diff options
Diffstat (limited to 'gnome-extra/gnome-screensaver')
7 files changed, 20 insertions, 349 deletions
diff --git a/gnome-extra/gnome-screensaver/ChangeLog b/gnome-extra/gnome-screensaver/ChangeLog index 90869989d701..cfc4ad09f408 100644 --- a/gnome-extra/gnome-screensaver/ChangeLog +++ b/gnome-extra/gnome-screensaver/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for gnome-extra/gnome-screensaver # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/ChangeLog,v 1.86 2008/11/13 21:18:50 dang Exp $ +# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/ChangeLog,v 1.87 2008/11/30 12:10:01 eva Exp $ + + 30 Nov 2008; Gilles Dartiguelongue <eva@gentoo.org> + -files/gnome-screensaver-CVE-2008-0887.patch, + -gnome-screensaver-2.20.0-r3.ebuild, gnome-screensaver-2.22.2.ebuild, + gnome-screensaver-2.24.0.ebuild, gnome-screensaver-2.24.1.ebuild: + Update xscreensaver test, bug #237897. Clean up old revisions. *gnome-screensaver-2.24.1 (13 Nov 2008) diff --git a/gnome-extra/gnome-screensaver/Manifest b/gnome-extra/gnome-screensaver/Manifest index 1ffbd8b7d67a..8288cbca6224 100644 --- a/gnome-extra/gnome-screensaver/Manifest +++ b/gnome-extra/gnome-screensaver/Manifest @@ -3,22 +3,19 @@ Hash: SHA1 AUX gnome-screensaver-2.20.0-fix-gamma.patch 1637 RMD160 1bda5b646edb2b38218c93ac05b6f592e1366bca SHA1 243191a5c59be9badbba440ef364483a83d69fae SHA256 20c5afb7c058e1a4acf308eee466bbf81fb01e2df9a238fc48b0e89384521005 AUX gnome-screensaver-2.22.2-fix-copy-themes-include.patch 566 RMD160 ebcac26112014e9465a6b706d40ab345f1c40c73 SHA1 9d05b510248f71c3deee0cb98225eaed1f1d0f2e SHA256 bee314d9a2a6c0e7fdd7fd2c26ea7c8d8525e6fe14283e3db47ad34cc868f95a -AUX gnome-screensaver-CVE-2008-0887.patch 7965 RMD160 9eade48b04e5a617ec427258f3e41d5c33ab750f SHA1 392a477755562b032d24928ac6c2100af7d7fca1 SHA256 71e9bb7735fbc373ee2f19f7740ba759c7eeff0e46bd50ab7401f9d6147a1666 AUX xss-conversion-2.txt 1026 RMD160 5a1810d1f41999907ff39adf0e6396d1d6f5c5d7 SHA1 477743e8fd025cff16c1b2ed538a57ce9550a9cf SHA256 f1bcc5e85d45e53e6170d0cdf25dd3d10020aeef545cf2fdea5e3b4b30ec86c8 -DIST gnome-screensaver-2.20.0.tar.bz2 2013842 RMD160 ddea3d536366aab572462f4f66c72daabbeeb119 SHA1 0b99de04caf897642338c61edc12cb7cea27e0a4 SHA256 9ee744058d2c7139634543951a62828b2e1b69fe33cf0b5456737e9c5201dbb9 DIST gnome-screensaver-2.22.2.tar.bz2 2042396 RMD160 91f57c339fdc025588101b7fbab4d5095d392f0b SHA1 473b00fc6306742ada4e89520c991c31d1f79984 SHA256 a686d41f8623dbfc56c2c0bab5517a6380f538ed6ef7478ca51cfb9062e9f15b DIST gnome-screensaver-2.24.0.tar.bz2 2058094 RMD160 34d418258a65325b97ae7a46c32b987ad3566709 SHA1 ed7871c8a004801717e6a7897b07b80386256ce8 SHA256 ca79b46000f0ce76e9e2c97b59bffbc1e2ef7db83d77cdc9fdf38ab050d6a480 DIST gnome-screensaver-2.24.1.tar.bz2 2058780 RMD160 14744c9eb5b139691e9fc33256e9093ae605bd6d SHA1 36cbdc1d614200a85391795fe8e3c3b827f792df SHA256 c8cf26fc1d402269b7030abadfdf2c6103391cf30466b3d30bc99671f4c89f7e -EBUILD gnome-screensaver-2.20.0-r3.ebuild 3064 RMD160 e540f2068f42fdc67df6453b3626bf0135ba39fe SHA1 fae8399b77b851e02088236d49b88ba42db194ef SHA256 ec59d2bd23d9bd57c976ccb9f3d0165d815ec1fd8deaa7d4de18071f75162a64 -EBUILD gnome-screensaver-2.22.2.ebuild 3156 RMD160 4bbf1b17c5e462f3accddd3862b25069d436fde0 SHA1 0d4faa29e9afe0df6ef45698c37ace983795e492 SHA256 9a9029fc7e911a5df0aac4122f147dc6971fc9484927b9514821aa852f0e399d -EBUILD gnome-screensaver-2.24.0.ebuild 2820 RMD160 d80612e8a6f5b52979a7f019ea0e7414babaf49e