packages/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2020-17489

Browse Source
This commit is contained in:
wang_yue111 2021-03-30 16:06:58 +08:00
parent 377246148c
commit 569bdb144e
4 changed files with 397 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

265
CVE-2020-17489-pre1.patch Normal file
View File

@ -0,0 +1,265 @@
From e2f0647091b2475f78c0a52c0acef5f1be4d52d9 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 30 Mar 2021 14:42:11 +0800
Subject: [PATCH] cleanup: Use arrow functions for tweener callbacks
While it is legal to use method syntax for the function properties
here, arrow notation is less unexpected and allows us to drop the
separate scope properties.
https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/608
---
js/gdm/authPrompt.js | 3 +--
js/gdm/loginDialog.js | 16 ++++++----------
js/ui/dnd.js | 5 ++---
js/ui/messageList.js | 3 +--
js/ui/panel.js | 8 +++-----
js/ui/popupMenu.js | 12 ++++--------
js/ui/screenShield.js | 15 ++++++---------
js/ui/workspaceSwitcherPopup.js | 3 +--
js/ui/workspaceThumbnail.js | 5 ++---
9 files changed, 26 insertions(+), 44 deletions(-)
diff --git a/js/gdm/authPrompt.js b/js/gdm/authPrompt.js
index a0a4a21..a6a0374 100644
--- a/js/gdm/authPrompt.js
+++ b/js/gdm/authPrompt.js
@@ -302,8 +302,7 @@ var AuthPrompt = new Lang.Class({
time: DEFAULT_BUTTON_WELL_ANIMATION_TIME,
delay: DEFAULT_BUTTON_WELL_ANIMATION_DELAY,
transition: 'linear',
- onCompleteScope: this,
- onComplete() {
+ onComplete: () => {
if (wasSpinner) {
if (this._spinner)
this._spinner.stop();
diff --git a/js/gdm/loginDialog.js b/js/gdm/loginDialog.js
index bf79677..0e0001f 100644
--- a/js/gdm/loginDialog.js
+++ b/js/gdm/loginDialog.js
@@ -926,7 +926,7 @@ var LoginDialog = new Lang.Class({
{ opacity: 255,
time: _FADE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onUpdate() {
+ onUpdate: () => {
let children = Main.layoutManager.uiGroup.get_children();
for (let i = 0; i < children.length; i++) {
@@ -934,12 +934,10 @@ var LoginDialog = new Lang.Class({
children[i].opacity = this.actor.opacity;
}
},
- onUpdateScope: this,
- onComplete() {
+ onComplete: () => {
if (this._authPrompt.verificationStatus != AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
this._authPrompt.reset();
- },
- onCompleteScope: this });
+ } });
},
_gotGreeterSessionProxy(proxy) {
@@ -956,7 +954,7 @@ var LoginDialog = new Lang.Class({
{ opacity: 0,
time: _FADE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onUpdate() {
+ onUpdate: () => {
let children = Main.layoutManager.uiGroup.get_children();
for (let i = 0; i < children.length; i++) {
@@ -964,11 +962,9 @@ var LoginDialog = new Lang.Class({
children[i].opacity = this.actor.opacity;
}
},
- onUpdateScope: this,
- onComplete() {
+ onComplete: () => {
this._greeter.call_start_session_when_ready_sync(serviceName, true, null);
- },
- onCompleteScope: this });
+ } });
},
_onSessionOpened(client, serviceName) {
diff --git a/js/ui/dnd.js b/js/ui/dnd.js
index 8483e89..83778e0 100644
--- a/js/ui/dnd.js
+++ b/js/ui/dnd.js
@@ -385,14 +385,13 @@ var _Draggable = new Lang.Class({
scale_y: scale * origScale,
time: SCALE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onUpdate() {
+ onUpdate: () => {
let currentScale = this._dragActor.scale_x / origScale;
this._dragOffsetX = currentScale * origDragOffsetX;
this._dragOffsetY = currentScale * origDragOffsetY;
this._dragActor.set_position(this._dragX + this._dragOffsetX,
this._dragY + this._dragOffsetY);
- },
- onUpdateScope: this });
+ } });
}
}
},
diff --git a/js/ui/messageList.js b/js/ui/messageList.js
index 547135a..91670ba 100644
--- a/js/ui/messageList.js
+++ b/js/ui/messageList.js
@@ -483,8 +483,7 @@ var Message = new Lang.Class({
