Bug#1036341: unblock: mate-desktop/1.26.0-2

Fri, 19 May 2023 05:45:28 -0700 

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock

Please unblock package mate-desktop

The change fixes two memleaks and one use-after-free issue in
mate-desktop, one of the core libraries of MATE Desktop Environment.

[ Reason ]

+  * debian/patches:
+    + Trivial rebase of 001_prefer-x-terminal-emulator.patch.
+    + Add patches 0001 and 0002. Fix two memory leaks.
+    + Add patch 0003 fix use-after-free issue. (Closes: #1033719).

-> Self-explaining.

+  * debian/control:
+    + In bin:pkg libmate-desktop-dev switch from libgdk-pixbuf2.0-dev
+      (deprecated) to libgdk-pixbuf-2.0-dev. Thanks, lintian.

-> libgdk-pixbuf2.0-dev deprecation, hinted by lintian.

+  * debian/copyright:
+    + Update copyright attribution for debian/ folder.

-> update copyright attributions.

[ Impact ]
Minimal. MATE Desktop Environment will be affected by this change, ideally to 
the better.

[ Tests ]
Manual package test. Patch review. Patches already applied in new
upstream release 1.26.1.

[ Risks ]
If patches are bad or introduce regressions, MATE Desktop might break /
suffer from the change.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
None

unblock mate-desktop/1.26.0-2

diff -Nru mate-desktop-1.26.0/debian/changelog 
mate-desktop-1.26.0/debian/changelog
--- mate-desktop-1.26.0/debian/changelog        2021-12-10 20:59:48.000000000 
+0100
+++ mate-desktop-1.26.0/debian/changelog        2023-04-25 16:35:44.000000000 
+0200
@@ -1,3 +1,17 @@
+mate-desktop (1.26.0-2) unstable; urgency=medium
+
+  * debian/patches:
+    + Trivial rebase of 001_prefer-x-terminal-emulator.patch.
+    + Add patches 0001 and 0002. Fix two memory leaks.
+    + Add patch 0003 fix use-after-free issue. (Closes: #1033719).
+  * debian/control:
+    + In bin:pkg libmate-desktop-dev switch from libgdk-pixbuf2.0-dev
+      (deprecated) to libgdk-pixbuf-2.0-dev. Thanks, lintian.
+  * debian/copyright:
+    + Update copyright attribution for debian/ folder.
+
+ -- Mike Gabriel <sunwea...@debian.org>  Tue, 25 Apr 2023 16:35:44 +0200
+
 mate-desktop (1.26.0-1) unstable; urgency=medium
 
   [ Martin Wimpress ]
diff -Nru mate-desktop-1.26.0/debian/control mate-desktop-1.26.0/debian/control
--- mate-desktop-1.26.0/debian/control  2021-12-10 20:59:48.000000000 +0100
+++ mate-desktop-1.26.0/debian/control  2023-04-25 16:35:44.000000000 +0200
@@ -100,7 +100,7 @@
 Architecture: any
 Multi-Arch: same
 Depends: libdconf-dev,
-         libgdk-pixbuf2.0-dev,
+         libgdk-pixbuf-2.0-dev,
          libgtk-3-dev,
          libmate-desktop-2-17 (= ${binary:Version}),
          libstartup-notification0-dev,
diff -Nru mate-desktop-1.26.0/debian/copyright 
mate-desktop-1.26.0/debian/copyright
--- mate-desktop-1.26.0/debian/copyright        2021-12-10 20:59:48.000000000 
+0100
+++ mate-desktop-1.26.0/debian/copyright        2023-04-25 16:35:44.000000000 
+0200
@@ -232,7 +232,7 @@
 
 Files: debian/*
 Copyright: 2011-2013, Stefano Karapetsas <stef...@karapetsas.com>
-           2013-2015, Mike Gabriel <sunwea...@debian.org>
+           2013-2023, Mike Gabriel <sunwea...@debian.org>
 License: GPL-2+ or LGPL-2+ or Expat
 
