From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60806) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d88YQ-0007zW-Kb for guix-patches@gnu.org; Tue, 09 May 2017 13:04:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d88YM-0004IM-Jv for guix-patches@gnu.org; Tue, 09 May 2017 13:04:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:59941) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1d88YM-0004IF-Gn for guix-patches@gnu.org; Tue, 09 May 2017 13:04:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1d88YM-0000HD-66 for guix-patches@gnu.org; Tue, 09 May 2017 13:04:02 -0400 Subject: bug#26857: [PATCH] gnu: lxterminal: Fix CVE-2016-10369. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:60638) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1d88Xp-0007q0-Cg for guix-patches@gnu.org; Tue, 09 May 2017 13:03:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1d88Xl-0003yQ-Hw for guix-patches@gnu.org; Tue, 09 May 2017 13:03:29 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:48797) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1d88Xl-0003y8-Dw for guix-patches@gnu.org; Tue, 09 May 2017 13:03:25 -0400 Received: from localhost.localdomain (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 04D7F246E8 for ; Tue, 9 May 2017 13:03:23 -0400 (EDT) From: Leo Famulari Date: Tue, 9 May 2017 13:03:13 -0400 Message-Id: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 26857@debbugs.gnu.org * gnu/packages/patches/lxterminal-CVE-2016-10369.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/lxde.scm (lxterminal)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/lxde.scm | 1 + .../patches/lxterminal-CVE-2016-10369.patch | 37 ++++++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 gnu/packages/patches/lxterminal-CVE-2016-10369.patch diff --git a/gnu/local.mk b/gnu/local.mk index af37e6764..0d8daf766 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -790,6 +790,7 @@ dist_patch_DATA = \ %D%/packages/patches/luminance-hdr-qt-printer.patch \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/lxsession-use-gapplication.patch \ + %D%/packages/patches/lxterminal-CVE-2016-10369.patch \ %D%/packages/patches/lz4-fix-test-failures.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ diff --git a/gnu/packages/lxde.scm b/gnu/packages/lxde.scm index 1164ba8cb..cc1156ae6 100644 --- a/gnu/packages/lxde.scm +++ b/gnu/packages/lxde.scm @@ -162,6 +162,7 @@ toolkit. It allows users to monitor and control of running processes.") (uri (string-append "mirror://sourceforge/lxde/LXTerminal" "%20%28terminal%20emulator%29/LXTerminal%20" version "/" name "-" version ".tar.xz")) + (patches (search-patches "lxterminal-CVE-2016-10369.patch")) (sha256 (base32 "1yf76s15zvfw0h42b0ay1slpq47khgjmcry8ki2z812zar9lchia")))) diff --git a/gnu/packages/patches/lxterminal-CVE-2016-10369.patch b/gnu/packages/patches/lxterminal-CVE-2016-10369.patch new file mode 100644 index 000000000..809eef08d --- /dev/null +++ b/gnu/packages/patches/lxterminal-CVE-2016-10369.patch @@ -0,0 +1,37 @@ +Fix CVE-2016-10369: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10369 + +Patch copied from upstream source repository: + +https://git.lxde.org/gitweb/?p=lxde/lxterminal.git;a=commit;h=f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648 + +From f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648 Mon Sep 17 00:00:00 2001 +From: Yao Wei +Date: Mon, 8 May 2017 00:47:55 +0800 +Subject: [PATCH] fix: use g_get_user_runtime_dir for socket directory + +This bug is pointed out by stackexchange user that putting socket file in +/tmp is a potential risk. Putting the socket dir in user directory could +mitigate the risk. +--- + src/unixsocket.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/unixsocket.c b/src/unixsocket.c +index 4c660ac..f88284c 100644 +--- a/src/unixsocket.c ++++ b/src/unixsocket.c +@@ -140,7 +140,8 @@ gboolean lxterminal_socket_initialize(LXTermWindow * lxtermwin, gint argc, gchar + * This function returns TRUE if this process should keep running and FALSE if it should exit. */ + + /* Formulate the path for the Unix domain socket. */ +- gchar * socket_path = g_strdup_printf("/tmp/.lxterminal-socket%s-%s", gdk_display_get_name(gdk_display_get_default()), g_get_user_name()); ++ gchar * socket_path = g_strdup_printf("%s/.lxterminal-socket-%s", g_get_user_runtime_dir(), gdk_display_get_name(gdk_display_get_default())); ++ printf("%s\n", socket_path); + + /* Create socket. */ + int fd = socket(PF_UNIX, SOCK_STREAM, 0); +-- +2.1.4 + -- 2.12.2