{ scale_y: 0,
time: MessageTray.ANIMATION_TIME,
transition: 'easeOutQuad',
- onCompleteScope: this,
- onComplete() {
+ onComplete: () => {
this._actionBin.hide();
this.expanded = false;
}});
diff --git a/js/ui/panel.js b/js/ui/panel.js
index 3726b84..318ca52 100644
--- a/js/ui/panel.js
+++ b/js/ui/panel.js
@@ -174,10 +174,9 @@ var AppMenuButton = new Lang.Class({
{ opacity: 0,
time: Overview.ANIMATION_TIME,
transition: 'easeOutQuad',
- onComplete() {
+ onComplete: () => {
this.actor.hide();
- },
- onCompleteScope: this });
+ } });
},
_onStyleChanged(actor) {
@@ -219,8 +218,7 @@ var AppMenuButton = new Lang.Class({
{ opacity: 0,
time: SPINNER_ANIMATION_TIME,
transition: "easeOutQuad",
- onCompleteScope: this,
- onComplete() {
+ onComplete: () => {
this._spinner.stop();
this._spinner.actor.opacity = 255;
this._spinner.actor.hide();
diff --git a/js/ui/popupMenu.js b/js/ui/popupMenu.js
index f449d6e..3d92a1a 100644
--- a/js/ui/popupMenu.js
+++ b/js/ui/popupMenu.js
@@ -1004,12 +1004,10 @@ var PopupSubMenu = new Lang.Class({
{ _arrowRotation: targetAngle,
height: naturalHeight,
time: 0.25,
- onUpdateScope: this,
- onUpdate() {
+ onUpdate: () => {
this._arrow.rotation_angle_z = this.actor._arrowRotation;
},
- onCompleteScope: this,
- onComplete() {
+ onComplete: () => {
this.actor.set_height(-1);
}
});
@@ -1037,12 +1035,10 @@ var PopupSubMenu = new Lang.Class({
{ _arrowRotation: 0,
height: 0,
time: 0.25,
- onUpdateScope: this,
- onUpdate() {
+ onUpdate: () => {
this._arrow.rotation_angle_z = this.actor._arrowRotation;
},
- onCompleteScope: this,
- onComplete() {
+ onComplete: () => {
this.actor.hide();
this.actor.set_height(-1);
},
diff --git a/js/ui/screenShield.js b/js/ui/screenShield.js
index dee290b..72d1317 100644
--- a/js/ui/screenShield.js
+++ b/js/ui/screenShield.js
@@ -265,11 +265,10 @@ var NotificationsBox = new Lang.Class({
{ height: natHeight,
transition: 'easeOutQuad',
time: 0.25,
- onComplete() {
+ onComplete: () => {
this._scrollView.vscrollbar_policy = Gtk.PolicyType.AUTOMATIC;
widget.set_height(-1);
- },
- onCompleteScope: this
+ }
});
this._updateVisibility();
@@ -795,11 +794,10 @@ var ScreenShield = new Lang.Class({
{ y: 0,
time: time,
transition: 'easeInQuad',
- onComplete() {
+ onComplete: () => {
this._lockScreenGroup.fixed_position_set = false;
this._lockScreenState = MessageTray.State.SHOWN;
- },
- onCompleteScope: this,
+ }
});
this._maybeCancelDialog();
@@ -1020,11 +1018,10 @@ var ScreenShield = new Lang.Class({
{ y: 0,
time: MANUAL_FADE_TIME,
transition: 'easeOutQuad',
- onComplete() {
+ onComplete: () => {
this._lockScreenShown({ fadeToBlack: fadeToBlack,
animateFade: true });
- },
- onCompleteScope: this
+ }
});
} else {
this._lockScreenGroup.fixed_position_set = false;
diff --git a/js/ui/workspaceSwitcherPopup.js b/js/ui/workspaceSwitcherPopup.js
index 351a907..49caabc 100644
--- a/js/ui/workspaceSwitcherPopup.js
+++ b/js/ui/workspaceSwitcherPopup.js
@@ -159,8 +159,7 @@ var WorkspaceSwitcherPopup = new Lang.Class({
Tweener.addTween(this._container, { opacity: 0.0,
time: ANIMATION_TIME,
transition: 'easeOutQuad',
- onComplete() { this.destroy(); },
- onCompleteScope: this
+ onComplete: () => this.destroy()
});
return GLib.SOURCE_REMOVE;
},
diff --git a/js/ui/workspaceThumbnail.js b/js/ui/workspaceThumbnail.js
index 76a7416..dc1a749 100644
--- a/js/ui/workspaceThumbnail.js
+++ b/js/ui/workspaceThumbnail.js
@@ -1347,11 +1347,10 @@ var ThumbnailsBox = new Lang.Class({
{ indicatorY: thumbnail.actor.allocation.y1,
time: WorkspacesView.WORKSPACE_SWITCH_TIME,
transition: 'easeOutQuad',
- onComplete() {
+ onComplete: () => {
this._animatingIndicator = false;
this._queueUpdateStates();
- },
- onCompleteScope: this
+ }
});
}
});
--
2.23.0

