From 81873eda4de508298031ddc1bd00ebe525651d0a Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Fri, 10 Aug 2018 21:40:17 +0200 Subject: gnu: libsoup: Update to 2.62.3. * gnu/packages/gnome.scm (libsoup): Update to 2.62.3. --- gnu/packages/gnome.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 9090d51a82..4ef96ffa50 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2455,7 +2455,7 @@ libxml to ease remote use of the RESTful API.") (define-public libsoup (package (name "libsoup") - (version "2.62.2") + (version "2.62.3") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/libsoup/" @@ -2463,7 +2463,7 @@ libxml to ease remote use of the RESTful API.") name "-" version ".tar.xz")) (sha256 (base32 - "1dkrz1iwsswscayfmjxqv2q00b87snlq9nxdccn5vck0vbinylwy")))) + "0whi8p03kpbp68kg6fg3vb7rhykjp7wn3nlbzy9j0p298zjss4nk")))) (build-system gnu-build-system) (outputs '("out" "doc")) (arguments -- cgit 1.4.1 From feccc81013c410494b68894aad75bd7d135f5525 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 14 Aug 2018 14:50:46 -0400 Subject: gnu: gdm: Fix CVE-2018-14424. * gnu/packages/patches/gdm-CVE-2018-14424.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (gdm): Use it. --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 1 + gnu/packages/patches/gdm-CVE-2018-14424.patch | 172 ++++++++++++++++++++++++++ 3 files changed, 174 insertions(+) create mode 100644 gnu/packages/patches/gdm-CVE-2018-14424.patch (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 15e7beac6e..f433da46e2 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -714,6 +714,7 @@ dist_patch_DATA = \ %D%/packages/patches/gd-CVE-2018-5711.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ %D%/packages/patches/gd-freetype-test-failure.patch \ + %D%/packages/patches/gdm-CVE-2018-14424.patch \ %D%/packages/patches/gemma-intel-compat.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 4ef96ffa50..fe26bc35cc 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -5305,6 +5305,7 @@ libxml2.") (uri (string-append "mirror://gnome/sources/" name "/" (version-major+minor version) "/" name "-" version ".tar.xz")) + (patches (search-patches "gdm-CVE-2018-14424.patch")) (sha256 (base32 "0mxdal6hh345xk2xqmw5192jgpprkbcv1d4bwmnl4arcc00cpp8p")))) diff --git a/gnu/packages/patches/gdm-CVE-2018-14424.patch b/gnu/packages/patches/gdm-CVE-2018-14424.patch new file mode 100644 index 0000000000..88a71f4151 --- /dev/null +++ b/gnu/packages/patches/gdm-CVE-2018-14424.patch @@ -0,0 +1,172 @@ +Fix CVE-2018-14424: + +https://gitlab.gnome.org/GNOME/gdm/issues/401 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14424 + +Patch copied from upstream source repository: + +https://gitlab.gnome.org/GNOME/gdm/commit/1ac1697b3b019f50729a6e992065959586e170da + +From 1ac1697b3b019f50729a6e992065959586e170da Mon Sep 17 00:00:00 2001 +From: Chris Coulson +Date: Thu, 19 Jul 2018 18:26:05 +0100 +Subject: [PATCH] display-store: Pass the display object rather than the id in + the removed signal + +By the time GdmDisplayStore emits the "display-removed" signal, the display +is no longer in the store and gdm_display_store_lookup will not work in +signal handlers. + +Change the "display-removed" parameter from the display id to the GdmDisplay +object, so that signal handers can perform any cleanup they need to do + +CVE-2018-14424 + +Closes: https://gitlab.gnome.org/GNOME/gdm/issues/401 +--- + daemon/gdm-display-store.c | 11 +++-------- + daemon/gdm-display-store.h | 2 +- + daemon/gdm-local-display-factory.c | 13 +++---------- + daemon/gdm-manager.c | 19 +++++++++---------- + daemon/gdm-manager.h | 3 ++- + 5 files changed, 18 insertions(+), 30 deletions(-) + +diff --git a/daemon/gdm-display-store.c b/daemon/gdm-display-store.c +index af76f519..fd24334e 100644 +--- a/daemon/gdm-display-store.c ++++ b/daemon/gdm-display-store.c +@@ -76,15 +76,10 @@ stored_display_new (GdmDisplayStore *store, + static void + stored_display_free (StoredDisplay *stored_display) + { +- char *id; +- +- gdm_display_get_id (stored_display->display, &id, NULL); +- + g_signal_emit (G_OBJECT (stored_display->store), + signals[DISPLAY_REMOVED], + 0, +- id); +- g_free (id); ++ stored_display->display); + + g_debug ("GdmDisplayStore: Unreffing display: %p", + stored_display->display); +@@ -281,9 +276,9 @@ gdm_display_store_class_init (GdmDisplayStoreClass *klass) + G_STRUCT_OFFSET (GdmDisplayStoreClass, display_removed), + NULL, + NULL, +- g_cclosure_marshal_VOID__STRING, ++ g_cclosure_marshal_VOID__OBJECT, + G_TYPE_NONE, +- 1, G_TYPE_STRING); ++ 1, G_TYPE_OBJECT); + + g_type_class_add_private (klass, sizeof (GdmDisplayStorePrivate)); + } +diff --git a/daemon/gdm-display-store.h b/daemon/gdm-display-store.h +index 28359933..0aff8ee2 100644 +--- a/daemon/gdm-display-store.h ++++ b/daemon/gdm-display-store.h +@@ -49,7 +49,7 @@ typedef struct + void (* display_added) (GdmDisplayStore *display_store, + const char *id); + void (* display_removed) (GdmDisplayStore *display_store, +- const char *id); ++ GdmDisplay *display); + } GdmDisplayStoreClass; + + typedef enum +diff --git a/daemon/gdm-local-display-factory.c b/daemon/gdm-local-display-factory.c +index 5f1ae89e..39f3e30a 100644 +--- a/daemon/gdm-local-display-factory.c ++++ b/daemon/gdm-local-display-factory.c +@@ -805,18 +805,11 @@ on_display_added (GdmDisplayStore *display_store, + + static void + on_display_removed (GdmDisplayStore *display_store, +- const char *id, ++ GdmDisplay *display, + GdmLocalDisplayFactory *factory) + { +- GdmDisplay *display; +- +- display = gdm_display_store_lookup (display_store, id); +- +- if (display != NULL) { +- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); +- g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); +- +- } ++ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); ++ g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); + } + + static gboolean +diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c +index f17bd1a5..f6684a8b 100644 +--- a/daemon/gdm-manager.c ++++ b/daemon/gdm-manager.c +@@ -1541,19 +1541,18 @@ on_display_status_changed (GdmDisplay *display, + + static void + on_display_removed (GdmDisplayStore *display_store, +- const char *id, ++ GdmDisplay *display, + GdmManager *manager) + { +- GdmDisplay *display; ++ char *id; + +- display = gdm_display_store_lookup (display_store, id); +- if (display != NULL) { +- g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); ++ gdm_display_get_id (display, &id, NULL); ++ g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); ++ g_free (id); + +- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); ++ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); + +- g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, id); +- } ++ g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, display); + } + + static void +@@ -2535,9 +2534,9 @@ gdm_manager_class_init (GdmManagerClass *klass) + G_STRUCT_OFFSET (GdmManagerClass, display_removed), + NULL, + NULL, +- g_cclosure_marshal_VOID__STRING, ++ g_cclosure_marshal_VOID__OBJECT, + G_TYPE_NONE, +- 1, G_TYPE_STRING); ++ 1, G_TYPE_OBJECT); + + g_object_class_install_property (object_class, + PROP_XDMCP_ENABLED, +diff --git a/daemon/gdm-manager.h b/daemon/gdm-manager.h +index 41c68a7a..c8fb3f22 100644 +--- a/daemon/gdm-manager.h ++++ b/daemon/gdm-manager.h +@@ -24,6 +24,7 @@ + + #include + ++#include "gdm-display.h" + #include "gdm-manager-glue.h" + + G_BEGIN_DECLS +@@ -50,7 +51,7 @@ typedef struct + void (* display_added) (GdmManager *manager, + const char *id); + void (* display_removed) (GdmManager *manager, +- const char *id); ++ GdmDisplay *display); + } GdmManagerClass; + + typedef enum +-- +2.17.1 + -- cgit 1.4.1 From 24d6cc1d59fa9a4e6ead491d9db27bac99e8081b Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 17 Aug 2018 11:23:11 +0200 Subject: gnu: Use HTTPS for gtk.org. * gnu/packages/gimp.scm (babl)[source]: Use HTTPS for ftp.gtk.org. * gnu/packages/gnome.scm (rest)[home-page]: Use HTTPS for www.gtk.org. * gnu/packages/gtk.scm (gtk+-2, gtk-doc)[home-page]: Likewise. --- gnu/packages/gimp.scm | 2 +- gnu/packages/gnome.scm | 2 +- gnu/packages/gtk.scm | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm index feb67318df..766fd03dcd 100644 --- a/gnu/packages/gimp.scm +++ b/gnu/packages/gimp.scm @@ -54,7 +54,7 @@ (uri (list (string-append "https://download.gimp.org/pub/babl/" (version-major+minor version) "/babl-" version ".tar.bz2") - (string-append "http://ftp.gtk.org/pub/babl/" + (string-append "https://ftp.gtk.org/pub/babl/" (version-major+minor version) "/babl-" version ".tar.bz2") (string-append "ftp://ftp.gtk.org/pub/babl/" diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index fe26bc35cc..c87df98613 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -2444,7 +2444,7 @@ library.") `(("glib" ,glib) ("libsoup" ,libsoup) ("libxml2" ,libxml2))) - (home-page "http://www.gtk.org/") + (home-page "https://www.gtk.org/") (synopsis "RESTful web api query library") (description "This library was designed to make it easier to access web services that diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 429b0579c8..8b11e3fb1f 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -664,7 +664,7 @@ graphical user interfaces. Offering a complete set of widgets, GTK+ is suitable for projects ranging from small one-off tools to complete application suites.") (license license:lgpl2.0+) - (home-page "http://www.gtk.org/"))) + (home-page "https://www.gtk.org/"))) (define-public gtk+ (package (inherit gtk+-2) @@ -1492,7 +1492,7 @@ information.") ("source-highlight" ,source-highlight) ("glib" ,glib) ("python-six" ,python-six))) - (home-page "http://www.gtk.org/gtk-doc/") + (home-page "https://www.gtk.org/gtk-doc/") (synopsis "Documentation generator from C source code") (description "GTK-Doc generates API documentation from comments added to C code. It is -- cgit 1.4.1 From b98eace814cfdde9e8632e0556761a910d6c8e6b Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Fri, 17 Aug 2018 12:21:48 +0100 Subject: gnu: lollypop: Update to 0.9.521. * gnu/packages/gnome.scm (lollypop)[version]: Update to 0.9.521. [source]: Change the URL, as the project has moved on gitlab.gnome.org. Update the uri and sha256. [home-page]: Change to wiki.gnome.org as the previous URL 404's. --- gnu/packages/gnome.scm | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index c87df98613..40173d4616 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -7034,16 +7034,16 @@ views can be printed as PDF or PostScript files, or exported to HTML.") (define-public lollypop (package (name "lollypop") - (version "0.9.306") + (version "0.9.521") (source (origin (method url-fetch) - (uri (string-append "https://gitlab.gnome.org/gnumdk/lollypop/uploads/" - "b769805b7063ef9807e4e832e7e87ad2/" + (uri (string-append "https://gitlab.gnome.org/World/lollypop/uploads/" + "e4df2ed75c5ed71d64afcc668e579b2a/" name "-" version ".tar.xz")) (sha256 (base32 - "0c49v6793bywvh295xbii9yq21hh3qpmxwbgp9i71kj6r9grvhan")))) + "0knsqh24siyw98vmiq6b1hzq4y4cazs9f1hq1js9c96hqqj9rvdx")))) (build-system meson-build-system) (arguments `(#:imported-modules ((guix build python-build-system) @@ -7086,7 +7086,7 @@ views can be printed as PDF or PostScript files, or exported to HTML.") ;; the others are required to play streaming. ("gst-plugins-good" ,gst-plugins-good) ("gst-plugins-ugly" ,gst-plugins-ugly))) - (home-page "https://gnumdk.github.io/lollypop-web") + (home-page "https://wiki.gnome.org/Apps/Lollypop") (synopsis "GNOME music playing application") (description "Lollypop is a music player designed to play well with GNOME desktop. -- cgit 1.4.1 From 16b1effb5f5bc0f2e1ca7fe5379e1f681c243fd2 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sun, 19 Aug 2018 15:36:23 +0200 Subject: gnu: libgsf: Update to 1.14.44. * gnu/packages/gnome.scm (libgsf): Update to 1.14.44. --- gnu/packages/gnome.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 8459bf9ac1..040fd923ce 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -1176,7 +1176,7 @@ XML/CSS rendering engine.") (define-public libgsf (package (name "libgsf") - (version "1.14.43") + (version "1.14.44") (source (origin (method url-fetch) (uri (string-append "mirror://gnome/sources/" name "/" @@ -1184,7 +1184,7 @@ XML/CSS rendering engine.") name "-" version ".tar.xz")) (sha256 (base32 - "05pf3h0dha3s20ddsrljbx7m94qyiqs5igwxx1ql0vlsdlylx50j")))) + "1ppzfk3zmmgrg9jh8vc4dacddbfngjslq2wpj94pcr3i0c8dxgk8")))) (build-system gnu-build-system) (native-inputs `(("intltool" ,intltool) -- cgit 1.4.1 From c85626bb0f614b96074393376bebfb9a0c6d7903 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Mon, 20 Aug 2018 12:58:34 +0200 Subject: gnu: xpad: Update to 5.1.0. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/gnome.scm (xpad): Update to 5.1.0. [arguments]: Remove obsolete ‘run-autogen’ phase. --- gnu/packages/gnome.scm | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'gnu/packages/gnome.scm') diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index f842c4bc79..13eb41e055 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -6708,7 +6708,7 @@ is suitable as a default application in a Desktop environment.") (define-public xpad (package (name "xpad") - (version "5.0.0") + (version "5.1.0") (source (origin (method url-fetch) @@ -6717,14 +6717,8 @@ is suitable as a default application in a Desktop environment.") name "-" version ".tar.bz2")) (sha256 (base32 - "02yikxg6z9bwla09ka001ppjlpbv5kbza3za9asazm5aiz376mkb")))) + "0l0g5x8g6dwhf5ksnqqrjjsycy57kcvdslkmsr6bl3vrsjd7qml3")))) (build-system gnu-build-system) - (arguments - `(#:phases - (modify-phases %standard-phases - (add-after 'unpack 'run-autogen - (lambda _ - (system* "sh" "autogen.sh")))))) (native-inputs `(("autoconf" ,autoconf) ("automake" ,automake) -- cgit 1.4.1