summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2021-03-12 05:36:54 -0500
committerMark H Weaver <mhw@netris.org>2021-03-12 06:08:33 -0500
commit825cc7e0d4bc7f052831f905a92945678441fb55 (patch)
tree991d16068436748a9d7931ac70d118d9f36e2329 /gnu/packages/patches
parentdb7c3410d58a5730c0a4a33e94fa1a2b832fe20a (diff)
downloadguix-825cc7e0d4bc7f052831f905a92945678441fb55.tar.gz
gnu: gnome-shell: Fix CVE-2020-17489.
* gnu/packages/patches/gnome-shell-CVE-2020-17489.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Add patch.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/gnome-shell-CVE-2020-17489.patch46
1 files changed, 46 insertions, 0 deletions
diff --git a/gnu/packages/patches/gnome-shell-CVE-2020-17489.patch b/gnu/packages/patches/gnome-shell-CVE-2020-17489.patch
new file mode 100644
index 0000000000..4b7748950e
--- /dev/null
+++ b/gnu/packages/patches/gnome-shell-CVE-2020-17489.patch
@@ -0,0 +1,46 @@
+From 05b7aec747282f62212b605249d518280ff80059 Mon Sep 17 00:00:00 2001
+From: Ray Strode <rstrode@redhat.com>
+Date: Mon, 27 Jul 2020 10:58:22 -0400
+Subject: [PATCH] loginDialog: Reset auth prompt on vt switch before fade in
+
+At the moment, if a user switches to the login screen vt,
+the login screen fades in whatever was on screen prior, and
+then does a reset.
+
+It makes more sense to reset first, so we fade in what the
+user is going to interact with instead of what they interacted
+with before.
+
+Fixes: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997
+---
+ js/gdm/loginDialog.js | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/js/gdm/loginDialog.js b/js/gdm/loginDialog.js
+index c3f90dc58..6b35ebb16 100644
+--- a/js/gdm/loginDialog.js
++++ b/js/gdm/loginDialog.js
+@@ -920,16 +920,15 @@ var LoginDialog = GObject.registerClass({
+         if (this.opacity == 255 && this._authPrompt.verificationStatus == AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
+             return;
+ 
++        if (this._authPrompt.verificationStatus !== AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
++            this._authPrompt.reset();
++
+         this._bindOpacity();
+         this.ease({
+             opacity: 255,
+             duration: _FADE_ANIMATION_TIME,
+             mode: Clutter.AnimationMode.EASE_OUT_QUAD,
+-            onComplete: () => {
+-                if (this._authPrompt.verificationStatus != AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
+-                    this._authPrompt.reset();
+-                this._unbindOpacity();
+-            }
++            onComplete: () => this._unbindOpacity(),
+         });
+     }
+ 
+-- 
+2.30.1
+