - char boot[1024]; - char file_name[1024]; - strcpy (g_datadir, "."); -- if (g_debug > 1) -- { -- eputs (";;; pkgdatadir="); -- eputs (MES_PKGDATADIR); -- eputs ("\n"); -- } - if (getenv ("MES_BOOT")) - strcpy (boot, getenv ("MES_BOOT")); - else -@@ -1801,13 +1795,6 @@ open_boot () - __stdin = try_open_boot (file_name, boot, "MES_PREFIX/share/mes"); - } - } -- if (__stdin < 0) -- { -- strcpy (g_datadir, MES_PKGDATADIR); -- strcpy (file_name, g_datadir); -- strcpy (file_name + strlen (file_name), "/module/mes/"); -- __stdin = try_open_boot (file_name, boot, "pkgdatadir"); -- } - if (__stdin < 0) - { - g_datadir[0] = 0; --- -2.24.0 - -commit 2f6fab05b3f09df02aba70c3e21d5fedb45dc567 -Author: Jan Nieuwenhuizen <janneke@gnu.org> -Date: Sun Nov 24 23:12:29 2019 +0100 - - core: Throw instead of segfault on non-existing input file. WIP. - - Reported by theruran. - - * src/posix.c (open_input_file): Call error instead of failing silently. - -diff --git a/src/posix.c b/src/posix.c -index 7ba2e9915..fd753232d 100644 ---- a/src/posix.c -+++ b/src/posix.c -@@ -188,7 +188,10 @@ current_input_port () - SCM - open_input_file (SCM file_name) - { -- return MAKE_NUMBER (mes_open (CSTRING (file_name), O_RDONLY, 0)); -+ int filedes = mes_open (CSTRING (file_name), O_RDONLY, 0); -+ if (filedes == -1) -+ error (cell_symbol_system_error, cons (MAKE_STRING0 ("No such file or directory"), file_name)); -+ return MAKE_NUMBER (filedes); - } - - SCM diff --git a/gnu/packages/patches/udiskie-no-appindicator.patch b/gnu/packages/patches/udiskie-no-appindicator.patch index c19099cdaa..df3efe104b 100644 --- a/gnu/packages/patches/udiskie-no-appindicator.patch +++ b/gnu/packages/patches/udiskie-no-appindicator.patch @@ -1,9 +1,9 @@ Remove the support for Unity's appindicator. -diff -Naur udiskie-1.7.7/completions/_udiskie udiskie-1.7.7a/completions/_udiskie ---- udiskie-1.7.7/completions/_udiskie 2019-02-17 18:28:58.000000000 +0100 -+++ udiskie-1.7.7a/completions/_udiskie 2019-10-29 14:21:04.556193639 +0100 -@@ -21,8 +21,6 @@ +diff -Naur udiskie-2.0.4/completions/zsh/_udiskie udiskie-2.0.4-new/completions/zsh/_udiskie +--- udiskie-2.0.4/completions/zsh/_udiskie 2020-01-21 01:12:40.000000000 +0100 ++++ udiskie-2.0.4-new/completions/zsh/_udiskie 2020-01-23 10:15:46.956141667 +0100 +@@ -18,8 +18,6 @@ '(-a)'{-A,--no-automount}"[disable automounting]" '(-N)'{-n,--notify}"[show popup notifications]" '(-n)'{-N,--no-notify}"[disable notifications]" @@ -12,14 +12,14 @@ diff -Naur udiskie-1.7.7/completions/_udiskie udiskie-1.7.7a/completions/_udiski '(-T -s)'{-t,--tray}"[show tray icon]" '(-T -t)'{-s,--smart-tray}"[auto hide tray icon]" '(-t -s)'{-T,--no-tray}"[disable tray icon]" -diff -Naur udiskie-1.7.7/doc/udiskie.8.txt udiskie-1.7.7a/doc/udiskie.8.txt ---- udiskie-1.7.7/doc/udiskie.8.txt 2019-02-17 18:28:58.000000000 +0100 -+++ udiskie-1.7.7a/doc/udiskie.8.txt 2019-10-29 14:21:52.304570344 +0100 -@@ -95,12 +95,6 @@ - *-F, \--no-file-manager*:: - Disable browsing. +diff -Naur udiskie-2.0.4/doc/udiskie.8.txt udiskie-2.0.4-new/doc/udiskie.8.txt +--- udiskie-2.0.4/doc/udiskie.8.txt 2020-01-21 01:12:40.000000000 +0100 ++++ udiskie-2.0.4-new/doc/udiskie.8.txt 2020-01-23 10:16:12.636290647 +0100 +@@ -92,12 +92,6 @@ + *--no-terminal*:: + Disable terminal action. --*-appindicator*:: +-*--appindicator*:: - Use AppIndicator3 for the status icon. Use this on Ubuntu/Unity if no icon is shown. - -*--no-appindicator*:: @@ -28,9 +28,9 @@ diff -Naur udiskie-1.7.7/doc/udiskie.8.txt udiskie-1.7.7a/doc/udiskie.8.txt *--password-cache MINUTES*:: Cache passwords for LUKS partitions and set the timeout. -diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindicator.py ---- udiskie-1.7.7/udiskie/appindicator.py 2019-02-17 18:28:58.000000000 +0100 -+++ udiskie-1.7.7a/udiskie/appindicator.py 1970-01-01 01:00:00.000000000 +0100 +diff -Naur udiskie-2.0.4/udiskie/appindicator.py udiskie-2.0.4-new/udiskie/appindicator.py +--- udiskie-2.0.4/udiskie/appindicator.py 2020-01-21 01:12:40.000000000 +0100 ++++ udiskie-2.0.4-new/udiskie/appindicator.