 License: GPL-2+
diff -Nru mate-desktop-1.26.0/debian/patches/0001_mate-bg-fix-memory-leak.patch 
mate-desktop-1.26.0/debian/patches/0001_mate-bg-fix-memory-leak.patch
--- mate-desktop-1.26.0/debian/patches/0001_mate-bg-fix-memory-leak.patch       
1970-01-01 01:00:00.000000000 +0100
+++ mate-desktop-1.26.0/debian/patches/0001_mate-bg-fix-memory-leak.patch       
2023-04-25 16:30:40.000000000 +0200
@@ -0,0 +1,30 @@
+From 2fbe25e7ad9c7678db2f3e34f76c9ee4e37d80d9 Mon Sep 17 00:00:00 2001
+From: rbuj <robert....@gmail.com>
+Date: Mon, 8 Nov 2021 12:44:21 +0100
+Subject: [PATCH] mate-bg: fix memory leak
+
+---
+ libmate-desktop/mate-bg.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/libmate-desktop/mate-bg.c b/libmate-desktop/mate-bg.c
+index e5119759e..62cc5e59e 100644
+--- a/libmate-desktop/mate-bg.c
++++ b/libmate-desktop/mate-bg.c
+@@ -3197,9 +3197,13 @@ mate_bg_changes_with_time (MateBG *bg)
+       if (!bg->filename)
+               return FALSE;
+ 
+-      show = get_as_slideshow (bg, bg->filename);
+-      if (show)
+-              return g_queue_get_length (show->slides) > 1;
++      if ((show = get_as_slideshow (bg, bg->filename)) != NULL) {
++              gboolean result;
++
++              result = (g_queue_get_length (show->slides) > 1) ? TRUE : FALSE;
++              slideshow_unref (show);
++              return result;
++      }
+ 
+       return FALSE;
+ }
diff -Nru 
mate-desktop-1.26.0/debian/patches/0002_mate-desktop-thumbnail-fix-memory-leak.patch
 
