Bug#861465: unblock: gnome-shell/3.22.3-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi
Please unblock package gnome-shell
>gnome-shell (3.22.3-3) unstable; urgency=medium
>
> * debian/patches/50-extension-reload-fail.patch:
> - Add patch to fix a bug where extensions could be left enabled in the
> lock screen.
>
> -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 26 Apr 2017 18:47:56 +0200
This correspond to upstream
https://bugzilla.gnome.org/show_bug.cgi?id=781728, and CVE-2017-8288
(extensions that fail to reload are misshandled, and could be left
enabled in the lock-screen).
Attached the full debdiff.
unblock gnome-shell/3.22.3-3
Regards,
Salvatore
diff -Nru gnome-shell-3.22.3/debian/changelog gnome-shell-3.22.3/debian/changelog
--- gnome-shell-3.22.3/debian/changelog 2017-03-01 13:03:55.000000000 +0100
+++ gnome-shell-3.22.3/debian/changelog 2017-04-26 18:47:56.000000000 +0200
@@ -1,3 +1,11 @@
+gnome-shell (3.22.3-3) unstable; urgency=medium
+
+ * debian/patches/50-extension-reload-fail.patch:
+ - Add patch to fix a bug where extensions could be left enabled in the
+ lock screen.
+
+ -- Emilio Pozuelo Monfort <pochu@debian.org> Wed, 26 Apr 2017 18:47:56 +0200
+
gnome-shell (3.22.3-2) unstable; urgency=medium
* d/control: Drop dependency on telepathy-mission-control-5. GNOME Shell
diff -Nru gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch
--- gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch 1970-01-01 01:00:00.000000000 +0100
+++ gnome-shell-3.22.3/debian/patches/50-extension-reload-fail.patch 2017-04-26 18:47:43.000000000 +0200
@@ -0,0 +1,45 @@
+From 560e976ee9c59d75907b5ef6ed2bc336719e37d3 Mon Sep 17 00:00:00 2001
+From: Emilio Pozuelo Monfort <pochu27@gmail.com>
+Date: Tue, 25 Apr 2017 17:27:42 +0200
+Subject: [PATCH] extensionSystem: handle reloading broken extensions
+
+Some extensions out there may fail to reload. When that happens,
+we need to catch any exceptions so that we don't leave things in
+a broken state that could lead to leaving extensions enabled in
+the screen shield.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=781728
+---
+ js/ui/extensionSystem.js | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/js/ui/extensionSystem.js b/js/ui/extensionSystem.js
+index ba332220b..1feaa2ff8 100644
+--- a/js/ui/extensionSystem.js
++++ b/js/ui/extensionSystem.js
+@@ -276,12 +276,20 @@ function _onVersionValidationChanged() {
+ // temporarily disable them all
+ enabledExtensions = [];
+ for (let uuid in ExtensionUtils.extensions)
+- reloadExtension(ExtensionUtils.extensions[uuid]);
++ try {
++ reloadExtension(ExtensionUtils.extensions[uuid]);
++ } catch(e) {
++ logExtensionError(uuid, e);
++ }
+ enabledExtensions = getEnabledExtensions();
+
+ if (Main.sessionMode.allowExtensions) {
+ enabledExtensions.forEach(function(uuid) {
+- enableExtension(uuid);
++ try {
++ enableExtension(uuid);
++ } catch(e) {
++ logExtensionError(uuid, e);
++ }
+ });
+ }
+ }
+--
+2.11.0
+
diff -Nru gnome-shell-3.22.3/debian/patches/series gnome-shell-3.22.3/debian/patches/series
--- gnome-shell-3.22.3/debian/patches/series 2017-02-18 06:41:26.000000000 +0100
+++ gnome-shell-3.22.3/debian/patches/series 2017-04-26 18:47:43.000000000 +0200
@@ -1,3 +1,4 @@
27-nm-libexec-path.patch
#30-remoteMenu-Prevent-the-shell-from-becoming-unrespons.patch
41-handle-logind-fail.patch
+50-extension-reload-fail.patch
Reply to: