summaryrefslogtreecommitdiffstats
path: root/kde/patch/kscreenlocker
diff options
context:
space:
mode:
author Eric Hameleers <alien@slackware.com>2016-02-10 12:14:01 +0100
committer Eric Hameleers <alien@slackware.com>2016-02-10 12:14:01 +0100
commit241fc7257af2730947e7a5ee3d35868eb8e95cbd (patch)
tree9a2fe66d6e739d2e76c0b79af2a2b69aad53e365 /kde/patch/kscreenlocker
parentd1d5a8d524bb703eaee105fd2a82f287e34fb988 (diff)
downloadktown-241fc7257af2730947e7a5ee3d35868eb8e95cbd.tar.gz
ktown-241fc7257af2730947e7a5ee3d35868eb8e95cbd.tar.xz
Plasma: apply a patch to kscreenlocker to address CVE-2016-2312.
Turning all screens off while the lock screen is shown can result in the screen being unlocked when turning a screen on again. See also https://www.kde.org/info/security/advisory-20160209-1.txt
Diffstat (limited to 'kde/patch/kscreenlocker')
-rw-r--r--kde/patch/kscreenlocker/kscreenlocker_CVE-2016-2312.patch36
1 files changed, 36 insertions, 0 deletions
diff --git a/kde/patch/kscreenlocker/kscreenlocker_CVE-2016-2312.patch b/kde/patch/kscreenlocker/kscreenlocker_CVE-2016-2312.patch
new file mode 100644
index 0000000..492ef80
--- /dev/null
+++ b/kde/patch/kscreenlocker/kscreenlocker_CVE-2016-2312.patch
@@ -0,0 +1,36 @@
+From: Martin Gräßlin <mgraesslin@kde.org>
+Date: Fri, 05 Feb 2016 09:30:19 +0000
+Subject: [greeter] Dont quit when last window closes
+X-Git-Url: http://quickgit.kde.org/?p=kscreenlocker.git&a=commitdiff&h=fae65f1cdd6446042b31ccd0eafd7a4c0b6623e3
+---
+[greeter] Dont quit when last window closes
+
+Qt allows to have no screens. If all XRandR screens are disconnected
+there are also no QScreens. This is from an X11 perspective wrong, but
+we have to deal with it. No QScreens means that all views are destroyed
+and no new ones are created. Thus all windows close and the greeter
+exited successfully which in turn unlocked the screen.
+
+This change ensures that the greeter doesn't exit when all windows close.
+
+Funnily this was not a problem with the well known issue of Qt
+crashing when all screens are disconnected. The lock screen handles
+crashes gracefully and just restarts or more likely Qt also crashes
+the application using KSld and thus taking down the complete session.
+
+BUG: 358125
+FIXED-IN: 5.5.5
+---
+
+
+--- a/greeter/main.cpp
++++ b/greeter/main.cpp
+@@ -59,6 +59,7 @@
+ qputenv("QT_IM_MODULE", QByteArrayLiteral("compose"));
+ }
+ ScreenLocker::UnlockApp app(argc, argv);
++ app.setQuitOnLastWindowClosed(false);
+ QCoreApplication::setApplicationName(QStringLiteral("kscreenlocker_greet"));
+ QCoreApplication::setApplicationVersion(QStringLiteral("0.1"));
+ QCoreApplication::setOrganizationDomain(QStringLiteral("kde.org"));
+