From 3b234388a5f545f071422864e1a274ba45a696a0 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sun, 3 Mar 2019 22:03:39 +0000 Subject: Sun Mar 3 22:03:39 UTC 2019 a/mkinitrd-1.4.11-x86_64-12.txz: Rebuilt. Updated to busybox-1.30.1. mkinitrd: allow a colon-delimited list of kernel versions with -k mkinitrd_command_generator.sh: allow a colon-delimited list of kernel versions with -k setup.01.mkinitrd: simplify script by using -k with a version list ap/pamixer-1.4-x86_64-1.txz: Upgraded. d/python-2.7.16-x86_64-1.txz: Upgraded. Updated to the latest 2.7.x release, which fixes a few security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010 (* Security fix *) d/vala-0.42.6-x86_64-1.txz: Upgraded. l/gegl-0.4.14-x86_64-1.txz: Upgraded. l/libsecret-0.18.8-x86_64-1.txz: Upgraded. l/xapian-core-1.4.11-x86_64-1.txz: Upgraded. x/mkfontscale-1.2.0-x86_64-1.txz: Upgraded. x/xditview-1.0.5-x86_64-1.txz: Upgraded. x/xdm-1.1.12-x86_64-1.txz: Upgraded. --- source/x/x11/build/mkfontscale | 2 +- source/x/x11/build/xditview | 2 +- source/x/x11/build/xdm | 2 +- source/x/x11/configure/xdm | 16 ++ source/x/x11/patch/xdm.patch | 6 - .../patch/xdm/xdm-1.1.11-arc4random-include.patch | 18 -- .../xdm/xdm-1.1.11-setproctitle-include.patch | 37 ---- source/x/x11/patch/xdm/xdm-consolekit.patch | 187 ++++++++++----------- source/x/x11/patch/xdm/xdm.glibc.crypt.diff | 42 ----- source/x/x11/post-install/xdm/Xsession.orig | 63 +++++-- source/x/x11/post-install/xdm/Xsetup_0.orig | 1 - 11 files changed, 156 insertions(+), 220 deletions(-) create mode 100644 source/x/x11/configure/xdm delete mode 100644 source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch delete mode 100644 source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch delete mode 100644 source/x/x11/patch/xdm/xdm.glibc.crypt.diff (limited to 'source/x') diff --git a/source/x/x11/build/mkfontscale b/source/x/x11/build/mkfontscale index 0cfbf0888..d00491fd7 100644 --- a/source/x/x11/build/mkfontscale +++ b/source/x/x11/build/mkfontscale @@ -1 +1 @@ -2 +1 diff --git a/source/x/x11/build/xditview b/source/x/x11/build/xditview index 0cfbf0888..d00491fd7 100644 --- a/source/x/x11/build/xditview +++ b/source/x/x11/build/xditview @@ -1 +1 @@ -2 +1 diff --git a/source/x/x11/build/xdm b/source/x/x11/build/xdm index 45a4fb75d..d00491fd7 100644 --- a/source/x/x11/build/xdm +++ b/source/x/x11/build/xdm @@ -1 +1 @@ -8 +1 diff --git a/source/x/x11/configure/xdm b/source/x/x11/configure/xdm new file mode 100644 index 000000000..5b59838de --- /dev/null +++ b/source/x/x11/configure/xdm @@ -0,0 +1,16 @@ +# Regen due to consolekit patch affecting configure.ac: +autoreconf -vif + +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/source/x/x11/patch/xdm.patch b/source/x/x11/patch/xdm.patch index 37be22286..29875b41b 100644 --- a/source/x/x11/patch/xdm.patch +++ b/source/x/x11/patch/xdm.patch @@ -1,8 +1,2 @@ -zcat $CWD/patch/xdm/xdm.glibc.crypt.diff.gz | patch -p1 --verbose || \ - { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } -zcat $CWD/patch/xdm/xdm-1.1.11-arc4random-include.patch.gz | patch -p1 --verbose || \ - { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } -zcat $CWD/patch/xdm/xdm-1.1.11-setproctitle-include.patch.gz | patch -p1 --verbose || \ - { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } zcat $CWD/patch/xdm/xdm-consolekit.patch.gz | patch -p1 --verbose || \ { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch b/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch deleted file mode 100644 index db948094b..000000000 --- a/source/x/x11/patch/xdm/xdm-1.1.11-arc4random-include.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -ur a/xdm/genauth.c b/xdm/genauth.c ---- a/xdm/genauth.