From 17adafae4d08146721f40cf345a0ba5a8028e30efde042734af39128fdc9643b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Lie?= Date: Fri, 17 Aug 2018 09:43:57 +0000 Subject: [PATCH] Accepting request 629605 from home:luc14n0:branches:GNOME:Factory Update to 3.28.3 OBS-URL: https://build.opensuse.org/request/show/629605 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gdm?expand=0&rev=410 --- gdm-3.28.2.tar.xz | 3 - gdm-3.28.3.tar.xz | 3 + gdm-CVE-2018-14424.patch | 163 ------------------ ...able-wayland-on-unsupported-chipsets.patch | 26 +-- gdm.changes | 17 ++ gdm.spec | 43 +++-- 6 files changed, 54 insertions(+), 201 deletions(-) delete mode 100644 gdm-3.28.2.tar.xz create mode 100644 gdm-3.28.3.tar.xz delete mode 100644 gdm-CVE-2018-14424.patch diff --git a/gdm-3.28.2.tar.xz b/gdm-3.28.2.tar.xz deleted file mode 100644 index f9260ae..0000000 --- a/gdm-3.28.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:6041a07fbbd28f6e55a15abea6fb650c8ab6988df557da320bd6983e4009b571 -size 1122352 diff --git a/gdm-3.28.3.tar.xz b/gdm-3.28.3.tar.xz new file mode 100644 index 0000000..3a6a85c --- /dev/null +++ b/gdm-3.28.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:08d962684511e5793b791ccfd9ab45b7e5676c478f259f20cf4831dfc465a189 +size 1132896 diff --git a/gdm-CVE-2018-14424.patch b/gdm-CVE-2018-14424.patch deleted file mode 100644 index 2c32e7e..0000000 --- a/gdm-CVE-2018-14424.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 1ac1697b3b019f50729a6e992065959586e170da Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Thu, 19 Jul 2018 18:26:05 +0100 -Subject: [PATCH] display-store: Pass the display object rather than the id in - the removed signal - -By the time GdmDisplayStore emits the "display-removed" signal, the display -is no longer in the store and gdm_display_store_lookup will not work in -signal handlers. - -Change the "display-removed" parameter from the display id to the GdmDisplay -object, so that signal handers can perform any cleanup they need to do - -CVE-2018-14424 - -Closes: https://gitlab.gnome.org/GNOME/gdm/issues/401 ---- - daemon/gdm-display-store.c | 11 +++-------- - daemon/gdm-display-store.h | 2 +- - daemon/gdm-local-display-factory.c | 13 +++---------- - daemon/gdm-manager.c | 19 +++++++++---------- - daemon/gdm-manager.h | 3 ++- - 5 files changed, 18 insertions(+), 30 deletions(-) - -diff --git a/daemon/gdm-display-store.c b/daemon/gdm-display-store.c -index af76f519..fd24334e 100644 ---- a/daemon/gdm-display-store.c -+++ b/daemon/gdm-display-store.c -@@ -76,15 +76,10 @@ stored_display_new (GdmDisplayStore *store, - static void - stored_display_free (StoredDisplay *stored_display) - { -- char *id; -- -- gdm_display_get_id (stored_display->display, &id, NULL); -- - g_signal_emit (G_OBJECT (stored_display->store), - signals[DISPLAY_REMOVED], - 0, -- id); -- g_free (id); -+ stored_display->display); - - g_debug ("GdmDisplayStore: Unreffing display: %p", - stored_display->display); -@@ -281,9 +276,9 @@ gdm_display_store_class_init (GdmDisplayStoreClass *klass) - G_STRUCT_OFFSET (GdmDisplayStoreClass, display_removed), - NULL, - NULL, -- g_cclosure_marshal_VOID__STRING, -+ g_cclosure_marshal_VOID__OBJECT, - G_TYPE_NONE, -- 1, G_TYPE_STRING); -+ 1, G_TYPE_OBJECT); - - g_type_class_add_private (klass, sizeof (GdmDisplayStorePrivate)); - } -diff --git a/daemon/gdm-display-store.h b/daemon/gdm-display-store.h -index 28359933..0aff8ee2 100644 ---- a/daemon/gdm-display-store.h -+++ b/daemon/gdm-display-store.h -@@ -49,7 +49,7 @@ typedef struct - void (* display_added) (GdmDisplayStore *display_store, - const char *id); - void (* display_removed) (GdmDisplayStore *display_store, -- const char *id); -+ GdmDisplay *display); - } GdmDisplayStoreClass; - - typedef enum -diff --git a/daemon/gdm-local-display-factory.c b/daemon/gdm-local-display-factory.c -index 5f1ae89e..39f3e30a 100644 ---- a/daemon/gdm-local-display-factory.c -+++ b/daemon/gdm-local-display-factory.c -@@ -805,18 +805,11 @@ on_display_added (GdmDisplayStore *display_store, - - static void - on_display_removed (GdmDisplayStore *display_store, -- const char *id, -+ GdmDisplay *display, - GdmLocalDisplayFactory *factory) - { -- GdmDisplay *display; -- -- display = gdm_display_store_lookup (display_store, id); -- -- if (display != NULL) { -- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); -- g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); -- -- } -+ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), factory); -+ g_object_weak_unref (G_OBJECT (display), (GWeakNotify)on_display_disposed, factory); - } - - static gboolean -diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c -index f17bd1a5..f6684a8b 100644 ---- a/daemon/gdm-manager.c -+++ b/daemon/gdm-manager.c -@@ -1541,19 +1541,18 @@ on_display_status_changed (GdmDisplay *display, - - static void - on_display_removed (GdmDisplayStore *display_store, -- const char *id, -+ GdmDisplay *display, - GdmManager *manager) - { -- GdmDisplay *display; -+ char *id; - -- display = gdm_display_store_lookup (display_store, id); -- if (display != NULL) { -- g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); -+ gdm_display_get_id (display, &id, NULL); -+ g_dbus_object_manager_server_unexport (manager->priv->object_manager, id); -+ g_free (id); - -- g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); -+ g_signal_handlers_disconnect_by_func (display, G_CALLBACK (on_display_status_changed), manager); - -- g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, id); -- } -+ g_signal_emit (manager, signals[DISPLAY_REMOVED], 0, display); - } - - static void -@@ -2535,9 +2534,9 @@ gdm_manager_class_init (GdmManagerClass *klass) - G_STRUCT_OFFSET (GdmManagerClass, display_removed), - NULL, - NULL, -- g_cclosure_marshal_VOID__STRING, -+ g_cclosure_marshal_VOID__OBJECT, - G_TYPE_NONE, -- 1, G_TYPE_STRING); -+ 1, G_TYPE_OBJECT); - - g_object_class_install_property (object_class, - PROP_XDMCP_ENABLED, -diff --git a/daemon/gdm-manager.h b/daemon/gdm-manager.h -index 41c68a7a..c8fb3f22 100644 ---- a/daemon/gdm-manager.h -+++ b/daemon/gdm-manager.h -@@ -24,6 +24,7 @@ - - #include - -+#include "gdm-display.h" - #include "gdm-manager-glue.h" - - G_BEGIN_DECLS -@@ -50,7 +51,7 @@ typedef struct - void (* display_added) (GdmManager *manager, - const char *id); - void (* display_removed) (GdmManager *manager, -- const char *id); -+ GdmDisplay *display); - } GdmManagerClass; - - typedef enum --- -2.16.4 - diff --git a/gdm-disable-wayland-on-unsupported-chipsets.patch b/gdm-disable-wayland-on-unsupported-chipsets.patch index 10c07a4..56c0f64 100644 --- a/gdm-disable-wayland-on-unsupported-chipsets.patch +++ b/gdm-disable-wayland-on-unsupported-chipsets.patch @@ -1,23 +1,23 @@ -Index: b/data/61-gdm.rules +Index: b/data/61-gdm.rules.in =================================================================== ---- a/data/61-gdm.rules 2018-02-20 02:16:32.000000000 +0800 -+++ b/data/61-gdm.rules 2018-04-08 20:31:18.860133428 +0800 +--- a/data/61-gdm.rules.in ++++ b/data/61-gdm.rules.in @@ -1,2 +1,17 @@ -# disable Wayland