Hello community,
here is the log from the commit of package xdg-desktop-portal for
openSUSE:Leap:15.2 checked in at 2020-04-14 14:19:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2/xdg-desktop-portal (Old)
and /work/SRC/openSUSE:Leap:15.2/.xdg-desktop-portal.new.3248 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xdg-desktop-portal"
Tue Apr 14 14:19:50 2020 rev:21 rq:792880 version:1.6.0
Changes:
--------
--- /work/SRC/openSUSE:Leap:15.2/xdg-desktop-portal/xdg-desktop-portal.changes
2020-03-31 07:23:03.162415811 +0200
+++
/work/SRC/openSUSE:Leap:15.2/.xdg-desktop-portal.new.3248/xdg-desktop-portal.changes
2020-04-14 14:19:51.649224320 +0200
@@ -1,0 +2,16 @@
+Mon Apr 6 11:49:59 UTC 2020 - Antonio Larrosa <alarr...@suse.com>
+
+- Add patch from upstream to fix a use-after-free case:
+ * 0001-Fix-use-after-free-in-xdg_get_app_info_from_pid.patch
+
+- Add patch from upstream to add AssumedAppArmorLabel key to D-Bus
+ service files to allow sandboxed processes to activate the portal
+ services if the sandbox makes use of AppArmor D-Bus mediation
+ rules that depend on the service's security label:
+ * 0002-add-AssumedAppArmorLabel-key-to-D-Bus-service-files.patch
+
+- Add patch from upstream to fix a null pointer usage when no
+ default handler is set for desired type:
+ * 0003-Fix-criticals-if-no-default-handler-for-desired-type.patch
+
+-------------------------------------------------------------------
New:
----
0001-Fix-use-after-free-in-xdg_get_app_info_from_pid.patch
0002-add-AssumedAppArmorLabel-key-to-D-Bus-service-files.patch
0003-Fix-criticals-if-no-default-handler-for-desired-type.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xdg-desktop-portal.spec ++++++
--- /var/tmp/diff_new_pack.SUPLfM/_old 2020-04-14 14:19:52.013224591 +0200
+++ /var/tmp/diff_new_pack.SUPLfM/_new 2020-04-14 14:19:52.017224594 +0200
@@ -26,6 +26,9 @@
Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.xz
# PATCH-FEATURE-UPSTREAM xdg-dp-port-pipewire-3-api.patch -- Port to use new
pipewire-3.0 api
Patch0: xdg-dp-port-pipewire-3-api.patch
+Patch1: 0001-Fix-use-after-free-in-xdg_get_app_info_from_pid.patch
+Patch2: 0002-add-AssumedAppArmorLabel-key-to-D-Bus-service-files.patch
+Patch3: 0003-Fix-criticals-if-no-default-handler-for-desired-type.patch
BuildRequires: libtool
BuildRequires: pkgconfig
++++++ 0001-Fix-use-after-free-in-xdg_get_app_info_from_pid.patch ++++++
>From 8fbab8933fc4e0e87dbb263c9414dc349fc3cdb8 Mon Sep 17 00:00:00 2001
From: Alexander Larsson <al...@redhat.com>
Date: Thu, 12 Mar 2020 15:01:26 +0100
Subject: [PATCH] utils: Fix use-after-free in xdp_get_app_info_from_pid()
This was freeing the value before returning it.
This was noticed by jhenstridge in
https://github.com/flatpak/xdg-desktop-portal/pull/443
---
src/xdp-utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/xdp-utils.c b/src/xdp-utils.c
index 2f5be5c..4f72df1 100644
--- a/src/xdp-utils.c
+++ b/src/xdp-utils.c
@@ -618,7 +618,7 @@ xdp_get_app_info_from_pid (pid_t pid,
if (app_info == NULL)
app_info = xdp_app_info_new_host ();
- return app_info;
+ return g_steal_pointer (&app_info);
}
static XdpAppInfo *
++++++ 0002-add-AssumedAppArmorLabel-key-to-D-Bus-service-files.patch ++++++
>From 2a3118ce4a9dc144237ebbfc0147fc535cd23c32 Mon Sep 17 00:00:00 2001
From: James Henstridge <ja...@jamesh.id.au>
Date: Mon, 2 Mar 2020 16:40:22 +0100
Subject: [PATCH] src, document-portal: add AssumedAppArmorLabel key to D-Bus
service files
This allows sandboxed processes to activate the portal services if the
sandbox makes use of AppArmor D-Bus mediation rules that depend on the
service's security label.
---
document-portal/org.freedesktop.portal.Documents.service.in | 1 +
src/org.freedesktop.portal.Desktop.service.in | 1 +
2 files changed, 2 insertions(+)
diff --git a/document-portal/org.freedesktop.portal.Documents.service.in
b/document-portal/org.freedesktop.portal.Documents.service.in
index cf0c1ef..4d0881b 100644
--- a/document-portal/org.freedesktop.portal.Documents.service.in
+++ b/document-portal/org.freedesktop.portal.Documents.service.in
@@ -2,3 +2,4 @@
Name=org.freedesktop.portal.Documents
Exec=@libexecdir@/xdg-document-portal
SystemdService=xdg-document-portal.service
+AssumedAppArmorLabel=unconfined
diff --git a/src/org.freedesktop.portal.Desktop.service.in
b/src/org.freedesktop.portal.Desktop.service.in
index e017386..2b31f32 100644
--- a/src/org.freedesktop.portal.Desktop.service.in
+++ b/src/org.freedesktop.portal.Desktop.service.in
@@ -2,3 +2,4 @@
Name=org.freedesktop.portal.Desktop
Exec=@libexecdir@/xdg-desktop-portal
SystemdService=xdg-desktop-portal.service
+AssumedAppArmorLabel=unconfined
++++++ 0003-Fix-criticals-if-no-default-handler-for-desired-type.patch ++++++
>From f8a261b0a56d7eacab79a9086611ba4208fe3842 Mon Sep 17 00:00:00 2001
From: Simon McVittie <s...@debian.org>
Date: Sun, 22 Dec 2019 15:54:33 +0000
Subject: [PATCH] open-uri: Fix criticals if no default handler for desired
type
Signed-off-by: Simon McVittie <s...@debian.org>
---
src/open-uri.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/src/open-uri.c b/src/open-uri.c
index c876ab6..f032894 100644
--- a/src/open-uri.c
+++ b/src/open-uri.c
@@ -473,9 +473,17 @@ find_recommended_choices (const char *scheme,
int i;
info = g_app_info_get_default_for_type (content_type, FALSE);
- *default_app = get_app_id (info);
- g_debug ("Default handler %s for %s, %s", *default_app, scheme,
content_type);
+ if (info != NULL)
+ {
+ *default_app = get_app_id (info);
+ g_debug ("Default handler %s for %s, %s", *default_app, scheme,
content_type);
+ }
+ else
+ {
+ *default_app = NULL;
+ g_debug ("No default handler for %s, %s", scheme, content_type);
+ }
infos = g_app_info_get_recommended_for_type (content_type);
/* Use fallbacks if we have no recommended application for this type */
