summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Runge2023-10-05 10:49:12 +0200
committerDavid Runge2023-10-05 10:49:12 +0200
commit7c9fff81c4a0318def4ddf88ecbf2df375f096c4 (patch)
treeb0886d0722bdf130185d6d9a211de3dd2e39c1b9
parent94cb58d3c4e4f539a80b60eaffb3f50e4136427c (diff)
downloadaur-7c9fff81c4a0318def4ddf88ecbf2df375f096c4.tar.gz
upgpkg: 0.9.2-3
Add patches for CVE-2023-43782, CVE-2023-43783: https://seclists.org/oss-sec/2023/q4/45
-rw-r--r--.SRCINFO41
-rw-r--r--0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch89
-rw-r--r--0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch46
-rw-r--r--PKGBUILD23
4 files changed, 195 insertions, 4 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 000000000000..95c9203b55e9
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,41 @@
+pkgbase = cadence
+ pkgdesc = JACK toolbox for audio production.
+ pkgver = 0.9.2
+ pkgrel = 3
+ url = https://kx.studio/Applications:Cadence
+ arch = x86_64
+ license = GPL2
+ makedepends = a2jmidid
+ makedepends = jack_capture
+ makedepends = libpulse
+ makedepends = pulseaudio-jack
+ makedepends = python-rdflib
+ makedepends = zita-ajbridge
+ depends = alsa-utils
+ depends = bash
+ depends = gcc-libs
+ depends = glibc
+ depends = hicolor-icon-theme
+ depends = jack2-dbus
+ depends = python
+ depends = python-dbus
+ depends = python-pyqt5
+ depends = qt5-base
+ depends = qt5-svg
+ depends = sh
+ optdepends = a2jmidid: ALSA to JACK MIDI bridge
+ optdepends = jack_capture: recording via Cadence-Render
+ optdepends = pulseaudio-jack: PulseAudio to JACK bridge
+ optdepends = python-rdflib: LADSPA-RDF support in Carla
+ optdepends = zita-ajbridge: ALSA to JACK bridge
+ source = https://github.com/falkTX/cadence/archive/v0.9.2/cadence-v0.9.2.tar.gz
+ source = 0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch
+ source = 0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch
+ sha512sums = d8a1b52c361e3e18a193d1c283bb69abe18ce667b554fc53cb9b752d92747269145144ae512895ffbb5df76efe8671cfc0782f29e59d0d7cd3d97c97240bdecf
+ sha512sums = c145404f12b26a88075c2475ad2bffbbdfe46ed294e7e9c88f7e11db645890afa35cfec99e2dd4bf14bb4bfaaf8e23c1ee64cc0d91d163274f7b02b32c080b75
+ sha512sums = 7c66d7fcf7b05d50ff98373b29a2a884088be62c6e025fbd4362387c67018eeac6b9fc16e6866704e268eafdb4b2f12bfcc62927a3ea5914693a32b93d5e8775
+ b2sums = a5422e4d74618e2e45d9c6f275393a6e918783fc37d60a54142725aa54e691435c41f76dd0346fae7684c452988b07a18d817902abd917dbceaff5fb4aaa6c47
+ b2sums = 2a1cfa17a75f9e652064cb7f3fcddb0a3ff1ad7d829cb58fd924e6c406d3dd07091a2ccb0067b001378212dbdba7549c5e04ef0b99ee83ffddfd7e525a68da66
+ b2sums = ef6f6a40736c57b6dbd3570ca5c5119432552f4000d230199d0ea329cd08b76abe30c8afa53380e5bbcabbbe6b97afa6f093bb0424c909ad8d8fa5f37e43661f
+
+pkgname = cadence
diff --git a/0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch b/0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch
new file mode 100644
index 000000000000..c056ac93fa12
--- /dev/null
+++ b/0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch
@@ -0,0 +1,89 @@
+From 986a26147fa85fc3b2727a13c478b12994555e4a Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner () suse de>
+Date: Tue, 22 Aug 2023 14:06:40 +0200
+Subject: [PATCH] cadence_aloop_daemon: place lockfile into non-public
+ directory
+
+The fixed /tmp path for the lock / shutdown handling of the daemon is
+problematic security wise, since any other user in the system can block
+this path. This also makes parallel instances for multiple user accounts
+impossible.