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/genauth.c 2014-01-06 16:28:09.664060603 +0100 -@@ -40,6 +40,14 @@ - - #include - -+#ifdef HAVE_ARC4RANDOM -+# ifdef __linux__ -+# include -+# else -+# include -+# endif -+#endif -+ - #include - #define Time_t time_t - diff --git a/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch b/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch deleted file mode 100644 index 0a3f32bbe..000000000 --- a/source/x/x11/patch/xdm/xdm-1.1.11-setproctitle-include.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff -ur a/xdm/choose.c b/xdm/choose.c ---- a/xdm/choose.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/choose.c 2014-01-06 16:33:09.628065364 +0100 -@@ -54,6 +54,14 @@ - # include - # endif - -+# ifdef HAVE_SETPROCTITLE -+# ifdef __linux__ -+# include -+# else -+# include -+# endif -+# endif -+ - # include - # define Time_t time_t - -diff -ur a/xdm/session.c b/xdm/session.c ---- a/xdm/session.c 2011-09-25 09:35:47.000000000 +0200 -+++ b/xdm/session.c 2014-01-06 16:40:57.508072789 +0100 -@@ -54,6 +54,15 @@ - # include - #endif - -+# ifdef HAVE_SETPROCTITLE -+# include -+# ifdef __linux__ -+# include -+# else -+# include -+# endif -+# endif -+ - #ifndef USE_PAM /* PAM modules should handle these */ - # ifdef SECURE_RPC - # include diff --git a/source/x/x11/patch/xdm/xdm-consolekit.patch b/source/x/x11/patch/xdm/xdm-consolekit.patch index fbacd36fc..d69b31a7a 100644 --- a/source/x/x11/patch/xdm/xdm-consolekit.patch +++ b/source/x/x11/patch/xdm/xdm-consolekit.patch @@ -1,14 +1,9 @@ -http://bugs.gentoo.org/360987 -http://projects.archlinux.org/svntogit/packages.git/plain/trunk/xdm-consolekit.patch?h=packages/xorg-xdm -http://lists.x.org/archives/xorg-devel/2011-February/019615.html -http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 - ---- a/configure.ac -+++ b/configure.ac -@@ -362,6 +362,20 @@ - - AM_CONDITIONAL(DYNAMIC_GREETER, test x$DYNAMIC_GREETER = xyes) - +--- ./configure.ac.orig 2019-03-02 16:06:13.000000000 -0600 ++++ ./configure.ac 2019-03-03 13:30:09.779278886 -0600 +@@ -395,6 +395,20 @@ + PKG_CHECK_MODULES(XLIB, x11) + PKG_CHECK_MODULES(AUTH, xau) + +# ConsoleKit support +AC_ARG_WITH(consolekit, AC_HELP_STRING([--with-consolekit], [Use ConsoleKit]), + [USE_CONSOLEKIT=$withval], [USE_CONSOLEKIT=yes]) @@ -24,26 +19,96 @@ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 +dnl AM_CONDITIONAL(USE_CONSOLEKIT, test$USE_CONSOLEKIT = xyes) + # - # XDM + # Greeter # ---- a/xdm/session.c -+++ b/xdm/session.c -@@ -66,6 +66,11 @@ +--- ./include/dm.h.orig 2019-03-02 16:06:13.000000000 -0600 ++++ ./include/dm.h 2019-03-03 13:30:09.788278885 -0600 +@@ -327,6 +327,9 @@ + extern char *prngdSocket; + extern int prngdPort; + # endif ++#ifdef USE_CONSOLEKIT ++extern int use_consolekit; ++#endif + + extern char *greeterLib; + extern char *willing; +--- ./man/xdm.man.orig 2019-03-02 16:06:13.000000000 -0600 ++++ ./man/xdm.man 2019-03-03 13:30:09.794278884 -0600 +@@ -48,6 +48,8 @@ + ] [ + .B \-session + .I session_program ++] [ ++.B \-noconsolekit + ] + .SH DESCRIPTION + .I Xdm +@@ -215,6 +217,10 @@ + .IP "\fB\-xrm\fP \fIresource_specification\fP" + Allows an arbitrary resource to be specified, as in most + X Toolkit applications. ++.IP "\fB\-noconsolekit\fP" ++Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP ++resource. ++This suppresses the session management using ConsoleKit. + .SH RESOURCES + At many stages the actions of + .I xdm +--- ./xdm/resource.c.orig 2019-03-02 16:06:13.000000000 -0600 ++++ ./xdm/resource.c 2019-03-03 13:30:09.792278885 -0600 +@@ -65,6 +65,9 @@ + char *prngdSocket; + int prngdPort; #endif ++#ifdef USE_CONSOLEKIT ++int use_consolekit; ++#endif + + char *greeterLib; + char *willing; +@@ -192,6 +195,10 @@ + "false"} , + { "willing", "Willing", DM_STRING, &willing, + ""} , ++#ifdef USE_CONSOLEKIT ++{ "consoleKit", "ConsoleKit", DM_BOOL, (char **) &use_consolekit, ++ "true"} , ++#endif + }; + + #define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0]) +@@ -377,7 +384,11 @@ + {"-debug", "*debugLevel", XrmoptionSepArg, (caddr_t) NULL }, + {"-xrm", NULL, XrmoptionResArg, (caddr_t) NULL }, + {"-daemon", ".daemonMode", XrmoptionNoArg, "true" }, +-{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" } ++{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" }, ++#ifdef USE_CONSOLEKIT ++{"-consolekit", ".consoleKit", XrmoptionNoArg, "true" }, ++{"-noconsolekit", ".consoleKit", XrmoptionNoArg, "false" } ++#endif + }; + + static int originalArgc; +--- ./xdm/session.c.orig 2019-03-02 16:06:13.000000000 -0600 ++++ ./xdm/session.c 2019-03-03 13:31:17.126272595 -0600 +@@ -73,6 +73,11 @@ + # endif #endif /* USE_PAM */ - + +#ifdef USE_CONSOLEKIT +#include +#include +#endif + - #ifdef __SCO__ - #include - #endif -@@ -472,6 +477,97 @@ + #ifdef USE_SELINUX + #include + #include +@@ -523,6 +528,97 @@ } } - + +#ifdef USE_CONSOLEKIT + +static CkConnector *connector; @@ -138,16 +203,16 @@ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 void SessionExit (struct display *d, int status, int removeAuth) { -@@ -486,6 +580,8 @@ +@@ -537,6 +633,8 @@ } #endif - + + closeCKSession(); + /* make sure the server gets reset after the session is over */ if (d->serverPid >= 2 && d->resetSignal) - kill (d->serverPid, d->resetSignal); -@@ -568,6 +664,10 @@ + kill (d->serverPid, d->resetSignal); +@@ -614,6 +712,10 @@ #ifdef USE_PAM if (pamh) pam_open_session(pamh, 0); #endif @@ -157,74 +222,4 @@ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615020 + switch (pid = fork ()) { case 0: - CleanUpChild (); ---- a/include/dm.h -+++ b/include/dm.h -@@ -325,6 +325,9 @@ - extern char *prngdSocket; - extern int prngdPort; - # endif -+#ifdef USE_CONSOLEKIT -+extern int use_consolekit; -+#endif - - extern char *greeterLib; - extern char *willing; ---- a/xdm/resource.c -+++ b/xdm/resource.c -@@ -68,6 +68,9 @@ - char *prngdSocket; - int prngdPort; - #endif -+#ifdef USE_CONSOLEKIT -+int use_consolekit; -+#endif - - char *greeterLib; - char *willing; -@@ -258,6 +261,10 @@ - "false"} , - { "willing", "Willing", DM_STRING, &willing, - ""} , -+#ifdef USE_CONSOLEKIT -+{ "consoleKit", "ConsoleKit", DM_BOOL, (char **) &use_consolekit, -+ "true"} , -+#endif - }; - - # define NUM_DM_RESOURCES (sizeof DmResources / sizeof DmResources[0]) -@@ -440,7 +447,11 @@ - {"-debug", "*debugLevel", XrmoptionSepArg, (caddr_t) NULL }, - {"-xrm", NULL, XrmoptionResArg, (caddr_t) NULL }, - {"-daemon", ".daemonMode", XrmoptionNoArg, "true" }, --{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" } -+{"-nodaemon", ".daemonMode", XrmoptionNoArg, "false" }, -+#ifdef USE_CONSOLEKIT -+{"-consolekit", ".consoleKit", XrmoptionNoArg, "true" }, -+{"-noconsolekit", ".consoleKit", XrmoptionNoArg, "false" } -+#endif - }; - - static int originalArgc; ---- a/man/xdm.man -+++ b/man/xdm.man -@@ -51,6 +51,8 @@ - ] [ - .B \-session - .I session_program -+] [ -+.B \-noconsolekit - ] - .SH DESCRIPTION - .I Xdm -@@ -218,6 +220,10 @@ - .IP "\fB\-xrm\fP \fIresource_specification\fP" - Allows an arbitrary resource to be specified, as in most - X Toolkit applications. -+.IP "\fB\-noconsolekit\fP" -+Specifies ``false'' as the value for the \fBDisplayManager.consoleKit\fP -+resource. -+This suppresses the session management using ConsoleKit. - .SH RESOURCES - At many stages the actions of - .I xdm + CleanUpChild (); diff --git a/source/x/x11/patch/xdm/xdm.glibc.crypt.diff b/source/x/x11/patch/xdm/xdm.glibc.crypt.diff deleted file mode 100644 index 076df37dc..000000000 --- a/source/x/x11/patch/xdm/xdm.glibc.crypt.diff +++ /dev/null @@ -1,42 +0,0 @@ -From 8d1eb5c74413e4c9a21f689fc106949b121c0117 Mon Sep 17 00:00:00 2001 -From: mancha -Date: Wed, 22 May 2013 14:20:26 +0000 -Subject: Handle NULL returns from glibc 2.17+ crypt(). - -Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL -(w/ NULL return) if the salt violates specifications. Additionally, -on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords -passed to crypt() fail with EPERM (w/ NULL return). - -If using glibc's crypt(), check return value to avoid a possible -NULL pointer dereference. - -Reviewed-by: Matthieu Herrb -Signed-off-by: Alan Coopersmith ---- -diff --git a/greeter/verify.c b/greeter/verify.c -index db3cb7d..b009e2b 100644 ---- a/greeter/verify.c -+++ b/greeter/verify.c -@@ -329,6 +329,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - struct spwd *sp; - # endif - char *user_pass = NULL; -+ char *crypted_pass = NULL; - # endif - # ifdef __OpenBSD__ - char *s; -@@ -464,7 +465,9 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - # if defined(ultrix) || defined(__ultrix__) - if (authenticate_user(p, greet->password, NULL) < 0) - # else -- if (strcmp (crypt (greet->password, user_pass), user_pass)) -+ crypted_pass = crypt (greet->password, user_pass); -+ if ((crypted_pass == NULL) -+ || (strcmp (crypted_pass, user_pass))) - # endif - { - if(!greet->allow_null_passwd || strlen(p->pw_passwd) > 0) { --- -cgit v0.9.0.2-2-gbebe - diff --git a/source/x/x11/post-install/xdm/Xsession.orig b/source/x/x11/post-install/xdm/Xsession.orig index 993e7418d..6b9130e4f 100755 --- a/source/x/x11/post-install/xdm/Xsession.orig +++ b/source/x/x11/post-install/xdm/Xsession.orig @@ -1,37 +1,66 @@ #!/bin/sh -# $XConsortium: Xsession /main/10 1995/12/18 18:21:28 gildea $ # -# -# $XFree86: xc/programs/xdm/config/Xsession,v 1.2 1998/01/11 03:48:32 dawes Exp $ # redirect errors to a file in user's home directory if we can -for errfile in "$HOME/.xsession-errors" "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER" -do - if ( cp /dev/null "$errfile" 2> /dev/null ) - then - chmod 600 "$errfile" - exec > "$errfile" 2>&1 - break - fi -done + +errfile="$HOME/.xsession-errors" +if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null ) +then + exec > "$errfile" 2>&1 +else + mktemp="/usr/bin/mktemp" + if [ "x$mktemp" != "x" -a -x "$mktemp" ] + then + for errfile in "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER" + do + if ef="$( umask 077 && $mktemp "$errfile.XXXXXX" 2> /dev/null)" + then + exec > "$ef" 2>&1 + mv "$ef" "$errfile" 2> /dev/null + break + fi + done + else +# Since this system doesn't have a mktemp command to allow secure +# creation of files in shared directories, no fallback error log +# is being used. See https://bugs.freedesktop.org/show_bug.cgi?id=5898 +# +# for errfile in "${TMPDIR-/tmp}/xses-$USER" "/tmp/xses-$USER" +# do +# if ( umask 077 && cp /dev/null "$errfile" 2> /dev/null ) +# then +# exec > "$errfile" 2>&1 +# break +# fi +# done + + exec > /dev/null 2>&1 + fi +fi case $# in 1) case $1 in failsafe) - exec xterm -geometry 80x24-0-0 + exec /usr/bin/xterm -geometry 80x24-0-0 ;; esac esac +# The startup script is not intended to have arguments. + startup=$HOME/.xsession resources=$HOME/.Xresources -if [ -s "$startup" -a -x "$startup" ]; then - exec "$startup" +if [ -s "$startup" ]; then + if [ -x "$startup" ]; then + exec "$startup" + else + exec /bin/sh "$startup" + fi else if [ -r "$resources" ]; then - xrdb -load "$resources" + /usr/bin/xrdb -load "$resources" fi - exec xsm + exec /usr/bin/xsm fi diff --git a/source/x/x11/post-install/xdm/Xsetup_0.orig b/source/x/x11/post-install/xdm/Xsetup_0.orig index 8e30694f2..29d7aa4f0 100755 --- a/source/x/x11/post-install/xdm/Xsetup_0.orig +++ b/source/x/x11/post-install/xdm/Xsetup_0.orig @@ -1,3 +1,2 @@ #!/bin/sh -# $Xorg: Xsetup_0,v 1.3 2000/08/17 19:54:17 cpqbld Exp $ xconsole -geometry 480x130-0-0 -daemon -notify -verbose -fn fixed -exitOnFail -- cgit v1.2.3-65-gdbad