81
CVE-2020-17489-pre2.patch Normal file
View File

@ -0,0 +1,81 @@
From 7e4e3c19d010b8204f89703706c605a97153a60a Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 30 Mar 2021 14:56:46 +0800
Subject: [PATCH] loginDialog: Use GObject bindings over onUpdate handler
Instead of iterating over all actors each frame and sync'ing their
opacities, we can set up bindings once before the animation.
https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/654
---
js/gdm/loginDialog.js | 30 ++++++++++++++----------------
1 file changed, 14 insertions(+), 16 deletions(-)
diff --git a/js/gdm/loginDialog.js b/js/gdm/loginDialog.js
index faecff8..29954f7 100644
--- a/js/gdm/loginDialog.js
+++ b/js/gdm/loginDialog.js
@@ -918,25 +918,29 @@ var LoginDialog = new Lang.Class({
this._showPrompt();
},
+ _bindOpacity() {
+ this._bindings = Main.layoutManager.uiGroup.get_children()
+ .filter(c => c != Main.layoutManager.screenShieldGroup)
+ .map(c => this.bind_property('opacity', c, 'opacity', 0));
+ },
+
+ _unbindOpacity() {
+ this._bindings.forEach(b => b.unbind());
+ },
+
_loginScreenSessionActivated() {
if (this.actor.opacity == 255 && this._authPrompt.verificationStatus == AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
return;
+ this._bindOpacity();
Tweener.addTween(this.actor,
{ opacity: 255,
time: _FADE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onUpdate: () => {
- let children = Main.layoutManager.uiGroup.get_children();
-
- for (let i = 0; i < children.length; i++) {
- if (children[i] != Main.layoutManager.screenShieldGroup)
- children[i].opacity = this.actor.opacity;
- }
- },
onComplete: () => {
if (this._authPrompt.verificationStatus != AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
this._authPrompt.reset();
+ this._unbindOpacity();
} });
},
@@ -950,20 +954,14 @@ var LoginDialog = new Lang.Class({
},
_startSession(serviceName) {
+ this._bindOpacity();
Tweener.addTween(this.actor,
{ opacity: 0,
time: _FADE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onUpdate: () => {
- let children = Main.layoutManager.uiGroup.get_children();
-
- for (let i = 0; i < children.length; i++) {
- if (children[i] != Main.layoutManager.screenShieldGroup)
- children[i].opacity = this.actor.opacity;
- }
- },
onComplete: () => {
this._greeter.call_start_session_when_ready_sync(serviceName, true, null);
+ this._unbindOpacity();
} });
},
--
2.23.0

44
CVE-2020-17489.patch Normal file
View File

@ -0,0 +1,44 @@
From b0d6742bcdba59991fbf0b31c6c670db7939cfa7 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Tue, 30 Mar 2021 15:35:52 +0800
Subject: [PATCH] cleanup: Port GObject classes to JS6 classes
GJS added API for defining GObject classes with ES6 class syntax
last cycle, use it to port the remaining Lang.Class classes to
the new syntax.
https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/361
---
js/gdm/loginDialog.js | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/js/gdm/loginDialog.js b/js/gdm/loginDialog.js
index 29954f7..2f89140 100644
--- a/js/gdm/loginDialog.js
+++ b/js/gdm/loginDialog.js
@@ -931,17 +931,16 @@ var LoginDialog = new Lang.Class({
_loginScreenSessionActivated() {
if (this.actor.opacity == 255 && this._authPrompt.verificationStatus == AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
return;
+ if (this._authPrompt.verificationStatus !== AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
+ this._authPrompt.reset();
this._bindOpacity();
Tweener.addTween(this.actor,
{ opacity: 255,
time: _FADE_ANIMATION_TIME,
transition: 'easeOutQuad',
- onComplete: () => {
- if (this._authPrompt.verificationStatus != AuthPrompt.AuthPromptStatus.NOT_VERIFYING)
- this._authPrompt.reset();
- this._unbindOpacity();
- } });
+ onComplete: () => this._unbindOpacity(),
+ });
},
_gotGreeterSessionProxy(proxy) {
--
2.23.0

8
gnome-shell.spec
View File

@ -1,6 +1,6 @@
Name: gnome-shell
Version: 3.30.1
Release: 6
Release: 7
Summary: Core user interface functions for the GNOME 3 desktop
Group: User Interface/Desktops
License: GPLv2+
@ -12,6 +12,9 @@ Patch2: 0001-endSessionDialog-Immediately-add-buttons-to-the-dial.patch
Patch3: 0002-endSessionDialog-Support-rebooting-into-the-bootload.patch
Patch4: 0001-keyboardManager-Avoid-idempotent-calls-to-meta_backe.patch
Patch5: 0001-Include-the-libcroco-sources-directly-under-src-st-c.patch
Patch6: CVE-2020-17489-pre1.patch
Patch7: CVE-2020-17489-pre2.patch
Patch8: CVE-2020-17489.patch
BuildRequires: meson git ibus-devel chrpath dbus-glib-devel desktop-file-utils
BuildRequires: evolution-data-server-devel gcr-devel gjs-devel glib2-devel
@ -121,6 +124,9 @@ glib-compile-schemas --allow-any-name %{_datadir}/glib-2.0/schemas &> /dev/null
%{_mandir}/man1/%{name}.1.gz
%changelog
* Tue Mar 30 2021 wangyue<wangyue92@huawei.com> - 3.30.1-7
- fix CVE-2020-17489
* Thu Dec 03 2020 wangxiao<wangxia65@huawei.com> -3.30.1-6
- move the libcroco sources directly under src/st
remove the libcroco dependency from the meson.build files