diff --git a/slim-1.3.1-fix-debian-secfix.patch b/slim-1.3.1-fix-debian-secfix.patch new file mode 100644 index 0000000..5c6724c --- /dev/null +++ b/slim-1.3.1-fix-debian-secfix.patch @@ -0,0 +1,64 @@ +Index: slim-1.3.1/switchuser.cpp +=================================================================== +--- slim-1.3.1.orig/switchuser.cpp ++++ slim-1.3.1/switchuser.cpp +@@ -54,10 +54,8 @@ void SwitchUser::Execute(const char* cmd + } + + void SwitchUser::SetClientAuth(const char* mcookie) { +- bool r; + string home = string(Pw->pw_dir); + string authfile = home + "/.Xauthority"; +- remove(authfile.c_str()); +- r = Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"), +- authfile); ++ string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie; ++ system(cmd.c_str()); + } +Index: slim-1.3.1/app.cpp +=================================================================== +--- slim-1.3.1.orig/app.cpp ++++ slim-1.3.1/app.cpp +@@ -1190,8 +1190,8 @@ void App::CreateServerAuth() { + authfile = cfg->getOption("authfile"); + remove(authfile.c_str()); + putenv(StrConcat("XAUTHORITY=", authfile.c_str())); +- Util::add_mcookie(mcookie, ":0", cfg->getOption("xauth_path"), +- authfile); ++ string cmd = cfg->getOption("xauth_path") + " -q -f " + authfile + " add :0 . " + mcookie; ++ system(cmd.c_str()); + } + + char* App::StrConcat(const char* str1, const char* str2) { +Index: slim-1.3.1/util.cpp +=================================================================== +--- slim-1.3.1.orig/util.cpp ++++ slim-1.3.1/util.cpp +@@ -17,27 +17,6 @@ + #include "util.h" + + /* +- * Adds the given cookie to the specified Xauthority file. +- * Returns true on success, false on fault. +- */ +-bool Util::add_mcookie(const std::string &mcookie, const char *display, +- const std::string &xauth_cmd, const std::string &authfile) +-{ +- FILE *fp; +- std::string cmd = xauth_cmd + " -f " + authfile + " -q"; +- +- fp = popen(cmd.c_str(), "w"); +- if (!fp) +- return false; +- fprintf(fp, "remove %s\n", display); +- fprintf(fp, "add %s %s %s\n", display, ".", mcookie.c_str()); +- fprintf(fp, "exit\n"); +- +- pclose(fp); +- return true; +-} +- +-/* + * Interface for random number generator. Just now it uses ordinary + * random/srandom routines and serves as a wrapper for them. + */ diff --git a/slim.spec b/slim.spec index f38268c..b6b8a56 100644 --- a/slim.spec +++ b/slim.spec @@ -1,6 +1,6 @@ Name: slim Version: 1.3.1 -Release: 9%{?dist} +Release: 10%{?dist} Summary: Simple Login Manager Group: User Interface/X @@ -27,6 +27,8 @@ Patch7: slim-1.3.1-CVE-2009-1756.patch # This one is from Debian, too Patch8: slim-1.3.1-fix-insecure-mcookie-generation.patch Patch9: slim-1.3.1-gcc44.patch +# Fix weirdness introduced in patch 7 +Patch10: slim-1.3.1-fix-debian-secfix.patch BuildRequires: libXmu-devel libXft-devel libXrender-devel BuildRequires: libpng-devel libjpeg-devel freetype-devel fontconfig-devel @@ -64,6 +66,7 @@ before launching slim. %patch7 -p1 -b .CVE-2009-1756 %patch8 -p1 -b .mcookie %patch9 -p1 -b .gcc44again +%patch10 -p1 -b .fixdebpatch cp -p %{SOURCE3} README.Fedora %build @@ -115,6 +118,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Tue Feb 02 2010 Lorenzo Villani - 1.3.1-10 +- Fix bz#552491 +- Patch to fix Debian patch (patch n. 7) + * Tue Dec 22 2009 Lorenzo Villani - 1.3.1-9 - Fix CVE-2009-1756 (bugzilla: 544024) - Fix MIT insecure cookie generation (patch from Debian)