diff options
author | Treeve Jelbert | 2019-03-03 08:40:44 +0100 |
---|---|---|
committer | Treeve Jelbert | 2019-03-03 08:46:13 +0100 |
commit | 6f03ad61af9bb475ccaf3550f6dd917e0ae38f75 (patch) | |
tree | cca4a997457a279724b431dd60f72152f96be5de /xorg-app | |
parent | 04f8bcec5bb8543d691a71cc8982b9c84551402f (diff) |
xdm: => 1.1.12
delete cve patch
Diffstat (limited to 'xorg-app')
-rwxr-xr-x | xorg-app/xdm/DETAILS | 11 | ||||
-rw-r--r-- | xorg-app/xdm/HISTORY | 5 | ||||
-rwxr-xr-x | xorg-app/xdm/PRE_BUILD | 1 | ||||
-rw-r--r-- | xorg-app/xdm/xdm-1.1.11-cve-2013-2179.patch | 41 |
4 files changed, 12 insertions, 46 deletions
diff --git a/xorg-app/xdm/DETAILS b/xorg-app/xdm/DETAILS index 0196d92448..455155615a 100755 --- a/xorg-app/xdm/DETAILS +++ b/xorg-app/xdm/DETAILS @@ -1,12 +1,15 @@ SPELL=xdm - VERSION=1.1.11 + VERSION=1.1.12 PATCHLEVEL=1 SOURCE=$SPELL-$VERSION.tar.bz2 - SOURCE_URL[0]=http://xorg.freedesktop.org/releases/individual/app/${SOURCE} - SOURCE_HASH=sha512:fe6f2b7817c0f7f07a1f5f497edcdfa15b93986fd87f314daa472dac8625327ef46ebbf40d27fe8d4a8a2f8d5af8a01c4438a29356740e0eb350f2bd0c7ec0d5 + SOURCE_URL[0]=https://xorg.freedesktop.org/releases/individual/app/${SOURCE} + SOURCE2=$SOURCE.sig + SOURCE2_URL[0]=${SOURCE_URL[0]}.sig + SOURCE_GPG=xorg.gpg:$SOURCE.sig:UPSTREAM_KEY + SOURCE2_IGNORE=signature SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION LICENSE[0]=XCL - WEB_SITE=http://xorg.freedesktop.org/wiki + WEB_SITE=https://xorg.freedesktop.org/wiki ENTERED=20051125 SHORT="The X Display Manager" cat << EOF diff --git a/xorg-app/xdm/HISTORY b/xorg-app/xdm/HISTORY index 4f4ff73ee3..d6c79fc342 100644 --- a/xorg-app/xdm/HISTORY +++ b/xorg-app/xdm/HISTORY @@ -1,3 +1,8 @@ +2019-03-03 Treeve Jelbert <treeve@sourcemage.org> + * DETAILS: version 1.1.12 + * DETAILS: add gpg checking + * PRE_BUILD, xdm-1.1.11-cve-2013-2179.patch: patch now integrated + 2018-08-21 Florian Franzmann <siflfran@hawo.stw.uni-erlangen.de> * DEPENDS: add dependency on font-misc-misc diff --git a/xorg-app/xdm/PRE_BUILD b/xorg-app/xdm/PRE_BUILD index 258c0f695e..2680a1442c 100755 --- a/xorg-app/xdm/PRE_BUILD +++ b/xorg-app/xdm/PRE_BUILD @@ -2,7 +2,6 @@ default_pre_build && cd "${SOURCE_DIRECTORY}" && patch -p1 < "${SPELL_DIRECTORY}/0001-use-X-s-default-authentication-mechanism-instead-of-.patch" && -patch -p1 < "${SPELL_DIRECTORY}/xdm-1.1.11-cve-2013-2179.patch" && if [[ $XDM_XCONSOLE == "n" ]]; then patch -p1 < "$SPELL_DIRECTORY/0001-do-not-start-xconsole.patch" diff --git a/xorg-app/xdm/xdm-1.1.11-cve-2013-2179.patch b/xorg-app/xdm/xdm-1.1.11-cve-2013-2179.patch deleted file mode 100644 index 34ae7ceb3c..0000000000 --- a/xorg-app/xdm/xdm-1.1.11-cve-2013-2179.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 8d1eb5c74413e4c9a21f689fc106949b121c0117 Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@hush.com> -Date: Wed, 22 May 2013 14:20:26 +0000 -Subject: Handle NULL returns from glibc 2.17+ crypt(). - -Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL -(w/ NULL return) if the salt violates specifications. Additionally, -on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords -passed to crypt() fail with EPERM (w/ NULL return). - -If using glibc's crypt(), check return value to avoid a possible -NULL pointer dereference. - -Reviewed-by: Matthieu Herrb <matthieu@herrb.eu> -Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> ---- -diff --git a/greeter/verify.c b/greeter/verify.c -index db3cb7d..b009e2b 100644 ---- a/greeter/verify.c -+++ b/greeter/verify.c -@@ -329,6 +329,7 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - struct spwd *sp; - # endif - char *user_pass = NULL; -+ char *crypted_pass = NULL; - # endif - # ifdef __OpenBSD__ - char *s; -@@ -464,7 +465,9 @@ Verify (struct display *d, struct greet_info *greet, struct verify_info *verify) - # if defined(ultrix) || defined(__ultrix__) - if (authenticate_user(p, greet->password, NULL) < 0) - # else -- if (strcmp (crypt (greet->password, user_pass), user_pass)) -+ crypted_pass = crypt (greet->password, user_pass); -+ if ((crypted_pass == NULL) -+ || (strcmp (crypted_pass, user_pass))) - # endif - { - if(!greet->allow_null_passwd || strlen(p->pw_passwd) > 0) { --- -cgit v0.9.0.2-2-gbebe |