Package: release.debian.org Severity: normal User: [email protected] Usertags: unblock
Hi Please unblock package gnome-shell >gnome-shell (3.22.3-3) unstable; urgency=medium > > * debian/patches/50-extension-reload-fail.patch: > - Add patch to fix a bug where extensions could be left enabled in the > lock screen. > > -- Emilio Pozuelo Monfort <[email protected]> Wed, 26 Apr 2017 18:47:56 +0200 This correspond to upstream https://bugzilla.gnome.org/show_bug.cgi?id=781728, and CVE-2017-8288 (extensions that fail to reload are misshandled, and could be left enabled in the lock-screen). Attached the full debdiff. unblock gnome-shell/3.22.3-3 Regards, Salvatore
diff -Nru gnome-shell-3.22.3/debian/changelog gnome-shell-3.22.3/debian/changelog --- gnome-shell-3.22.3/debian/changelog 2017-03-01 13:03:55.000000000 +0100 +++ gnome-shell-3.22.3/debian/changelog 2017-04-26 18:47:56.000000000 +0200 @@ -1,3 +1,11 @@ +gnome-shell (3.22.3-3) unstable; urgency=medium + + * debian/patches/50-extension-reload-fail.patch: + - Add patch to fix a bug where extensions could be left enabled in the + lock screen. + + -- Emilio Pozuelo Monfort <[email protected]> Wed, 26 Apr 2017 18:47:56 +0200 + gnome-shell (3.22.3-2) unstable; urgency=medium * d/control: Drop dependency on telepathy-mission-control-5. GNOME Shell diff -Nru gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch --- gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch 1970-01-01 01:00:00.000000000 +0100 +++ gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch 2017-04-26 18:47:43.000000000 +0200 @@ -0,0 +1,45 @@ +From 560e976ee9c59d75907b5ef6ed2bc336719e37d3 Mon Sep 17 00:00:00 2001 +From: Emilio Pozuelo Monfort <[email protected]> +Date: Tue, 25 Apr 2017 17:27:42 +0200 +Subject: [PATCH] extensionSystem: handle reloading broken extensions + +Some extensions out there may fail to reload. When that happens, +we need to catch any exceptions so that we don't leave things in +a broken state that could lead to leaving extensions enabled in +the screen shield. + +https://bugzilla.gnome.org/show_bug.cgi?id=781728 +--- + js/ui/extensionSystem.js | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/js/ui/extensionSystem.js b/js/ui/extensionSystem.js +index ba332220b..1feaa2ff8 100644 +--- a/js/ui/extensionSystem.js ++++ b/js/ui/extensionSystem.js +@@ -276,12 +276,20 @@ function _onVersionValidationChanged() { + // temporarily disable them all + enabledExtensions = []; + for (let uuid in ExtensionUtils.extensions) +- reloadExtension(ExtensionUtils.extensions[uuid]); ++ try { ++ reloadExtension(ExtensionUtils.extensions[uuid]); ++ } catch(e) { ++ logExtensionError(uuid, e); ++ } + enabledExtensions = getEnabledExtensions(); + + if (Main.sessionMode.allowExtensions) { + enabledExtensions.forEach(function(uuid) { +- enableExtension(uuid); ++ try { ++ enableExtension(uuid); ++ } catch(e) { ++ logExtensionError(uuid, e); ++ } + }); + } + } +-- +2.11.0 + diff -Nru gnome-shell-3.22.3/debian/patches/series gnome-shell-3.22.3/debian/patches/series --- gnome-shell-3.22.3/debian/patches/series 2017-02-18 06:41:26.000000000 +0100 +++ gnome-shell-3.22.3/debian/patches/series 2017-04-26 18:47:43.000000000 +0200 @@ -1,3 +1,4 @@ 27-nm-libexec-path.patch #30-remoteMenu-Prevent-the-shell-from-becoming-unrespons.patch 41-handle-logind-fail.patch +50-extension-reload-fail.patch