SHA1 1b070055f59906b567c0820b671a7320c6167d5a SHA256 b3f063a03c2a403fd9a489e6cfab4c1543c875e66c9e6bbdc9c0ac606d13a10f -EBUILD gnome-screensaver-2.24.1.ebuild 2821 RMD160 6f32accfffa4947c59a7e41f9cf8c7fac3f786d2 SHA1 ef6e2b27cfb34cacfb5a807889fa46ff0083e321 SHA256 7e43a7b3ddf1bfeae0d048bd8bacf01df5bbfc0f9f692440676d5642125d3768 -MISC ChangeLog 13645 RMD160 c122b3053f6512be3605f03c5e903258e7dbde8f SHA1 b71afbf3883af66ef9057313d65d7e1ef2eb9e25 SHA256 49e5ed56965b5aea053a4fa14fb348e43902b801e8ff7f2f1a8686aa2edd0b3d +EBUILD gnome-screensaver-2.22.2.ebuild 3164 RMD160 e8ece743c022e8b8c6eceee1442f1f95def06b85 SHA1 baf9b502601d55138998835033f028fbc1ba726c SHA256 cf52f8dbbe6ac83d298f57c74252f5ae7ef15b1a3b0d7a149e03a09a69c18159 +EBUILD gnome-screensaver-2.24.0.ebuild 2831 RMD160 1cd6b964617f32658600cc25f39af084e0750f56 SHA1 41520bff824ecbd8c22a41bd30245baaa49497bf SHA256 91c3848da86d6cdf58b482104a93373fe001c71e4c38ada51723fa22218a46a5 +EBUILD gnome-screensaver-2.24.1.ebuild 2831 RMD160 fa1b6d122aa9e30c1fc0fb0f49f3f0e7ba1d70e1 SHA1 272d400b1a21ffa8c5fb2d410d85cc452451a549 SHA256 d98f3fb36495172a80904e6396cbc48fc6229f6dcd3a090e3c50a601aa5941ce +MISC ChangeLog 13952 RMD160 982a8009ffdfcd947f5404fa37edcae991a1dad9 SHA1 7a27fb3d28932773c2ea75c753ceff067ef058ed SHA256 15e88267e231421a63b82b862384383b37a46cff9c29a2adafb827df3bf52577 MISC metadata.xml 472 RMD160 3fe1221d0cb389cf1be040c98fa9c40dbf3c07e5 SHA1 18913172dba9d94ca5952b7f8bfb2aa13808bb67 SHA256 e70be8f69acbda81bd1e90c1bd3a57a0b5ccb5fa09c7a6f04427ef888e1872bc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) -iD8DBQFJHJm/omPajV0RnrERAprkAJwLN1VVHbW5iGJamJ7VrLpB8EpdNwCfWaXK -u69I5uKJdn6uj276WsMVDys= -=aIIj +iEYEARECAAYFAkkygp8ACgkQ1fmVwcYIWAa/1QCfU0xrJ53bBiiSfpyw+gHFtqU4 +PgcAoI16T3StoOU6FTBFRbTNO5nW0IaT +=arlP -----END PGP SIGNATURE----- diff --git a/gnome-extra/gnome-screensaver/files/gnome-screensaver-CVE-2008-0887.patch b/gnome-extra/gnome-screensaver/files/gnome-screensaver-CVE-2008-0887.patch deleted file mode 100644 index e0216529dbcf..000000000000 --- a/gnome-extra/gnome-screensaver/files/gnome-screensaver-CVE-2008-0887.patch +++ /dev/null @@ -1,225 +0,0 @@ -Index: gnome-screensaver/src/gnome-screensaver-dialog.c -=================================================================== ---- gnome-screensaver/src/gnome-screensaver-dialog.c (revision 1398) -+++ gnome-screensaver/src/gnome-screensaver-dialog.c (working copy) -@@ -41,6 +41,8 @@ - - #include "gs-debug.h" - -+#define MAX_FAILURES 5 -+ - static gboolean verbose = FALSE; - static gboolean show_version = FALSE; - static gboolean enable_logout = FALSE; -@@ -299,8 +301,6 @@ do_auth_check (GSLockPlug *plug) - gs_lock_plug_show_message (plug, _("Authentication failed.")); - } - -- g_timeout_add (3000, (GSourceFunc)reset_idle_cb, plug); -- - printf ("NOTICE=AUTH FAILED\n"); - fflush (stdout); - -@@ -325,15 +325,28 @@ response_cb (GSLockPlug *plug, - static gboolean - auth_check_idle (GSLockPlug *plug) - { -- gboolean res; -+ gboolean res; -+ gboolean again; -+ static guint loop_counter = 0; - -+ again = TRUE; - res = do_auth_check (plug); - - if (res) { -+ again = FALSE; - g_idle_add ((GSourceFunc)quit_response_ok, NULL); -+ } else { -+ loop_counter++; -+ -+ if (loop_counter < MAX_FAILURES) { -+ g_timeout_add (3000, (GSourceFunc)reset_idle_cb, plug); -+ } else { -+ again = FALSE; -+ gtk_main_quit (); -+ } - } - -- return !res; -+ return again; - } - - static