guix-play/gnu/packages/patches/gnome-shell-CVE-2017-8288.patch
rennes cc3bc027eb
gnu: gnome-shell: Fix CVE-2017-8288.
* gnu/packages/patches/gnome-shell-CVE-2017-8288.patch:	New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (gnome-shell)[source]: Use it.

Co-authored-by: Leo Famulari <leo@famulari.name>
2017-05-05 16:12:01 -04:00

55 lines
1.7 KiB
Diff

Fix CVE-2017-8288:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8288
http://seclists.org/oss-sec/2017/q2/136
Patch copied from upstream source repository:
https://git.gnome.org/browse/gnome-shell/commit/?id=ff425d1db7082e2755d2a405af53861552acf2a1
From ff425d1db7082e2755d2a405af53861552acf2a1 Mon Sep 17 00:00:00 2001
From: Emilio Pozuelo Monfort <pochu27@gmail.com>
Date: Tue, 25 Apr 2017 17:27:42 +0200
Subject: extensionSystem: handle reloading broken extensions
Some extensions out there may fail to reload. When that happens,
we need to catch any exceptions so that we don't leave things in
a broken state that could lead to leaving extensions enabled in
the screen shield.
https://bugzilla.gnome.org/show_bug.cgi?id=781728
---
js/ui/extensionSystem.js | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/js/ui/extensionSystem.js b/js/ui/extensionSystem.js
index a4dc29e..fc352b8 100644
--- a/js/ui/extensionSystem.js
+++ b/js/ui/extensionSystem.js
@@ -282,12 +282,20 @@ function _onVersionValidationChanged() {
// temporarily disable them all
enabledExtensions = [];
for (let uuid in ExtensionUtils.extensions)
- reloadExtension(ExtensionUtils.extensions[uuid]);
+ try {
+ reloadExtension(ExtensionUtils.extensions[uuid]);
+ } catch(e) {
+ logExtensionError(uuid, e);
+ }
enabledExtensions = getEnabledExtensions();
if (Main.sessionMode.allowExtensions) {
enabledExtensions.forEach(function(uuid) {
- enableExtension(uuid);
+ try {
+ enableExtension(uuid);
+ } catch(e) {
+ logExtensionError(uuid, e);
+ }
});
}
}
--
cgit v0.12