on Cirrus chipsets +# Disable Wayland on specific chipsets + +# Cirrus Logic - ATTR{vendor}=="0x1013", ATTR{device}=="0x00b8", ATTR{subsystem_vendor}=="0x1af4", ATTR{subsystem_device}=="0x1100", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" + ATTR{vendor}=="0x1013", ATTR{device}=="0x00b8", ATTR{subsystem_vendor}=="0x1af4", ATTR{subsystem_device}=="0x1100", RUN+="@libexecdir@/gdm-disable-wayland" + +# Matrox Electronics Systems Ltd. MGA G200 server engines -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0522", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0524", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0530", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0532", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0533", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0534", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0536", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" -+ATTR{vendor}=="0x102b", ATTR{device}=="0x0538", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0522", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0524", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0530", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0532", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0533", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0534", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0536", RUN+="@libexecdir@/gdm-disable-wayland" ++ATTR{vendor}=="0x102b", ATTR{device}=="0x0538", RUN+="@libexecdir@/gdm-disable-wayland" + +# ASPEED Technology, Inc. -+ATTR{vendor}=="0x1a03", ATTR{device}=="0x2000", RUN+="/bin/sh -c '/bin/mkdir /run/gdm ; /usr/bin/printf \"[daemon]\nWaylandEnable=false\" >> /run/gdm/custom.conf'" ++ATTR{vendor}=="0x1a03", ATTR{device}=="0x2000", RUN+="@libexecdir@/gdm-disable-wayland" diff --git a/gdm.changes b/gdm.changes index d09f3f4..c64b363 100644 --- a/gdm.changes +++ b/gdm.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Wed Aug 15 23:53:20 UTC 2018 - luc14n0@linuxmail.org + +- Update to version 3.28.3: + + CVE-2018-14424 - double free fix. + + Lifecycle fixes to libgdm/GdmClient. + + Follow up fixes dealing with login screen reaping from last + release. + + Allow pam modules to use SIGUSR1. + + Set PWD for user session. + + Tell cirrus not to use wayland. + + Updated translations. +- Drop gdm-CVE-2018-14424.patch: fixed upstream. +- Rebase gdm-disable-wayland-on-unsupported-chipsets.patch applying + it against data/61-gdm.rules.in instead of data/61-gdm.rules to + avoid hard coding directories. + ------------------------------------------------------------------- Wed Aug 15 06:50:36 UTC 2018 - fezhang@suse.com diff --git a/gdm.spec b/gdm.spec index 7c82ddc..568ceb4 100644 --- a/gdm.spec +++ b/gdm.spec @@ -20,7 +20,7 @@ # FIXME: need to check what should be done to enable this (at least adapt the pam files). See bnc#699999 %define enable_split_authentication 0 Name: gdm -Version: 3.28.2 +Version: 3.28.3 Release: 0 Summary: The GNOME Display Manager License: GPL-2.0-or-later @@ -38,30 +38,28 @@ Source6: gdmflexiserver-wrapper Source7: X11-displaymanager-gdm # GDM does not boostrap using gnome-autogen.sh, but has it's own bootstrap script Source8: autogen.sh +# WARNING: do not remove/significantly change patch0 without updating the relevant patch in accountsservice too +# PATCH-FIX-OPENSUSE gdm-sysconfig-settings.patch bnc432360 bsc#919723 hpj@novell.com -- Read autologin options from /etc/sysconfig/displaymanager; note that accountsservice has a similar patch (accountsservice-sysconfig.patch) +Patch0: gdm-sysconfig-settings.patch # PATCH-FIX-UPSTREAM gdm-disable-wayland-on-unsupported-chipsets.patch bgo#789081 bgo#794106 boo#1059356 boo#1083609 boo#1088539 fezhang@suse.com -- Disable Wayland on unsupported chipsets Patch1: gdm-disable-wayland-on-unsupported-chipsets.patch -# WARNING: do not remove/significantly change patch3 without updating the relevant patch in accountsservice too -# PATCH-FIX-OPENSUSE gdm-sysconfig-settings.patch bnc432360 bsc#919723 hpj@novell.com -- Read autologin options from /etc/sysconfig/displaymanager; note that accountsservice has a similar patch (accountsservice-sysconfig.patch) -Patch3: gdm-sysconfig-settings.patch # PATCH-FIX-OPENSUSE gdm-suse-xsession.patch vuntz@novell.com -- Use the /etc/X11/xdm/* scripts -Patch7: gdm-suse-xsession.patch +Patch2: gdm-suse-xsession.patch # PATCH-FIX-OPENSUSE gdm-default-wm.patch vuntz@novell.com -- Use sysconfig to know to which desktop to use by default -Patch34: gdm-default-wm.patch +Patch3: gdm-default-wm.patch # PATCH-FIX-OPENSUSE gdm-xauthlocalhostname.patch bnc#538064 vuntz@novell.com -- Set XAUTHLOCALHOSTNAME to current hostname when we authenticate, for local logins, to avoid issues in the session in case the hostname changes later one. See comment 24 in the bug. -Patch35: gdm-xauthlocalhostname.patch +Patch4: gdm-xauthlocalhostname.patch # PATCH-FIX-OPENSUSE gdm-ignore-duplicate-session.patch xwang@suse.com -- gdm sessions entries duplicate -Patch36: gdm-ignore-duplicate-session.patch +Patch5: gdm-ignore-duplicate-session.patch # PATCH-FIX-UPSTREAM gdm-plymouth-vt1.patch bnc#881676 fcrozat@suse.com -- switch to VT1 when quitting if gdm was starting with plymouth running -Patch41: gdm-plymouth-vt1.patch +Patch6: gdm-plymouth-vt1.patch # PATCH-FIX-UPSTREAM gdm-fails-to-restart-gnome-shell.patch bsc#981976 bgo#769969 tyang@suse.com -- Gdm should stop after a few times fails -Patch42: gdm-fails-to-restart-gnome-shell.patch +Patch7: gdm-fails-to-restart-gnome-shell.patch # PATCH-FIX-UPSTREAM gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch bnc#1075805 bgo#793255 msrb@suse.com -- Add runtime option to start X under root instead of regular user. Necessary if no DRI drivers are present. -Patch43: gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch -# PATCH-FIX-UPSTREAM gdm-CVE-2018-14424.patch glgo#GNOME#gdm#401 boo#1103737 CVE-2018-14424 fezhang@suse.com -- Fix use-after-free of disposed transient displays. -Patch44: gdm-CVE-2018-14424.patch +Patch8: gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch ### NOTE: Keep please SLE-only patches at bottom (starting on 1000). # PATCH-FIX-SLE gdm-disable-gnome-initial-setup.patch bnc#1067976 qzhao@suse.com -- Disable gnome-initial-setup runs before gdm, g-i-s will only serve for CJK people to choose the input-method after login. -Patch1002: gdm-disable-gnome-initial-setup.patch +Patch1000: gdm-disable-gnome-initial-setup.patch BuildRequires: check-devel # needed for directory ownership BuildRequires: dconf @@ -193,20 +191,21 @@ running display manager. %prep %setup -q cp %{SOURCE8} . +%patch0 -p1 %patch1 -p1 +%patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 %patch7 -p1 -%patch34 -p1 -%patch35 -p1 -%patch36 -p1 -%patch41 -p1 -%patch42 -p1 -%patch43 -p1 -%patch44 -p1 +%patch8 -p1 # SLE-only patches start at 1000 %if !0%{?is_opensuse} -%patch1002 -p1 +%patch1000 -p1 %endif +# Ensure gdm-disable-wayland-on-unsupported-chipsets.patch will work: +rm data/61-gdm.rules %build NOCONFIGURE=1 sh autogen.sh