From 64d67ef07641c70502381b802b0982f7acfd1abb Mon Sep 17 00:00:00 2001 From: Thomas Deutschmann Date: Wed, 25 Mar 2020 21:08:49 +0100 Subject: net-misc/vino: security cleanup (bug #701836) Bug: https://bugs.gentoo.org/701836 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Thomas Deutschmann --- .../vino-return-error-if-X11-is-no-detected.patch | 41 ------------ .../vino/files/vino-segfaults-on-wayland.patch | 30 --------- net-misc/vino/vino-3.22.0-r1.ebuild | 72 ---------------------- net-misc/vino/vino-3.22.0.ebuild | 66 -------------------- 4 files changed, 209 deletions(-) delete mode 100644 net-misc/vino/files/vino-return-error-if-X11-is-no-detected.patch delete mode 100644 net-misc/vino/files/vino-segfaults-on-wayland.patch delete mode 100644 net-misc/vino/vino-3.22.0-r1.ebuild delete mode 100644 net-misc/vino/vino-3.22.0.ebuild diff --git a/net-misc/vino/files/vino-return-error-if-X11-is-no-detected.patch b/net-misc/vino/files/vino-return-error-if-X11-is-no-detected.patch deleted file mode 100644 index 171d8590e3c9..000000000000 --- a/net-misc/vino/files/vino-return-error-if-X11-is-no-detected.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 5e49ab2d125388b843eca4f1f47849d18ccabcd3 Mon Sep 17 00:00:00 2001 -From: Ondrej Holy -Date: Tue, 20 Feb 2018 12:26:18 +0100 -Subject: [PATCH] Return error if X11 is not detected - -Vino-server crashes on Wayland in XQueryExtension. Since vino-server is -not expected to work on displays other than X11, let's exit immediately -if GDK_IS_X11_DISPLAY fail. - -https://bugzilla.gnome.org/show_bug.cgi?id=761120 ---- - server/vino-main.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/server/vino-main.c b/server/vino-main.c -index dd95de7..7be3fff 100644 ---- a/server/vino-main.c -+++ b/server/vino-main.c -@@ -28,6 +28,7 @@ - #include - #include - #include -+#include - - #include "vino-input.h" - #include "vino-mdns.h" -@@ -273,6 +274,12 @@ main (int argc, char **argv) - g_option_context_free (context); - } - -+ if (!GDK_IS_X11_DISPLAY (gdk_display_get_default ())) -+ { -+ g_printerr ("X11 is not detected\n"); -+ return 1; -+ } -+ - /* GSettings */ - vino.settings = g_settings_new ("org.gnome.Vino"); - --- -2.16.2 diff --git a/net-misc/vino/files/vino-segfaults-on-wayland.patch b/net-misc/vino/files/vino-segfaults-on-wayland.patch deleted file mode 100644 index ee161ae6fb98..000000000000 --- a/net-misc/vino/files/vino-segfaults-on-wayland.patch +++ /dev/null @@ -1,30 +0,0 @@ -From c5e3011b7364729fa2cd4f11761bf1f001a931a4 Mon Sep 17 00:00:00 2001 -From: Ondrej Holy -Date: Tue, 22 May 2018 20:45:45 +0200 -Subject: [PATCH] Do not restart service after unclean exit code - -Currently, the vino-server.service has Restart=on-failure, which means -that it is restarted in abnormal cases, but also in case of non-zero -exit code. It is restarted 5 times e.g. in case when X11 is not detected, -which doesn't make sense. Non-zero exit code is used only for states -which won't change with restart (invalid commandline, wayland and some -sanity checks). Change the value to Restart=on-abnormal in order to -prevent the useless restarts and to not spam journal. - -https://bugzilla.gnome.org/show_bug.cgi?id=761120 ---- - server/vino-server.service.