+
+Select a location in the user's /run directory or in its home directory
+(as a fallback).
+---
+ src/cadence.py | 3 ++-
+ src/cadence_aloop_daemon.py | 5 +++--
+ src/shared.py | 8 ++++++++
+ 3 files changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/cadence.py b/src/cadence.py
+index 87a14a8..714e2d6 100755
+--- a/src/cadence.py
++++ b/src/cadence.py
+@@ -38,6 +38,7 @@ import ui_cadence_tb_alsa
+ import ui_cadence_tb_a2j
+ import ui_cadence_tb_pa
+ import ui_cadence_rwait
++from shared import getDaemonLockfile
+ from shared_cadence import *
+ from shared_canvasjack import *
+ from shared_settings import *
+@@ -1710,7 +1711,7 @@ class CadenceMainW(QMainWindow, ui_cadence.Ui_CadenceMainW):
+
+ @pyqtSlot()
+ def slot_AlsaBridgeStop(self):
+- checkFile = "/tmp/.cadence-aloop-daemon.x"
++ checkFile = self.getDaemonLockfile("cadence-aloop-daemon")
+ if os.path.exists(checkFile):
+ os.remove(checkFile)
+
+diff --git a/src/cadence_aloop_daemon.py b/src/cadence_aloop_daemon.py
+index c8408ef..b53f64d 100755
+--- a/src/cadence_aloop_daemon.py
++++ b/src/cadence_aloop_daemon.py
+@@ -33,6 +33,7 @@ else:
+ # Imports (Custom Stuff)
+
+ import jacklib
++from shared import getDaemonLockfile
+
+ # --------------------------------------------------
+ # Auto re-activate if on good kernel
+@@ -50,7 +51,7 @@ doRunNow = True
+ useZita = False
+ procIn = QProcess()
+ procOut = QProcess()
+-checkFile = "/tmp/.cadence-aloop-daemon.x"
++checkFile = getDaemonLockfile("cadence-aloop-daemon")
+
+ # --------------------------------------------------
+ # Global JACK variables
+@@ -161,7 +162,7 @@ if __name__ == '__main__':
+ client = jacklib.client_open("cadence-aloop-daemon", jacklib.JackUseExactName, None)
+
+ if not client:
+- print("cadence-aloop-daemon is already running, delete \"/tmp/.cadence-aloop-daemon.x\" to close it")
++ print("cadence-aloop-daemon is already running, delete \"{}\" to close it".format(checkFile))
+ quit()
+
+ if jacklib.JACK2:
+diff --git a/src/shared.py b/src/shared.py
+index 2df4d54..e65d292 100644
+--- a/src/shared.py
++++ b/src/shared.py
+@@ -312,3 +312,11 @@ def setIcons(self_, modes):
+ if "misc" in modes:
+ gGui.ui.act_quit.setIcon(getIcon("application-exit"))
+ gGui.ui.act_configure.setIcon(getIcon("configure"))
++
++def getDaemonLockfile(base):
++ lockdir = os.environ.get("XDG_RUNTIME_DIR", None)
++ if not lockdir:
++ lockdir = os.path.expanduser("~")
++
++ return os.path.join(lockdir, "{}-lock".format(base))
++
+--
+2.41.0
+
diff --git a/0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch b/0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch
new file mode 100644
index 000000000000..87a0717677ab
--- /dev/null
+++ b/0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch
@@ -0,0 +1,46 @@
+From 3fdff274c40795ad6a24891066358aa7a3953962 Mon Sep 17 00:00:00 2001
+From: Matthias Gerstner <matthias.gerstner () suse de>
+Date: Tue, 22 Aug 2023 14:28:33 +0200
+Subject: [PATCH] cadence.py: wine ASIO settings: use safe tempfile
+
+This fixed tempfile path poses a security issue that even might allow
+other users on the system to inject arbitrary wine registry settings, if
+protect_symlinks and protect_regular kernel protection is not enabled.
+
+Use a proper NamedTemporaryFile to pass the data to regedit to fix this.
