Accepting request 673638 from home:zhangxiaofei:branches:GNOME:Factory

- Add gdm-CVE-2019-3825.patch: Fix lock screen bypass when timed
  login is enabled (boo#1124628, glgo#GNOME/gdm#460, CVE-2019-3825)

OBS-URL: https://build.opensuse.org/request/show/673638
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/gdm?expand=0&rev=419

gdm-CVE-2019-3825.patch

@@ -0,0 +1,47 @@
+From 92c2a577063f538ce0e44b5cabeb348dab957edf Mon Sep 17 00:00:00 2001
+From: Iain Lane <iainl@gnome.org>
+Date: Mon, 4 Feb 2019 15:12:38 +0000
+Subject: [PATCH] GdmManager: Don't perform timed login if session gets started
+
+At the moment it's possible for the login screen to initiate
+a timed login operation shortly after a user successfully starts
+their session.
+
+GDM won't complete the timed login operation, since a session is
+already running, but will erroneously overwrite the username
+associated with the session, misattributing the users session
+to the timed login user.
+
+Later, attempts to log in as the timed user will instead unlock the
+session for the other user, since that session is now associated
+with the timed login user.
+
+This commit refuses timed login requests on sessions that are
+already running, so the username doesn't get corrupted.
+
+CVE-2019-3825
+
+Closes https://gitlab.gnome.org/GNOME/gdm/issues/460
+---
+ daemon/gdm-manager.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+Index: b/daemon/gdm-manager.c
+===================================================================
+--- a/daemon/gdm-manager.c	2019-02-12 18:40:48.937263065 +0800
++++ b/daemon/gdm-manager.c	2019-02-12 18:41:11.869403958 +0800
+@@ -2051,6 +2051,14 @@ on_session_client_connected (GdmSession
+ 
+         g_debug ("GdmManager: client connected");
+ 
++        if (gdm_session_is_running (session)) {
++                const char *session_username;
++                session_username = gdm_session_get_username (session);
++                g_debug ("GdmManager: ignoring connection, since session already running (for user %s)",
++                         session_username);
++                return;
++        }
++
+         display = get_display_for_user_session (session);
+ 
+         if (display == NULL) {

gdm.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Feb 12 10:49:15 UTC 2019 - Felix Zhang <fezhang@suse.com>
+
+- Add gdm-CVE-2019-3825.patch: Fix lock screen bypass when timed
+  login is enabled (boo#1124628, glgo#GNOME/gdm#460, CVE-2019-3825)
+
 -------------------------------------------------------------------
 Fri Dec 21 02:48:21 UTC 2018 - qzheng@suse.com
 

gdm.spec

@@ -57,6 +57,8 @@ Patch7:         gdm-fails-to-restart-gnome-shell.patch
 Patch8:         gdm-add-runtime-option-to-disable-starting-X-server-as-u.patch
 # PATCH-FIX-UPSTREAM gdm-ignore-duplicate-desktop-file.patch bsc#1112834 glgo#GNOME/gdm#437 qzheng@suse.com -- Ignore duplicate desktop file with same "Name".
 Patch9:         gdm-ignore-duplicate-desktop-file.patch
+# PATCH-FIX-UPSTREAM gdm-CVE-2019-3825.patch boo#1124628 glgo#GNOME/gdm#460 fezhang@suse.com -- Fix lock screen bypass when timed login is enabled
+Patch10:        gdm-CVE-2019-3825.patch
  
 ### NOTE: Keep please SLE-only patches at bottom (starting on 1000).
 # PATCH-FIX-SLE gdm-disable-gnome-initial-setup.patch bnc#1067976 qzhao@suse.com -- Disable gnome-initial-setup runs before gdm, g-i-s will only serve for CJK people to choose the input-method after login.
@@ -200,6 +202,7 @@ cp %{SOURCE8} .
 %patch7 -p1
 #patch8 -p1
 %patch9 -p1
+%patch10 -p1
 
 # TODO: Hack still needed until https://gitlab.gnome.org/GNOME/gdm/issues/424 gets fixed and released.
 rm data/61-gdm.rules