me/guix
Archived
1
0
Fork 0
Code Activity

gnu: gnome-shell: Fix CVE-2020-17489.

Browse source 
* gnu/packages/patches/gnome-shell-CVE-2020-17489.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Add patch.
This commit is contained in:
Mark H Weaver 2021-03-12 05:36:54 -05:00
parent db7c3410d5
commit 825cc7e0d4
No known key found for this signature in database
GPG key ID: 7CEF29847562C516
3 changed files with 49 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
gnu/local.mk
View file

@ -1134,6 +1134,7 @@ dist_patch_DATA = \
%D%/packages/patches/gnash-fix-giflib-version.patch \ %D%/packages/patches/gnash-fix-giflib-version.patch \
%D%/packages/patches/gnome-shell-theme.patch \ %D%/packages/patches/gnome-shell-theme.patch \
%D%/packages/patches/gnome-shell-disable-test.patch \ %D%/packages/patches/gnome-shell-disable-test.patch \
%D%/packages/patches/gnome-shell-CVE-2020-17489.patch \
%D%/packages/patches/gnome-settings-daemon-gc.patch \ %D%/packages/patches/gnome-settings-daemon-gc.patch \
%D%/packages/patches/gnome-todo-delete-esource-duplicate.patch \ %D%/packages/patches/gnome-todo-delete-esource-duplicate.patch \
%D%/packages/patches/gnome-tweaks-search-paths.patch \ %D%/packages/patches/gnome-tweaks-search-paths.patch \

3
gnu/packages/gnome.scm
View file

@ -8449,7 +8449,8 @@ properties, screen resolution, and other GNOME parameters.")
(sha256 (sha256
(base32 (base32
"0l3mdn7g2c22mdhrqkxvvc1pk2w0v32f2v4a6n1phvaalwcg75nj")) "0l3mdn7g2c22mdhrqkxvvc1pk2w0v32f2v4a6n1phvaalwcg75nj"))
(patches (search-patches "gnome-shell-theme.patch" (patches (search-patches "gnome-shell-CVE-2020-17489.patch"
"gnome-shell-theme.patch"
"gnome-shell-disable-test.patch")) "gnome-shell-disable-test.patch"))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet

46
gnu/packages/patches/gnome-shell-CVE-2020-17489.patch Normal file
View file

@ -0,0 +1,46 @@
From 05b7aec747282f62212b605249d518280ff80059 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@redhat.com>
Date: Mon, 27 Jul 2020 10:58:22 -0400
Subject: [PATCH] loginDialog: Reset auth prompt on vt switch before fade in
At the moment, if a user switches to the login screen vt,
the login screen fades in whatever was on screen prior, and
then does a reset.
It makes more sense to reset first, so we fade in what the
user is going to interact with instead of what they interacted
with before.
Fixes: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2997
---
js/gdm/loginDialog.js | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/js/gdm/loginDialog.js b/js/gdm/loginDialog.js
index c3f90dc58..6b35ebb16 100644
--- a/js/gdm/loginDialog.js
+++ b/js/gdm/loginDialog.js
@@ -920,16 +920,15 @@ var LoginDialog = GObject.registerClass({
if (this.opacity == 255 && this._authPrompt.verificationStatus == AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
return;
+ if (this._authPrompt.verificationStatus !== AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
+ this._authPrompt.reset();
+
this._bindOpacity();
this.ease({
opacity: 255,
duration: _FADE_ANIMATION_TIME,
mode: Clutter.AnimationMode.EASE_OUT_QUAD,
- onComplete: () => {
- if (this._authPrompt.verificationStatus != AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
- this._authPrompt.reset();
- this._unbindOpacity();
- }
+ onComplete: () => this._unbindOpacity(),
});
}
--
2.30.1