void -Index: gnome-screensaver/src/setuid.c -=================================================================== ---- gnome-screensaver/src/setuid.c (revision 1398) -+++ gnome-screensaver/src/setuid.c (working copy) -@@ -48,7 +48,7 @@ uid_gid_string (uid_t uid, - return buf; - } - --static int -+static gboolean - set_ids_by_number (uid_t uid, - gid_t gid, - char **message_ret) -@@ -96,7 +96,7 @@ set_ids_by_number (uid_t uid, - - g_free (reason); - -- return 0; -+ return TRUE; - } else { - char *reason = NULL; - -@@ -141,9 +141,9 @@ set_ids_by_number (uid_t uid, - g_free (reason); - reason = NULL; - } -- -- return -1; -+ return FALSE; - } -+ return FALSE; - } - - -@@ -165,12 +165,21 @@ hack_uid (char **nolock_reason, - char **orig_uid, - char **uid_message) - { -- if (nolock_reason) -+ char *reason; -+ gboolean ret; -+ -+ ret = TRUE; -+ reason = NULL; -+ -+ if (nolock_reason != NULL) { - *nolock_reason = NULL; -- if (orig_uid) -+ } -+ if (orig_uid != NULL) { - *orig_uid = NULL; -- if (uid_message) -+ } -+ if (uid_message != NULL) { - *uid_message = NULL; -+ } - - /* Discard privileges, and set the effective user/group ids to the - real user/group ids. That is, give up our "chmod +s" rights. -@@ -181,12 +190,18 @@ hack_uid (char **nolock_reason, - uid_t uid = getuid (); - gid_t gid = getgid (); - -- if (orig_uid) -+ if (orig_uid != NULL) { - *orig_uid = uid_gid_string (euid, egid); -+ } -+ -+ if (uid != euid || gid != egid) { -+ if (! set_ids_by_number (uid, gid, uid_message)) { -+ reason = g_strdup ("unable to discard privileges."); - -- if (uid != euid || gid != egid) -- if (set_ids_by_number (uid, gid, uid_message) != 0) -- return FALSE; -+ ret = FALSE; -+ goto out; -+ } -+ } - } - - -@@ -200,81 +215,16 @@ hack_uid (char **nolock_reason, - and "USING XDM". - */ - if (getuid () == (uid_t) 0) { -- if (nolock_reason) -- *nolock_reason = g_strdup ("running as root"); -- return FALSE; -+ reason = g_strdup ("running as root"); -+ ret = FALSE; -+ goto out; - } - -- /* If we're running as root, switch to a safer user. This is above and -- beyond the fact that we've disabling locking, above -- the theory is -- that running graphics demos as root is just always a stupid thing -- to do, since they have probably never been security reviewed and are -- more likely to be buggy than just about any other kind of program. -- (And that assumes non-malicious code. There are also attacks here.) -- -- *** WARNING: DO NOT DISABLE THIS CODE! -- If you do so, you will open a security hole. See the sections -- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", -- and "USING XDM". -- */ -- if (getuid () == (uid_t) 0) { -- struct passwd *p; -- -- p = getpwnam ("nobody"); -- if (! p) p = getpwnam ("noaccess"); -- if (! p) p = getpwnam ("daemon"); -- if (! p) { -- g_warning ("running as root, and couldn't find a safer uid."); -- return FALSE; -- } -- -- if (set_ids_by_number (p->pw_uid, p->pw_gid, uid_message) != 0) -- return FALSE; -- } -- -- -- /* If there's anything even remotely funny looking about the passwd struct, -- or if we're running as some other user from the list below (a -- non-comprehensive selection of users known to be privileged in some way, -- and not normal end-users) then disable locking. If it was possible, -- switching to "nobody" would be the thing to do, but only root itself has -- the privs to do that. -- -- *** WARNING: DO NOT DISABLE THIS CODE! -- If you do so, you will open a security hole. See the sections -- of the xscreensaver manual titled "LOCKING AND ROOT LOGINS", -- and "USING XDM". -- */ -- { -- uid_t uid = getuid (); /* get it again */ -- struct passwd *p = getpwuid (uid); /* get it again */ -- -- if (!p || -- uid == (uid_t) 0 || -- uid == (uid_t) -1 || -- uid == (uid_t) -2 || -- p->pw_uid == (uid_t) 0 || -- p->pw_uid == (uid_t) -1 || -- p->pw_uid == (uid_t) -2 || -- !p->pw_name || -- !