From 92d014e57255fa5975bd8bd8c8f5ba20be00e209 Mon Sep 17 00:00:00 2001 From: Ray Strode Date: Mar 28 2008 14:23:23 +0000 Subject: - Address CVE-2007-6389 (bug 426170) --- diff --git a/gnome-screensaver-2.20-clear-clipboard.patch b/gnome-screensaver-2.20-clear-clipboard.patch new file mode 100644 index 0000000..52b97fc --- /dev/null +++ b/gnome-screensaver-2.20-clear-clipboard.patch @@ -0,0 +1,33 @@ +--- gnome-screensaver-2.20/src/gs-lock-plug.c (revision 1336) ++++ gnome-screensaver-2.20/src/gs-lock-plug.c (revision 1337) +@@ -1563,6 +1563,19 @@ delete_handler (GSLockPlug *plug, + return TRUE; /* Do not destroy */ + } + ++static void ++clear_clipboards (GSLockPlug *plug) ++{ ++ GtkClipboard *clipboard; ++ ++ clipboard = gtk_widget_get_clipboard (GTK_WIDGET (plug), GDK_SELECTION_PRIMARY); ++ gtk_clipboard_clear (clipboard); ++ gtk_clipboard_set_text (clipboard, "", -1); ++ clipboard = gtk_widget_get_clipboard (GTK_WIDGET (plug), GDK_SELECTION_CLIPBOARD); ++ gtk_clipboard_clear (clipboard); ++ gtk_clipboard_set_text (clipboard, "", -1); ++} ++ + #define INVISIBLE_CHAR_DEFAULT '*' + #define INVISIBLE_CHAR_BLACK_CIRCLE 0x25cf + #define INVISIBLE_CHAR_WHITE_BULLET 0x25e6 +@@ -1578,6 +1591,8 @@ gs_lock_plug_init (GSLockPlug *plug) + + plug->priv = GS_LOCK_PLUG_GET_PRIVATE (plug); + ++ clear_clipboards (plug); ++ + #ifdef WITH_LIBNOTIFY + plug->priv->leave_note_enabled = TRUE; + #else + + diff --git a/gnome-screensaver.spec b/gnome-screensaver.spec index 33034c8..e30eabd 100644 --- a/gnome-screensaver.spec +++ b/gnome-screensaver.spec @@ -13,7 +13,7 @@ Summary: GNOME Screensaver Name: gnome-screensaver Version: 2.20.0 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2+ Group: Amusements/Graphics Source0: http://download.gnome.org/sources/gnome-screensaver/2.20/%{name}-%{version}.tar.bz2 @@ -27,6 +27,7 @@ Patch5: stupid-bullets.patch Patch6: gnome-screensaver-2.20.0-restore-gamma.patch Patch7: gnome-screensaver-2.20.0-blank-by-default.patch Patch8: gnome-screensaver-2.20.0-selinux-permit.patch +Patch9: gnome-screensaver-2.20-clear-clipboard.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) URL: http://www.gnome.org @@ -83,6 +84,7 @@ simple, sane, secure defaults and be well integrated with the desktop. %patch6 -p1 -b .restore-gamma %patch7 -p1 -b .blank-by-default %patch8 -p1 -b .selinux-permit +%patch9 -p1 -b .clear-clipboard %build # grr, autoreconf seems to break with intltool 0.36.0, unless @@ -148,6 +150,9 @@ fi %{_sysconfdir}/pam.d/* %changelog +* Fri Mar 28 2008 Ray Strode - 2.20.0-11 +- Address CVE-2007-6389 (bug 426170) + * Mon Nov 12 2007 Dan Walsh - 2.20.0-10 - Add pam_selinux_permit to pam config so that xguest will work properly