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,61 +0,0 @@ -""" -Status icon using AppIndicator3. @@ -39,10 +39,10 @@ diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindic -from gi.repository import Gtk -from gi.repository import AppIndicator3 - --from udiskie.async_ import Async +-from .async_ import Future - - --class AppIndicatorIcon(object): +-class AppIndicatorIcon: - - """ - Show status icon using AppIndicator as backend. Replaces @@ -63,7 +63,7 @@ diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindic - dbusmenuserver = self._indicator.get_property('dbus-menu-server') - self._dbusmenuitem = dbusmenuserver.get_property('root-node') - self._conn = self._dbusmenuitem.connect('about-to-show', self._on_show) -- self.task = Async() +- self.task = Future() - menumaker._quit_action = self.destroy - # Populate menu initially, so libdbusmenu does not ignore the - # 'about-to-show': @@ -72,7 +72,7 @@ diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindic - def destroy(self): - self.show(False) - self._dbusmenuitem.disconnect(self._conn) -- self.task.callback() +- self.task.set_result(True) - - @property - def visible(self): @@ -93,10 +93,10 @@ diff -Naur udiskie-1.7.7/udiskie/appindicator.py udiskie-1.7.7a/udiskie/appindic - # repopulate: - self._maker(self._menu) - self._menu.show_all() -diff -Naur udiskie-1.7.7/udiskie/cli.py udiskie-1.7.7a/udiskie/cli.py ---- udiskie-1.7.7/udiskie/cli.py 2019-02-17 18:28:58.000000000 +0100 -+++ udiskie-1.7.7a/udiskie/cli.py 2019-10-29 14:18:22.678919186 +0100 -@@ -376,9 +376,6 @@ +diff -Naur udiskie-2.0.4/udiskie/cli.py udiskie-2.0.4-new/udiskie/cli.py +--- udiskie-2.0.4/udiskie/cli.py 2020-01-21 01:12:40.000000000 +0100 ++++ udiskie-2.0.4-new/udiskie/cli.py 2020-01-23 10:17:13.064810617 +0100 +@@ -287,9 +287,6 @@ -T, --no-tray Disable tray icon -m MENU, --menu MENU Tray menu [flat/nested] @@ -106,15 +106,15 @@ diff -Naur udiskie-1.7.7/udiskie/cli.py udiskie-1.7.7a/udiskie/cli.py --password-cache MINUTES Set password cache timeout --no-password-cache Disable password cache -@@ -400,7 +397,6 @@ +@@ -312,7 +309,6 @@ 'notify': True, 'tray': False, 'menu': 'flat', - 'appindicator': False, 'file_manager': 'xdg-open', + 'terminal': '', 'password_prompt': 'builtin:gui', - 'password_cache': False, -@@ -415,7 +411,6 @@ +@@ -328,7 +324,6 @@ '--no-tray': False, '--smart-tray': 'auto'}), 'menu': Value('--menu'), @@ -122,10 +122,10 @@ diff -Naur udiskie-1.7.7/udiskie/cli.py udiskie-1.7.7a/udiskie/cli.py 'file_manager': OptionalValue('--file-manager'), 'password_prompt': OptionalValue('--password-prompt'), 'password_cache': OptionalValue('--password-cache'), -@@ -541,11 +536,7 @@ - raise ValueError("Invalid menu: %s" % (options['menu'],)) +@@ -459,11 +454,7 @@ - menu_maker = udiskie.tray.UdiskieMenu(self, icons, actions, flat) + menu_maker = udiskie.tray.UdiskieMenu(self, icons, actions, flat, + config.quickmenu_actions) - if options['appindicator']: - import udiskie.appindicator - TrayIcon = udiskie.appindicator.AppIndicatorIcon @@ -135,10 +135,10 @@ diff -Naur udiskie-1.7.7/udiskie/cli.py udiskie-1.7.7a/udiskie/cli.py trayicon = TrayIcon(menu_maker, icons) return udiskie.tray.UdiskieStatusIcon(trayicon, menu_maker, smart) -diff -Naur udiskie-1.7.7/udiskie.egg-info/SOURCES.txt udiskie-1.7.7a/udiskie.egg-info/SOURCES.txt ---- udiskie-1.7.7/udiskie.egg-info/SOURCES.txt 2019-02-17 19:42:25.000000000 +0100 -+++ udiskie-1.7.7a/udiskie.egg-info/SOURCES.txt 2019-10-29 14:40:09.333315287 +0100 -@@ -24,7 +24,6 @@ +diff -Naur udiskie-2.0.4/udiskie.egg-info/SOURCES.txt udiskie-2.0.4-new/udiskie.egg-info/SOURCES.txt +--- udiskie-2.0.4/udiskie.egg-info/SOURCES.txt 2020-01-21 01:12:41.000000000 +0100 ++++ udiskie-2.0.4-new/udiskie.egg-info/SOURCES.txt 2020-01-23 10:17:50.657205798 +0100 +@@ -25,7 +25,6 @@ test/test_cache.py test/test_match.py udiskie/__init__.py @@ -146,10 +146,10 @@ diff -Naur udiskie-1.7.7/udiskie.egg-info/SOURCES.txt udiskie-1.7.7a/udiskie.egg udiskie/async_.py udiskie/automount.py udiskie/cache.py -@@ -46,4 +45,4 @@ - udiskie.egg-info/dependency_links.txt +@@ -47,4 +46,4 @@ udiskie.egg-info/entry_points.txt udiskie.egg-info/requires.txt --udiskie.egg-info/top_level.txt + udiskie.egg-info/top_level.txt +-udiskie.egg-info/zip-safe \ Pas de fin de ligne à la fin du fichier -+udiskie.egg-info/top_level.txt ++udiskie.egg-info/zip-safe |