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/server/vino-server.service.in b/server/vino-server.service.in -index a48b813..49e9c1f 100644 ---- a/server/vino-server.service.in -+++ b/server/vino-server.service.in -@@ -5,4 +5,4 @@ Description=Vino VNC server - Type=dbus - BusName=org.gnome.Vino - ExecStart=@libexecdir@/vino-server --Restart=on-failure -+Restart=on-abnormal --- -2.17.0 diff --git a/net-misc/vino/vino-3.22.0-r1.ebuild b/net-misc/vino/vino-3.22.0-r1.ebuild deleted file mode 100644 index 0cc7b6325b92..000000000000 --- a/net-misc/vino/vino-3.22.0-r1.ebuild +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit gnome2 systemd - -DESCRIPTION="An integrated VNC server for GNOME" -HOMEPAGE="https://wiki.gnome.org/Projects/Vino" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~sparc x86" -IUSE="crypt debug gnome-keyring ipv6 jpeg ssl systemd +telepathy zeroconf +zlib" -# bug #394611; tight encoding requires zlib encoding -REQUIRED_USE="jpeg? ( zlib )" - -# cairo used in vino-fb -# libSM and libICE used in eggsmclient-xsmp -RDEPEND=" - >=dev-libs/glib-2.26:2 - >=dev-libs/libgcrypt-1.1.90:0= - >=x11-libs/gtk+-3:3 - - x11-libs/cairo:= - x11-libs/libICE - x11-libs/libSM - x11-libs/libX11 - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXtst - x11-libs/pango[X] - - >=x11-libs/libnotify-0.7.0:= - - crypt? ( >=dev-libs/libgcrypt-1.1.90:0= ) - gnome-keyring? ( app-crypt/libsecret ) - jpeg? ( virtual/jpeg:0= ) - ssl? ( >=net-libs/gnutls-2.2.0:= ) - systemd? ( sys-apps/dbus[user-session] ) - telepathy? ( - dev-libs/dbus-glib - >=net-libs/telepathy-glib-0.18 ) - zeroconf? ( >=net-dns/avahi-0.6:=[dbus] ) - zlib? ( sys-libs/zlib:= ) -" -DEPEND="${RDEPEND} - app-crypt/libsecret - dev-util/glib-utils - >=dev-util/intltool-0.50 - virtual/pkgconfig -" -# libsecret is always required at build time per bug 322763 - -PATCHES=( - "${FILESDIR}/${PN}-segfaults-on-wayland.patch" - "${FILESDIR}/${PN}-return-error-if-X11-is-no-detected.patch" -) - -src_configure() { - gnome2_src_configure \ - $(use_enable ipv6) \ - $(use_with crypt gcrypt) \ - $(usex debug --enable-debug=yes ' ') \ - $(use_with gnome-keyring secret) \ - $(use_with jpeg) \ - $(use_with ssl gnutls) \ - $(use_with telepathy) \ - $(use_with zeroconf avahi) \ - $(use_with zlib) \ - --with-systemduserunitdir="$(systemd_get_userunitdir)" -} diff --git a/net-misc/vino/vino-3.22.0.ebuild b/net-misc/vino/vino-3.22.0.ebuild deleted file mode 100644 index 4a26312965d1..000000000000 --- a/net-misc/vino/vino-3.22.0.ebuild +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright 1999-2018 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -inherit gnome2 systemd - -DESCRIPTION="An integrated VNC server for GNOME" -HOMEPAGE="https://wiki.gnome.org/Projects/Vino" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~alpha amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc x86" -IUSE="crypt debug gnome-keyring ipv6 jpeg ssl +telepathy zeroconf +zlib" -# bug #394611; tight encoding requires zlib encoding -REQUIRED_USE="jpeg? ( zlib )" - -# cairo used in vino-fb -# libSM and libICE used in eggsmclient-xsmp -RDEPEND=" - >=dev-libs/glib-2.26:2 - >=dev-libs/libgcrypt-1.1.90:0= - >=x11-libs/gtk+-3:3 - - x11-libs/cairo:= - x11-libs/libICE - x11-libs/libSM - x11-libs/libX11 - x11-libs/libXdamage - x11-libs/libXext - x11-libs/libXfixes - x11-libs/libXtst - x11-libs/pango[X] - - >=x11-libs/libnotify-0.7.0:= - - crypt? ( >=dev-libs/libgcrypt-1.1.90:0= ) - gnome-keyring? ( app-crypt/libsecret ) - jpeg? ( virtual/jpeg:0= ) - ssl? ( >=net-libs/gnutls-2.2.0:= ) - telepathy? ( - dev-libs/dbus-glib - >=net-libs/telepathy-glib-0.18 ) - zeroconf? ( >=net-dns/avahi-0.6:=[dbus] ) - zlib? ( sys-libs/zlib:= ) -" -DEPEND="${RDEPEND} - app-crypt/libsecret - dev-util/glib-utils - >=dev-util/intltool-0.50 - virtual/pkgconfig -" -# libsecret is always required at build time per bug 322763 - -src_configure() { - gnome2_src_configure \ - $(use_enable ipv6) \ - $(use_with crypt gcrypt) \ - $(usex debug --enable-debug=yes ' ') \ - $(use_with gnome-keyring secret) \ - $(use_with jpeg) \ - $(use_with ssl gnutls) \ - $(use_with telepathy) \ - $(use_with zeroconf avahi) \ - $(use_with zlib) \ - --with-systemduserunitdir="$(systemd_get_userunitdir)" -} -- cgit v1.2.3-65-gdbad