Hello community, here is the log from the commit of package kinit for openSUSE:Factory checked in at 2016-07-03 12:22:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kinit (Old) and /work/SRC/openSUSE:Factory/.kinit.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "kinit" Changes: -------- --- /work/SRC/openSUSE:Factory/kinit/kinit.changes 2016-05-19 12:08:01.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.kinit.new/kinit.changes 2016-07-03 12:22:59.000000000 +0200 @@ -1,0 +2,12 @@ +Mon Jun 6 21:25:45 UTC 2016 - hrvoje.senjan@gmail.com + +- Update to 5.23.0 + * Fix race in which the file containing the X11 cookie has the + wrong permissions for a small while + (boo#983926, CVE-2016-3100, kde#358593, kde#363140) + * Fix permissions of /tmp/xauth-xxx-_y + (boo#983926, CVE-2016-3100, kde#358593, kde#363140) + * For more details please see: + https://www.kde.org/announcements/kde-frameworks-5.23.0.php + +------------------------------------------------------------------- Old: ---- kinit-5.22.0.tar.xz New: ---- kinit-5.23.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kinit.spec ++++++ --- /var/tmp/diff_new_pack.4AmK6k/_old 2016-07-03 12:22:59.000000000 +0200 +++ /var/tmp/diff_new_pack.4AmK6k/_new 2016-07-03 12:22:59.000000000 +0200 @@ -17,9 +17,9 @@ %bcond_without lang -%define _tar_path 5.22 +%define _tar_path 5.23 Name: kinit -Version: 5.22.0 +Version: 5.23.0 Release: 0 %define kf5_version %{version} BuildRequires: cmake >= 2.8.12 ++++++ kinit-5.22.0.tar.xz -> kinit-5.23.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kinit-5.22.0/CMakeLists.txt new/kinit-5.23.0/CMakeLists.txt --- old/kinit-5.22.0/CMakeLists.txt 2016-05-07 17:15:53.000000000 +0200 +++ new/kinit-5.23.0/CMakeLists.txt 2016-06-06 13:36:59.000000000 +0200 @@ -3,7 +3,7 @@ project(KInit) include(FeatureSummary) -find_package(ECM 5.22.0 NO_MODULE) +find_package(ECM 5.23.0 NO_MODULE) set_package_properties(ECM PROPERTIES TYPE REQUIRED DESCRIPTION "Extra CMake Modules." URL "https://projects.kde.org/projects/kdesupport/extra-cmake-modules") feature_summary(WHAT REQUIRED_PACKAGES_NOT_FOUND FATAL_ON_MISSING_REQUIRED_PACKAGES) @@ -19,8 +19,8 @@ include(ECMPackageConfigHelpers) include(ECMSetupVersion) -set(KF5_VERSION "5.22.0") # handled by release scripts -set(KF5_DEP_VERSION "5.22.0") # handled by release scripts +set(KF5_VERSION "5.23.0") # handled by release scripts +set(KF5_DEP_VERSION "5.23.0") # handled by release scripts ecm_setup_version(${KF5_VERSION} VARIABLE_PREFIX KINIT VERSION_HEADER "${CMAKE_CURRENT_BINARY_DIR}/kinit_version.h" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kinit-5.22.0/metainfo.yaml new/kinit-5.23.0/metainfo.yaml --- old/kinit-5.22.0/metainfo.yaml 2016-05-07 17:15:53.000000000 +0200 +++ new/kinit-5.23.0/metainfo.yaml 2016-06-06 13:36:59.000000000 +0200 @@ -10,3 +10,7 @@ deprecated: false release: true cmakename: KF5Init + +public_lib: true +group: Frameworks +subgroup: Tier 3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kinit-5.22.0/src/kdeinit/kinit.cpp new/kinit-5.23.0/src/kdeinit/kinit.cpp --- old/kinit-5.22.0/src/kdeinit/kinit.cpp 2016-05-07 17:15:53.000000000 +0200 +++ new/kinit-5.23.0/src/kdeinit/kinit.cpp 2016-06-06 13:36:59.000000000 +0200 @@ -1530,12 +1530,15 @@ + QString::number(getuid()) + QLatin1Char('-') + QString::fromLocal8Bit(display); QSaveFile xauthfile(xauth); QFile xauthfrom(QFile::decodeName(qgetenv("XAUTHORITY"))); + // Set umask to make sure the file permissions of xauthfile are correct + mode_t oldMask = umask(S_IRGRP | S_IROTH | S_IWGRP | S_IWOTH); if (!xauthfrom.open(QFile::ReadOnly) || !xauthfile.open(QFile::WriteOnly) || xauthfile.write(xauthfrom.readAll()) != xauthfrom.size() || !xauthfile.commit()) { // error } else { qputenv("XAUTHORITY", QFile::encodeName(xauth)); } + umask(oldMask); } }