summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorrennes <rennes@openmailbox.org>2017-05-02 22:46:56 -0500
committerLeo Famulari <leo@famulari.name>2017-05-05 16:12:01 -0400
commitcc3bc027ebbc924cc60fdcd8e7c8572bd0adf90c (patch)
tree31c3849205001d4047cddd6fbbf014c4efcbf626 /gnu/packages/patches
parentc39a54f431cc6ae61a09f8b06f3593939dd14c9b (diff)
downloadguix-cc3bc027ebbc924cc60fdcd8e7c8572bd0adf90c.tar.gz
gnu: gnome-shell: Fix CVE-2017-8288.
* gnu/packages/patches/gnome-shell-CVE-2017-8288.patch:	New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Use it.

Co-authored-by: Leo Famulari <leo@famulari.name>
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/gnome-shell-CVE-2017-8288.patch54
1 files changed, 54 insertions, 0 deletions
diff --git a/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch b/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch
new file mode 100644
index 0000000000..5d8e31563f
--- /dev/null
+++ b/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch
@@ -0,0 +1,54 @@
+Fix CVE-2017-8288:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8288
+http://seclists.org/oss-sec/2017/q2/136
+
+Patch copied from upstream source repository:
+
+https://git.gnome.org/browse/gnome-shell/commit/?id=ff425d1db7082e2755d2a405af53861552acf2a1
+
+From ff425d1db7082e2755d2a405af53861552acf2a1 Mon Sep 17 00:00:00 2001
+From: Emilio Pozuelo Monfort <pochu27@gmail.com>
+Date: Tue, 25 Apr 2017 17:27:42 +0200
+Subject: extensionSystem: handle reloading broken extensions
+
+Some extensions out there may fail to reload. When that happens,
+we need to catch any exceptions so that we don't leave things in
+a broken state that could lead to leaving extensions enabled in
+the screen shield.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=781728
+---
+ js/ui/extensionSystem.js | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/js/ui/extensionSystem.js b/js/ui/extensionSystem.js
+index a4dc29e..fc352b8 100644
+--- a/js/ui/extensionSystem.js
++++ b/js/ui/extensionSystem.js
+@@ -282,12 +282,20 @@ function _onVersionValidationChanged() {
+     // temporarily disable them all
+     enabledExtensions = [];
+     for (let uuid in ExtensionUtils.extensions)
+-        reloadExtension(ExtensionUtils.extensions[uuid]);
++        try {
++            reloadExtension(ExtensionUtils.extensions[uuid]);
++        } catch(e) {
++            logExtensionError(uuid, e);
++        }
+     enabledExtensions = getEnabledExtensions();
+ 
+     if (Main.sessionMode.allowExtensions) {
+         enabledExtensions.forEach(function(uuid) {
+-            enableExtension(uuid);
++            try {
++                enableExtension(uuid);
++            } catch(e) {
++                logExtensionError(uuid, e);
++            }
+         });
+     }
+ }
+-- 
+cgit v0.12
+