mate-desktop-1.26.0/debian/patches/0002_mate-desktop-thumbnail-fix-memory-leak.patch
--- 
mate-desktop-1.26.0/debian/patches/0002_mate-desktop-thumbnail-fix-memory-leak.patch
        1970-01-01 01:00:00.000000000 +0100
+++ 
mate-desktop-1.26.0/debian/patches/0002_mate-desktop-thumbnail-fix-memory-leak.patch
        2023-04-25 16:31:19.000000000 +0200
@@ -0,0 +1,21 @@
+From 7f9225f08b84d58ccddbc88c7c4cc176c151fdb9 Mon Sep 17 00:00:00 2001
+From: rbuj <robert....@gmail.com>
+Date: Fri, 22 Oct 2021 18:26:52 +0200
+Subject: [PATCH] mate-desktop-thumbnail: fix memory leak
+
+---
+ libmate-desktop/mate-desktop-thumbnail.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libmate-desktop/mate-desktop-thumbnail.c 
b/libmate-desktop/mate-desktop-thumbnail.c
+index 8d2670631..885ff420a 100644
+--- a/libmate-desktop/mate-desktop-thumbnail.c
++++ b/libmate-desktop/mate-desktop-thumbnail.c
+@@ -954,6 +954,7 @@ expand_thumbnailing_script (const char  *script,
+ 
+       g_ptr_array_add (array, expanded);
+     }
++  g_strfreev (script_elems);
+ 
+   if (!got_in)
+     {
diff -Nru mate-desktop-1.26.0/debian/patches/0003_revert-small-cleanup.patch 
mate-desktop-1.26.0/debian/patches/0003_revert-small-cleanup.patch
--- mate-desktop-1.26.0/debian/patches/0003_revert-small-cleanup.patch  
1970-01-01 01:00:00.000000000 +0100
+++ mate-desktop-1.26.0/debian/patches/0003_revert-small-cleanup.patch  
2023-04-25 16:32:05.000000000 +0200
@@ -0,0 +1,50 @@
+From 6fcc78cd8e5aa807fa9d254d2e61a302096559cf Mon Sep 17 00:00:00 2001
+From: Colomban Wendling <cwendl...@hypra.fr>
+Date: Mon, 7 Nov 2022 11:57:51 +0100
+Subject: [PATCH] Revert "[mate-bg] small cleanup"
+
+It is not possible to use the `list` pointer after it has been deleted,
+so the "cleanup" this commit made lead to using freed memory if any
+item actually got clean up.
+
+This "cleanup" also don't seem meaningful to me, as all it does
+otherwise is trade an assignation for a redundant test -- either of
+which the compiler might happily optimize out.
+
+This reverts commit 47426c90d10e9f738ecf89f35db94ca8deff55e0.
+---
+ libmate-desktop/mate-bg.c | 17 ++++++++---------
+ 1 file changed, 8 insertions(+), 9 deletions(-)
+
+diff --git a/libmate-desktop/mate-bg.c b/libmate-desktop/mate-bg.c
+index 62cc5e59e..5cf2daf3a 100644
+--- a/libmate-desktop/mate-bg.c
++++ b/libmate-desktop/mate-bg.c
+@@ -2016,19 +2016,18 @@ static gboolean
+ blow_expensive_caches (gpointer data)
+ {
+       MateBG *bg = data;
+-      GList *list;
++      GList *list, *next;
+ 
+       bg->blow_caches_id = 0;
+ 
+-      if (bg->file_cache) {
+-              for (list = bg->file_cache; list != NULL; list = list->next) {
+-                      FileCacheEntry *ent = list->data;
++      for (list = bg->file_cache; list != NULL; list = next) {
++              FileCacheEntry *ent = list->data;
++              next = list->next;
+ 
+-                      if (ent->type == PIXBUF) {
+-                              file_cache_entry_delete (ent);
+-                              bg->file_cache = g_list_delete_link 
(bg->file_cache,
+-                                                                   list);
+-                      }
++              if (ent->type == PIXBUF) {
++                      file_cache_entry_delete (ent);
++                      bg->file_cache = g_list_delete_link (bg->file_cache,
++                                                           list);
+               }
+       }
+ 
diff -Nru 
mate-desktop-1.26.0/debian/patches/2001_prefer-x-terminal-emulator.patch 
mate-desktop-1.26.0/debian/patches/2001_prefer-x-terminal-emulator.patch
--- mate-desktop-1.26.0/debian/patches/2001_prefer-x-terminal-emulator.patch    
2019-01-16 11:37:51.000000000 +0100
+++ mate-desktop-1.26.0/debian/patches/2001_prefer-x-terminal-emulator.patch    
2023-04-25 16:32:38.000000000 +0200
@@ -3,7 +3,7 @@
 
 --- a/libmate-desktop/mate-desktop-utils.c
 +++ b/libmate-desktop/mate-desktop-utils.c
-@@ -136,6 +136,8 @@
+@@ -137,6 +137,8 @@
                        term_argv[1] = g_strdup ("-x");
                } else {
                        if (check == NULL)
diff -Nru mate-desktop-1.26.0/debian/patches/series 
mate-desktop-1.26.0/debian/patches/series
--- mate-desktop-1.26.0/debian/patches/series   2020-11-17 11:36:59.000000000 
+0100
+++ mate-desktop-1.26.0/debian/patches/series   2023-04-25 16:32:12.000000000 
+0200
@@ -1 +1,4 @@
 2001_prefer-x-terminal-emulator.patch
+0001_mate-bg-fix-memory-leak.patch
+0002_mate-desktop-thumbnail-fix-memory-leak.patch
+0003_revert-small-cleanup.patch

Reply via email to