*p->pw_name || -- !strcmp (p->pw_name, "root") || -- !strcmp (p->pw_name, "nobody") || -- !strcmp (p->pw_name, "noaccess") || -- !strcmp (p->pw_name, "operator") || -- !strcmp (p->pw_name, "daemon") || -- !strcmp (p->pw_name, "bin") || -- !strcmp (p->pw_name, "adm") || -- !strcmp (p->pw_name, "sys") || -- !strcmp (p->pw_name, "games")) { -- if (nolock_reason) -- *nolock_reason = g_strdup_printf ("running as %s", -- (p && p->pw_name -- && *p->pw_name -- ? p->pw_name : "<unknown>")); -- return FALSE; -- } -+ out: -+ if (nolock_reason != NULL) { -+ *nolock_reason = g_strdup (reason); - } -+ g_free (reason); - -- return TRUE; -+ return ret; - } diff --git a/gnome-extra/gnome-screensaver/gnome-screensaver-2.20.0-r3.ebuild b/gnome-extra/gnome-screensaver/gnome-screensaver-2.20.0-r3.ebuild deleted file mode 100644 index 717d5d81f22f..000000000000 --- a/gnome-extra/gnome-screensaver/gnome-screensaver-2.20.0-r3.ebuild +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.20.0-r3.ebuild,v 1.4 2008/04/03 20:13:18 dertobi123 Exp $ - -inherit gnome2 eutils - -DESCRIPTION="Replaces xscreensaver, integrating with the desktop." -HOMEPAGE="http://live.gnome.org/GnomeScreensaver" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd" -KERNEL_IUSE="kernel_linux" -IUSE="debug doc libnotify opengl pam xinerama $KERNEL_IUSE" - -RDEPEND=">=gnome-base/gconf-2.6.1 - >=x11-libs/gtk+-2.11.5 - >=gnome-base/gnome-vfs-2.12 - >=gnome-base/libglade-2.5.0 - >=gnome-base/gnome-menus-2.12 - >=dev-libs/glib-2.8 - >=gnome-base/libgnomekbd-0.1 - >=dev-libs/dbus-glib-0.71 - libnotify? ( x11-libs/libnotify ) - opengl? ( virtual/opengl ) - xinerama? ( - x11-libs/libXinerama - x11-proto/xineramaproto - ) - pam? ( virtual/pam ) - !pam? ( kernel_linux? ( sys-apps/shadow ) ) - x11-libs/libX11 - x11-libs/libXext - x11-libs/libXrandr - x11-libs/libXScrnSaver" -DEPEND="${RDEPEND} - sys-devel/gettext - >=dev-util/pkgconfig-0.9 - >=dev-util/intltool-0.35 - doc? ( - app-text/xmlto - ~app-text/docbook-xml-dtd-4.1.2 - ~app-text/docbook-xml-dtd-4.4 - ) - x11-proto/xextproto - x11-proto/randrproto - x11-proto/scrnsaverproto - x11-proto/xf86miscproto" - -DOCS="AUTHORS ChangeLog HACKING NEWS README TODO" - -pkg_setup() { - G2CONF="${G2CONF} \ - $(use_enable doc docbook-docs) \ - $(use_enable debug) \ - $(use_with libnotify) \ - $(use_with opengl libgl) \ - $(use_enable pam) \ - $(use_enable xinerama) \ - --enable-locking \ - --with-kbd-layout-indicator \ - --with-gdm-config=/usr/share/gdm/defaults.conf \ - --with-xscreensaverdir=/usr/share/xscreensaver/config \ - --with-xscreensaverhackdir=/usr/lib/misc/xscreensaver" -} - -src_unpack() { - gnome2_src_unpack - epatch "${FILESDIR}/${P}-fix-gamma.patch" - - # Fix CVE-2008-0887, bug #213940 - epatch "${FILESDIR}/${PN}-CVE-2008-0887.patch" -} - -src_install() { - gnome2_src_install - - # Install the conversion script in the documentation - dodoc "${S}"/data/migrate-xscreensaver-config.sh - dodoc "${S}"/data/xscreensaver-config.xsl - - # Conversion