+---
+ src/cadence.py | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/src/cadence.py b/src/cadence.py
+index 714e2d6..fddadfb 100755
+--- a/src/cadence.py
++++ b/src/cadence.py
+@@ -47,6 +47,8 @@ from shared_settings import *
+ # Import getoutput
+
+ from subprocess import getoutput
++import tempfile
++import subprocess
+
+ # ------------------------------------------------------------------------------------------------------------
+ # Try Import DBus
+@@ -2095,11 +2097,10 @@ class CadenceMainW(QMainWindow, ui_cadence.Ui_CadenceMainW):
+ REGFILE += '"Number of outputs"=dword:000000%s\n' % smartHex(self.sb_wineasio_outs.value(), 2)
+ REGFILE += '"Preferred buffersize"=dword:0000%s\n' % smartHex(int(self.cb_wineasio_bsizes.currentText()), 4)
+
+- writeFile = open("/tmp/cadence-wineasio.reg", "w")
+- writeFile.write(REGFILE)
+- writeFile.close()
+-
+- os.system("regedit /tmp/cadence-wineasio.reg")
++ with tempfile.NamedTemporaryFile('w') as tmpfile:
++ tmpfile.write(REGFILE)
++ tmpfile.flush()
++ subprocess.run(["regedit", tmpfile.name])
+
+ self.settings_changed_types = []
+ self.frame_tweaks_settings.setVisible(False)
+--
+2.41.0
+
diff --git a/PKGBUILD b/PKGBUILD
index 649571e1469b..197ee7bb8de9 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,7 +5,7 @@
_name=Cadence
pkgname=cadence
pkgver=0.9.2
-pkgrel=2
+pkgrel=3
pkgdesc="JACK toolbox for audio production."
arch=(x86_64)
url="https://kx.studio/Applications:Cadence"
@@ -39,9 +39,24 @@ optdepends=(
'python-rdflib: LADSPA-RDF support in Carla'
'zita-ajbridge: ALSA to JACK bridge'
)
-source=(https://github.com/falkTX/$pkgname/archive/v$pkgver/$pkgname-v$pkgver.tar.gz)
-sha512sums=('d8a1b52c361e3e18a193d1c283bb69abe18ce667b554fc53cb9b752d92747269145144ae512895ffbb5df76efe8671cfc0782f29e59d0d7cd3d97c97240bdecf')
-b2sums=('a5422e4d74618e2e45d9c6f275393a6e918783fc37d60a54142725aa54e691435c41f76dd0346fae7684c452988b07a18d817902abd917dbceaff5fb4aaa6c47')
+source=(
+ https://github.com/falkTX/$pkgname/archive/v$pkgver/$pkgname-v$pkgver.tar.gz
+ 0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch
+ 0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch
+)
+sha512sums=('d8a1b52c361e3e18a193d1c283bb69abe18ce667b554fc53cb9b752d92747269145144ae512895ffbb5df76efe8671cfc0782f29e59d0d7cd3d97c97240bdecf'
+ 'c145404f12b26a88075c2475ad2bffbbdfe46ed294e7e9c88f7e11db645890afa35cfec99e2dd4bf14bb4bfaaf8e23c1ee64cc0d91d163274f7b02b32c080b75'
+ '7c66d7fcf7b05d50ff98373b29a2a884088be62c6e025fbd4362387c67018eeac6b9fc16e6866704e268eafdb4b2f12bfcc62927a3ea5914693a32b93d5e8775')
+b2sums=('a5422e4d74618e2e45d9c6f275393a6e918783fc37d60a54142725aa54e691435c41f76dd0346fae7684c452988b07a18d817902abd917dbceaff5fb4aaa6c47'
+ '2a1cfa17a75f9e652064cb7f3fcddb0a3ff1ad7d829cb58fd924e6c406d3dd07091a2ccb0067b001378212dbdba7549c5e04ef0b99ee83ffddfd7e525a68da66'
+ 'ef6f6a40736c57b6dbd3570ca5c5119432552f4000d230199d0ea329cd08b76abe30c8afa53380e5bbcabbbe6b97afa6f093bb0424c909ad8d8fa5f37e43661f')
+
+prepare() {
+ # fix CVE-2023-43782, CVE-2023-43783
+ # https://seclists.org/oss-sec/2023/q4/45
+ patch -Np1 -d $_name-$pkgver -i ../0001-cadence_aloop_daemon-place-lockfile-into-non-public-.patch
+ patch -Np1 -d $_name-$pkgver -i ../0001-cadence_py-wine-ASIO-settings-use-safe-tempfile.patch
+}
build() {
make -C $_name-$pkgver