main/xkeyboard-config: security fix (CVE-2012-0064)

Fixes issue that allows user to unlock screensaver lock with Ctrl-alt-* fixes #953
author: Natanael Copa <ncopa@alpinelinux.org> 2012-01-20 12:37:05 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2012-01-20 12:38:43 +0000
commit: 17e3c86874ce718f6dbfb28f98befe46098b5f5a (patch)
tree: b068055a12a67cf4eafbfa6b980d866f61b342a0 /main/xkeyboard-config
parent: a5f23a46463a6ec41f5403a9e0cf8e17e2a1ac9d (diff)
download: aports-17e3c86874ce718f6dbfb28f98befe46098b5f5a.tar.bz2
aports-17e3c86874ce718f6dbfb28f98befe46098b5f5a.tar.xz
2 files changed, 91 insertions, 3 deletions
diff --git a/main/xkeyboard-config/0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch b/main/xkeyboard-config/0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch
new file mode 100644
index 0000000000..8d788acadf
--- /dev/null
+++ b/main/xkeyboard-config/0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch
@@ -0,0 +1,76 @@
+From 9966d0a83ad7cf5ea76a04f31912e92908f3da63 Mon Sep 17 00:00:00 2001
+From: Daniel Stone <daniel@fooishbar.org>
+Date: Thu, 19 Jan 2012 16:36:16 +1100
+Subject: [PATCH] Hide ClearGrab/CloseGrabs actions behind an option
+
+Similar to how we put the Terminate mapping behind an option rather than
+enabling it by default, put the ClearGrab/CloseGrab action handlers
+behind an option too, so we don't ship 'break my screensaver'.  Oops.
+
+Signed-off-by: Daniel Stone <daniel@fooishbar.org>
+---
+ compat/xfree86      |   15 +++++++++------
+ rules/base.o_c.part |    1 +
+ rules/base.xml.in   |    6 ++++++
+ 3 files changed, 16 insertions(+), 6 deletions(-)
+
+diff --git a/compat/xfree86 b/compat/xfree86
+index cf4a8b2..52e661d 100644
+--- a/compat/xfree86
++++ b/compat/xfree86
+@@ -41,12 +41,6 @@ default partial xkb_compatibility "basic"  {
+         action = SwitchScreen(Screen=12, !SameServer);
+     };
+ 
+-    interpret XF86_Ungrab {
+-        action = Private(type=0x86, data="Ungrab");
+-    };
+-    interpret XF86_ClearGrab {
+-        action = Private(type=0x86, data="ClsGrb");
+-    };
+     interpret XF86LogGrabInfo {
+         action = Private(type=0x86, data="PrGrbs");
+     };
+@@ -61,3 +55,12 @@ default partial xkb_compatibility "basic"  {
+         action = Private(type=0x86, data="-VMode");
+     };
+ };
++
++partial xkb_compatibility "grab_break" {
++    interpret XF86_Ungrab {
++        action = Private(type=0x86, data="Ungrab");
++    };
++    interpret XF86_ClearGrab {
++        action = Private(type=0x86, data="ClsGrb");
++    };
++};
+diff --git a/rules/base.o_c.part b/rules/base.o_c.part
+index 352f8b3..b80ab6d 100644
+--- a/rules/base.o_c.part
++++ b/rules/base.o_c.part
+@@ -3,4 +3,5 @@
+   grp_led:scroll	=	+ledscroll(group_lock)
+   japan:kana_lock	=	+japan(kana_lock)
+   caps:shiftlock	=	+ledcaps(shift_lock)
++  grab:break_actions    =       +xfree86(grab_break)
+ 
+diff --git a/rules/base.xml.in b/rules/base.xml.in
+index 22b720f..6c17faa 100644
+--- a/rules/base.xml.in
++++ b/rules/base.xml.in
+@@ -6278,6 +6278,12 @@
+           <_description>Toggle PointerKeys with Shift + NumLock.</_description>
+         </configItem>
+       </option>
++      <option>
++        <configItem>
++          <name>grab:break_actions</name>
++          <_description>Allow breaking grabs with keyboard actions (warning: security risk)</_description>
++        </configItem>
++      </option>
+     </group>
+     <group allowMultipleSelection="true">
+       <!-- Special shortcuts for the Euro character -->
+-- 
+1.7.8.3
+
diff --git a/main/xkeyboard-config/APKBUILD b/main/xkeyboard-config/APKBUILD
index f4eaa5949f..ae367faecf 100644
--- a/main/xkeyboard-config/APKBUILD
+++ b/main/xkeyboard-config/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=xkeyboard-config
 pkgver=2.4.1
-pkgrel=0
+pkgrel=1
 pkgdesc="X keyboard configuration files"
 url="http://www.freedesktop.org/wiki/Software/XKeyboardConfig"
 arch="noarch"
@@ -9,7 +9,18 @@ license="custom"
 depends=
 subpackages=
 makedepends="xkbcomp intltool libx11-dev"
-source="http://xorg.freedesktop.org/archive/individual/data/xkeyboard-config-$pkgver.tar.bz2"
+source="http://xorg.freedesktop.org/archive/individual/data/xkeyboard-config-$pkgver.tar.bz2
+	0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch
+	"
+
+prepare() {
+	cd "$srcdir"/$pkgname-$pkgver
+	for i in $source; do
+		case $i in
+		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+		esac
+	done
+}
 
 build () {
 	cd "$srcdir"/$pkgname-$pkgver
@@ -28,4 +39,5 @@ package() {
 	install -m755 -d "$pkgdir"/var/lib/xkb
 	install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
 }
-md5sums="9f6d7a37fd192264a3ca07ede5d183c3  xkeyboard-config-2.4.1.tar.bz2"
+md5sums="9f6d7a37fd192264a3ca07ede5d183c3  xkeyboard-config-2.4.1.tar.bz2
+6033b73a3864e301e6e916fec89b2e3c  0001-Hide-ClearGrab-CloseGrabs-actions-behind-an-option.patch"
author	Natanael Copa <ncopa@alpinelinux.org>	2012-01-20 12:37:05 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2012-01-20 12:38:43 +0000
commit	17e3c86874ce718f6dbfb28f98befe46098b5f5a (patch)
tree	b068055a12a67cf4eafbfa6b980d866f61b342a0 /main/xkeyboard-config
parent	a5f23a46463a6ec41f5403a9e0cf8e17e2a1ac9d (diff)
download	aports-17e3c86874ce718f6dbfb28f98befe46098b5f5a.tar.bz2 aports-17e3c86874ce718f6dbfb28f98befe46098b5f5a.tar.xz