Mailinglist Archive: opensuse-bugs (4238 mails)
| < Previous | Next > |
[Bug 698250] colord: new dbus and polkit rules
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Tue, 6 Dec 2011 13:46:07 +0000
- Message-id: <20111206134607.A81E6245523@molor.provo.novell.com>
https://bugzilla.novell.com/show_bug.cgi?id=698250
https://bugzilla.novell.com/show_bug.cgi?id=698250#c35
--- Comment #35 from Vincent Untz <vuntz@xxxxxxxx> 2011-12-06 13:46:05 UTC ---
Ludwig: I'm playing with the package, and one major issue caused by the default
policies is that the color plugin in g-s-d starts early, before a polkit agent
is running. Which results in the plugin just failing.
Are the changes to run as colord user enough to change the default policy to
not require auth for the current user? If no, we'll likely want to patch g-s-d
to delay the color plugin start a bit but that'll result in a horrible user
experience (with 4 popups on login).
(In reply to comment #34)
feel free to just submit to openSUSE:12.1:Test so we get an update staged
already.
Talking to Richard, he feels an update to 0.0.15 is worth it. Do we want to
take the update to fix the security issue? Here's the relevants bits from NEWS;
it's really about bug fixes:
===========================
Version 0.1.15
~~~~~~~~~~~~~~
Released: 2011-11-26
Notes:
- This release fixes an important security bug: CVE-2011-4349.
- It is recommended all users update to this version, or backport
these patches:
*
http://gitorious.org/colord/master/commit/1fadd90afcb4bbc47513466ee9bb1e4a8632ac3b
*
http://gitorious.org/colord/master/commit/36549e0ed255e7dfa7852d08a75dd5f00cbd270e
New Features:
- Add a native driver for the Hughski ColorHug hardware (Richard Hughes)
- Export cd-math as three projects are now using it (Richard Hughes)
Bugfixes:
- Documentation fixes and improvements (Laurent Martelli)
- Do not crash the daemon if adding the device to the db failed (Richard
Hughes)
- Do not match any sensor device with a kernel driver (Richard Hughes)
- Don't be obscure when the user passes a device-id to colormgr (Richard
Hughes)
- Fix a memory leak when getting properties from a device (Richard Hughes)
- Fix colormgr device-get-default-profile (Richard Hughes)
- Fix some conection bugs in colormgr (Florian Höch, Richard Hughes)
- Fix some potential SQL injections (Ludwig Nussel, Vincent Untz)
- Make gusb optional (Ludwig Nussel)
- Only use the udev USB helper if the PID and VID have matches (Richard
Hughes)
- Output the Huey calibration matrices when dumping the sensor (Richard
Hughes)
Version 0.1.14
~~~~~~~~~~~~~~
Released: 2011-11-01
Translations:
New Features:
- Add defines for the i1 Display 3 (Richard Hughes)
- Add two more DATA_source values to the specification (Richard Hughes)
- Align the output from colormgr get-devices and get-profiles (Richard Hughes)
- Allow cd-fix-profile to append and edit new metadata (Richard Hughes)
Bugfixes:
- Ensure non-native device are added with no driver module (Richard Hughes)
- Split the sensor and device udev code (Richard Hughes)
===========================
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |