From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id F29A9139083 for ; Sun, 30 Jul 2017 15:13:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 46F261FC04D; Sun, 30 Jul 2017 15:13:26 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 14FD71FC047 for ; Sun, 30 Jul 2017 15:13:26 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C09993418F5 for ; Sun, 30 Jul 2017 15:13:24 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 6470E74BC for ; Sun, 30 Jul 2017 15:13:23 +0000 (UTC) From: "David Seifert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "David Seifert" Message-ID: <1501427587.3e7da11f260f36acddc64b074d2eef63bb1a14b6.soap@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: x11-misc/pcmanfm/, x11-misc/pcmanfm/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild x11-misc/pcmanfm/pcmanfm-9999.ebuild X-VCS-Directories: x11-misc/pcmanfm/ x11-misc/pcmanfm/files/ X-VCS-Committer: soap X-VCS-Committer-Name: David Seifert X-VCS-Revision: 3e7da11f260f36acddc64b074d2eef63bb1a14b6 X-VCS-Branch: master Date: Sun, 30 Jul 2017 15:13:23 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 72fd7d48-665c-4bcf-99d1-48beafef73c9 X-Archives-Hash: f66d219fd7a2847a9ceb4f730c981727 commit: 3e7da11f260f36acddc64b074d2eef63bb1a14b6 Author: charIes17 arcor de> AuthorDate: Mon Jul 17 07:36:09 2017 +0000 Commit: David Seifert gentoo org> CommitDate: Sun Jul 30 15:13:07 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e7da11f x11-misc/pcmanfm: Add patch for CVE-2017-8934 Bug: https://bugs.gentoo.org/show_bug.cgi?id=618622 Bug: https://bugs.gentoo.org/show_bug.cgi?id=624938 Package-Manager: Portage-2.3.6, Repoman-2.3.1 Closes: https://github.com/gentoo/gentoo/pull/5118 .../files/pcmanfm-1.2.5-CVE-2017-8934.patch | 40 ++++++++++++++++++++++ x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild | 4 +-- x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild | 24 +++++++------ x11-misc/pcmanfm/pcmanfm-9999.ebuild | 4 +-- 4 files changed, 58 insertions(+), 14 deletions(-) diff --git a/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch b/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch new file mode 100644 index 00000000000..2acd91bffe2 --- /dev/null +++ b/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch @@ -0,0 +1,40 @@ +# index 8c2049a..876f7f3 100644 (file) +# --- a/NEWS +# +++ b/NEWS +# @@ -1,3 +1,7 @@ +# +* Fixed potential access violation, use runtime user dir instead of tmp dir +# + for single instance socket. +# + +# + +# Changes on 1.2.5 since 1.2.4: + + * Removed options to Cut, Remove and Rename from context menu on mounted +diff --git a/src/single-inst.c b/src/single-inst.c +index 62c37b3..aaf84ab 100644 (file) +--- a/src/single-inst.c ++++ b/src/single-inst.c +@@ -2,7 +2,7 @@ + * single-inst.c: simple IPC mechanism for single instance app + * + * Copyright 2010 Hong Jen Yee (PCMan) +- * Copyright 2012 Andriy Grytsenko (LStranger) ++ * Copyright 2012-2017 Andriy Grytsenko (LStranger) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -404,11 +404,16 @@ static void get_socket_name(SingleInstData* data, char* buf, int len) + } + else + dpynum = 0; ++#if GLIB_CHECK_VERSION(2, 28, 0) ++ g_snprintf(buf, len, "%s/%s-socket-%s-%d", g_get_user_runtime_dir(), ++ data->prog_name, host ? host : "", dpynum); ++#else + g_snprintf(buf, len, "%s/.%s-socket-%s-%d-%s", + g_get_tmp_dir(), + data->prog_name, + host ? host : "", + dpynum, + g_get_user_name()); ++#endif + } diff --git a/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild b/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild index dfe38dce2bc..a15faa771fe 100644 --- a/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="5" @@ -13,7 +13,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/" +HOMEPAGE="https://wiki.lxde.org/en/PCManFM" SRC_URI="https://dev.gentoo.org/~hwoarang/distfiles/${MY_P}.tar.xz" LICENSE="GPL-2" diff --git a/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild b/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild index 232e40452c5..165284c0435 100644 --- a/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild @@ -1,7 +1,8 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -EAPI="6" +EAPI=6 + PLOCALES="ar be bg bn ca cs da de el en_GB es et eu fa fi fo fr gl he hr hu id is it ja kk km ko lg lt lv ms nl pa pl pt pt_BR ro ru si sk sl sr sr@latin sv te th tr tt_RU ug uk vi zh_CN zh_TW" @@ -13,7 +14,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/" +HOMEPAGE="https://wiki.lxde.org/en/PCManFM" SRC_URI="mirror://sourceforge/${PN}/${P}.tar.xz" LICENSE="GPL-2" @@ -36,23 +37,26 @@ DEPEND="${RDEPEND} S="${WORKDIR}"/${MY_P} -DOCS=( AUTHORS ) - -DOC_CONTENTS="PCmanFM can optionally support the menu://applications/ - location. You should install lxde-base/lxmenu-data for that functionality." +PATCHES=( "${FILESDIR}"/${PN}-1.2.5-CVE-2017-8934.patch ) src_prepare() { - export LINGUAS="${LINGUAS:-${PLOCALE_BACKUP}}" - l10n_get_locales > "${S}"/po/LINGUAS default + + export LINGUAS="${LINGUAS:-${PLOCALE_BACKUP}}" + l10n_get_locales > po/LINGUAS || die } src_configure() { - econf --sysconfdir=/etc $(use_enable debug) + econf \ + --sysconfdir="${EPREFIX}"/etc \ + $(use_enable debug) } src_install() { default + + local DOC_CONTENTS="PCmanFM can optionally support the menu://applications/ + location. You should install lxde-base/lxmenu-data for that functionality." readme.gentoo_create_doc } diff --git a/x11-misc/pcmanfm/pcmanfm-9999.ebuild b/x11-misc/pcmanfm/pcmanfm-9999.ebuild index 0613ad8b5f8..5edc83ba4c0 100644 --- a/x11-misc/pcmanfm/pcmanfm-9999.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="5" @@ -22,7 +22,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/" +HOMEPAGE="https://wiki.lxde.org/en/PCManFM" LICENSE="GPL-2" SLOT="0"