commit: 3e7da11f260f36acddc64b074d2eef63bb1a14b6 Author: charIes17 <charles17 <AT> arcor <DOT> de> AuthorDate: Mon Jul 17 07:36:09 2017 +0000 Commit: David Seifert <soap <AT> gentoo <DOT> org> CommitDate: Sun Jul 30 15:13:07 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e7da11f
x11-misc/pcmanfm: Add patch for CVE-2017-8934 Bug: https://bugs.gentoo.org/show_bug.cgi?id=618622 Bug: https://bugs.gentoo.org/show_bug.cgi?id=624938 Package-Manager: Portage-2.3.6, Repoman-2.3.1 Closes: https://github.com/gentoo/gentoo/pull/5118 .../files/pcmanfm-1.2.5-CVE-2017-8934.patch | 40 ++++++++++++++++++++++ x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild | 4 +-- x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild | 24 +++++++------ x11-misc/pcmanfm/pcmanfm-9999.ebuild | 4 +-- 4 files changed, 58 insertions(+), 14 deletions(-) diff --git a/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch b/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch new file mode 100644 index 00000000000..2acd91bffe2 --- /dev/null +++ b/x11-misc/pcmanfm/files/pcmanfm-1.2.5-CVE-2017-8934.patch @@ -0,0 +1,40 @@ +# index 8c2049a..876f7f3 100644 (file) +# --- a/NEWS +# +++ b/NEWS +# @@ -1,3 +1,7 @@ +# +* Fixed potential access violation, use runtime user dir instead of tmp dir +# + for single instance socket. +# + +# + +# Changes on 1.2.5 since 1.2.4: + + * Removed options to Cut, Remove and Rename from context menu on mounted +diff --git a/src/single-inst.c b/src/single-inst.c +index 62c37b3..aaf84ab 100644 (file) +--- a/src/single-inst.c ++++ b/src/single-inst.c +@@ -2,7 +2,7 @@ + * single-inst.c: simple IPC mechanism for single instance app + * + * Copyright 2010 Hong Jen Yee (PCMan) <pcman...@gmail.com> +- * Copyright 2012 Andriy Grytsenko (LStranger) <and...@rep.kiev.ua> ++ * Copyright 2012-2017 Andriy Grytsenko (LStranger) <and...@rep.kiev.ua> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -404,11 +404,16 @@ static void get_socket_name(SingleInstData* data, char* buf, int len) + } + else + dpynum = 0; ++#if GLIB_CHECK_VERSION(2, 28, 0) ++ g_snprintf(buf, len, "%s/%s-socket-%s-%d", g_get_user_runtime_dir(), ++ data->prog_name, host ? host : "", dpynum); ++#else + g_snprintf(buf, len, "%s/.%s-socket-%s-%d-%s", + g_get_tmp_dir(), + data->prog_name, + host ? host : "", + dpynum, + g_get_user_name()); ++#endif + } diff --git a/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild b/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild index dfe38dce2bc..a15faa771fe 100644 --- a/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-1.2.3.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="5" @@ -13,7 +13,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/"; +HOMEPAGE="https://wiki.lxde.org/en/PCManFM"; SRC_URI="https://dev.gentoo.org/~hwoarang/distfiles/${MY_P}.tar.xz"; LICENSE="GPL-2" diff --git a/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild b/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild index 232e40452c5..165284c0435 100644 --- a/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-1.2.5.ebuild @@ -1,7 +1,8 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -EAPI="6" +EAPI=6 + PLOCALES="ar be bg bn ca cs da de el en_GB es et eu fa fi fo fr gl he hr hu id is it ja kk km ko lg lt lv ms nl pa pl pt pt_BR ro ru si sk sl sr sr@latin sv te th tr tt_RU ug uk vi zh_CN zh_TW" @@ -13,7 +14,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/"; +HOMEPAGE="https://wiki.lxde.org/en/PCManFM"; SRC_URI="mirror://sourceforge/${PN}/${P}.tar.xz" LICENSE="GPL-2" @@ -36,23 +37,26 @@ DEPEND="${RDEPEND} S="${WORKDIR}"/${MY_P} -DOCS=( AUTHORS ) - -DOC_CONTENTS="PCmanFM can optionally support the menu://applications/ - location. You should install lxde-base/lxmenu-data for that functionality." +PATCHES=( "${FILESDIR}"/${PN}-1.2.5-CVE-2017-8934.patch ) src_prepare() { - export LINGUAS="${LINGUAS:-${PLOCALE_BACKUP}}" - l10n_get_locales > "${S}"/po/LINGUAS default + + export LINGUAS="${LINGUAS:-${PLOCALE_BACKUP}}" + l10n_get_locales > po/LINGUAS || die } src_configure() { - econf --sysconfdir=/etc $(use_enable debug) + econf \ + --sysconfdir="${EPREFIX}"/etc \ + $(use_enable debug) } src_install() { default + + local DOC_CONTENTS="PCmanFM can optionally support the menu://applications/ + location. You should install lxde-base/lxmenu-data for that functionality." readme.gentoo_create_doc } diff --git a/x11-misc/pcmanfm/pcmanfm-9999.ebuild b/x11-misc/pcmanfm/pcmanfm-9999.ebuild index 0613ad8b5f8..5edc83ba4c0 100644 --- a/x11-misc/pcmanfm/pcmanfm-9999.ebuild +++ b/x11-misc/pcmanfm/pcmanfm-9999.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="5" @@ -22,7 +22,7 @@ MY_PV="${PV/_/}" MY_P="${PN}-${MY_PV}" DESCRIPTION="Fast lightweight tabbed filemanager" -HOMEPAGE="http://pcmanfm.sourceforge.net/"; +HOMEPAGE="https://wiki.lxde.org/en/PCManFM"; LICENSE="GPL-2" SLOT="0"
