diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-08 23:53:06 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-08 23:53:06 +0000 |
| commit | 72d3de6ecf91a664edd4c38288103e94dce60fb1 (patch) | |
| tree | b58d71f428924fc07b93fb0e67a171a8f91c551f | |
| parent | Adding debian version 3.38.6-1~deb11u1. (diff) | |
| download | gnome-shell-debian.tar.xz gnome-shell-debian.zip | |
Adding debian version 3.38.6-1~deb11u2.debian/3.38.6-1_deb11u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | debian/changelog | 12 | ||||
| -rw-r--r-- | debian/patches/screencast-Correct-expected-bus-name-for-streams.patch | 29 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
3 files changed, 42 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index d6cd005..8f561cc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +gnome-shell (3.38.6-1~deb11u2) bullseye-security; urgency=high + + * d/p/screencast-Correct-expected-bus-name-for-streams.patch: + Avoid screencast regression after fixing CVE-2024-34397. + Previously, screencasting expected signals to come from the wrong + D-Bus name, which only worked because there was a vulnerability in + GLib that resulted in the sender being ignored. + * Set urgency=high because this fixes a regression triggered by a + security fix. + + -- Simon McVittie <smcv@debian.org> Mon, 06 May 2024 22:16:03 +0100 + gnome-shell (3.38.6-1~deb11u1) bullseye; urgency=medium * Rebuild for bullseye diff --git a/debian/patches/screencast-Correct-expected-bus-name-for-streams.patch b/debian/patches/screencast-Correct-expected-bus-name-for-streams.patch new file mode 100644 index 0000000..b8f32f4 --- /dev/null +++ b/debian/patches/screencast-Correct-expected-bus-name-for-streams.patch @@ -0,0 +1,29 @@ +From: Simon McVittie <smcv@debian.org> +Date: Mon, 6 May 2024 21:58:09 +0100 +Subject: screencast: Correct expected bus name for streams +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +Previously, this only worked because GDBusConnection was not filtering +signals by their sender correctly (GNOME/glib#3268). + +Thanks: Alicia Boya GarcĂa +Signed-off-by: Simon McVittie <smcv@debian.org> +--- + js/dbusServices/screencast/screencastService.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/js/dbusServices/screencast/screencastService.js b/js/dbusServices/screencast/screencastService.js +index e980896..f88a748 100644 +--- a/js/dbusServices/screencast/screencastService.js ++++ b/js/dbusServices/screencast/screencastService.js +@@ -160,7 +160,7 @@ var Recorder = class { + }); + + this._streamProxy = new ScreenCastStreamProxy(Gio.DBus.session, +- 'org.gnome.ScreenCast.Stream', ++ 'org.gnome.Mutter.ScreenCast', + streamPath); + + this._streamProxy.connectSignal('PipeWireStreamAdded', diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..b50f4c3 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +screencast-Correct-expected-bus-name-for-streams.patch |