rpms/compiz-fusion/F-9 compiz-fusion-0.7.6-CVE-2008-6514.patch, NONE, 1.1 compiz-fusion.spec, 1.33, 1.34
Adel Gadllah
drago01 at fedoraproject.org
Tue Mar 24 18:00:13 UTC 2009
Author: drago01
Update of /cvs/pkgs/rpms/compiz-fusion/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15694
Modified Files:
compiz-fusion.spec
Added Files:
compiz-fusion-0.7.6-CVE-2008-6514.patch
Log Message:
Add fix for RH #491918, CVE-2008-6514
compiz-fusion-0.7.6-CVE-2008-6514.patch:
--- NEW FILE compiz-fusion-0.7.6-CVE-2008-6514.patch ---
diff -upNr compiz-fusion-plugins-main-0.7.8.orign/src/expo/expo.c compiz-fusion-plugins-main-0.7.8/src/expo/expo.c
--- compiz-fusion-plugins-main-0.7.8.orign/src/expo/expo.c 2008-09-17 15:29:14.000000000 +0200
+++ compiz-fusion-plugins-main-0.7.8/src/expo/expo.c 2009-03-24 18:52:13.117657489 +0100
@@ -1571,10 +1571,6 @@ expoDonePaintScreen (CompScreen * s)
continue;
}
- if (!(w->type & (CompWindowTypeNormalMask |
- CompWindowTypeFullscreenMask)))
- continue;
-
xOffset = s->hsize * s->width;
yOffset = s->vsize * s->height;
@@ -1596,6 +1592,18 @@ expoDonePaintScreen (CompScreen * s)
if (!inWindow)
continue;
+ /* make sure we never move windows we're not allowed to move */
+ if (!w->managed)
+ w = NULL;
+ else if (!(w->actions & CompWindowActionMoveMask))
+ w = NULL;
+ else if (w->type & (CompWindowTypeDockMask |
+ CompWindowTypeDesktopMask))
+ w = NULL;
+
+ if (!w)
+ break;
+
es->dndState = DnDDuring;
es->dndWindow = w;
@@ -1612,7 +1620,7 @@ expoDonePaintScreen (CompScreen * s)
}
else
{
- /* no window was hovered */
+ /* no (movable) window was hovered */
es->dndState = DnDNone;
}
Index: compiz-fusion.spec
===================================================================
RCS file: /cvs/pkgs/rpms/compiz-fusion/F-9/compiz-fusion.spec,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- compiz-fusion.spec 14 Mar 2009 17:04:59 -0000 1.33
+++ compiz-fusion.spec 24 Mar 2009 17:59:43 -0000 1.34
@@ -2,7 +2,7 @@
Name: compiz-fusion
Version: 0.7.6
-Release: 5%{?dist}
+Release: 6%{?dist}
Summary: Collection of Compiz Fusion plugins for Compiz
Group: User Interface/Desktops
@@ -12,7 +12,7 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
#Upstream commit 46960f12a9d213e5f0e841557e2ed2f7ea18cc79
Patch1: compiz-0.7.8-x_to_glx_workaround.patch
-
+Patch2: compiz-fusion-0.7.8-CVE-2008-6514.patch
# libdrm is not available on these arches
ExcludeArch: s390 s390x ppc64
@@ -64,6 +64,7 @@
%prep
%setup -q -n %{name}-plugins-main-%{version}
%patch1 -p1 -b .xglx
+%patch2 -p1 -b .CVE-2008-6514
%build
%configure --enable-schemas
@@ -133,6 +134,9 @@
%changelog
+* Tue Mar 24 2009 Adel Gadllah <adel.gadllah at gmail.com> 0.7.6-6
+- Add fix for RH #491918, CVE-2008-6514
+
* Sat Mar 14 2009 Adel Gadllah <adel.gadllah at gmail.com> 0.7.6-5
- Backport upstream fix for RH #474741
More information about the fedora-extras-commits
mailing list