information - sed -e "s:\${PF}:${PF}:" \ - < "${FILESDIR}"/xss-conversion-2.txt > "${S}"/xss-conversion.txt - - dodoc "${S}"/xss-conversion.txt - - # Non PAM users will need this suid to read the password hashes. - # OpenPAM users will probably need this too when - # http://bugzilla.gnome.org/show_bug.cgi?id=370847 - # is fixed. - if ! use pam ; then - fperms u+s /usr/libexec/gnome-screensaver-dialog - fi -} - -pkg_postinst() { - gnome2_pkg_postinst - - ewarn "If you have xscreensaver installed, you probably want to disable it." - ewarn "To prevent a duplicate Screensaver entry in the menu, you need to" - ewarn "build xscreensaver with -gnome in the USE flags." - ewarn "echo \"x11-misc/xscreensaver -gnome\" >> /etc/portage/package.use" - echo - elog "Information for converting screensavers is located in " - elog "/usr/share/doc/${PF}/xss-conversion.txt.${PORTAGE_COMPRESS}" -} diff --git a/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild b/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild index 6b28571f7793..53f84af63ca8 100644 --- a/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild +++ b/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild,v 1.8 2008/11/13 19:22:51 ranger Exp $ +# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.22.2.ebuild,v 1.9 2008/11/30 12:10:01 eva Exp $ inherit eutils gnome2 @@ -99,7 +99,7 @@ src_install() { pkg_postinst() { gnome2_pkg_postinst - if has_version x11-misc/xscreensaver ; then + if has_version "<x11-misc/xscreensaver-4.22-r2" ; then ewarn "You have xscreensaver installed, you probably want to disable it." ewarn "To prevent a duplicate Screensaver entry in the menu, you need to" ewarn "build xscreensaver with -gnome in the USE flags." diff --git a/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild b/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild index e233d1c03de9..6e1735bb0e86 100644 --- a/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild +++ b/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild,v 1.1 2008/11/09 00:59:45 eva Exp $ +# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.0.ebuild,v 1.2 2008/11/30 12:10:01 eva Exp $ inherit eutils gnome2 @@ -85,7 +85,7 @@ src_install() { pkg_postinst() { gnome2_pkg_postinst - if has_version x11-misc/xscreensaver ; then + if has_version "<x11-misc/xscreensaver-4.22-r2" ; then ewarn "You have xscreensaver installed, you probably want to disable it." ewarn "To prevent a duplicate screensaver entry in the menu, you need to" ewarn "build xscreensaver with -gnome in the USE flags." diff --git a/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild b/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild index b8e7958d04cc..847113f2888a 100644 --- a/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild +++ b/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild,v 1.1 2008/11/13 21:18:50 dang Exp $ +# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-screensaver/gnome-screensaver-2.24.1.ebuild,v 1.2 2008/11/30 12:10:01 eva Exp $ inherit eutils gnome2 @@ -85,7 +85,7 @@ src_install() { pkg_postinst() { gnome2_pkg_postinst - if has_version x11-misc/xscreensaver ; then + if has_version "<x11-misc/xscreensaver-4.22-r2" ; then ewarn "You have xscreensaver installed, you probably want to disable it." ewarn "To prevent a duplicate screensaver entry in the menu, you need to" ewarn "build xscreensaver with -gnome in the USE flags." |