A patch was merged which seems to limit the possibility that swaylock can crash and allow access to an attacker: https://github.com/swaywm/swaylock/pull/219 https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca Usually such things are just hardening issues and thus don't warrant security bugs and CVEs. However, there are several known crash issues in swaylock's issue tracker, one of which I can consistently reproduce. Please apply the patch or make a snapshot including the above commit.
doesn't seem to cleanly apply, so made a request for tag/release https://github.com/swaywm/swaylock/issues/229
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b9a55a9c52045e3eb7cd2f5afa07e458d4d64fbc commit b9a55a9c52045e3eb7cd2f5afa07e458d4d64fbc Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2022-03-07 21:40:49 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2022-03-07 21:41:01 +0000 gui-apps/swaylock: bump to 1.6 new release for... Bug: https://bugs.gentoo.org/834716 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> gui-apps/swaylock/Manifest | 1 + gui-apps/swaylock/swaylock-1.6.ebuild | 55 ++++++++++++++++++++++++++++++++++ gui-apps/swaylock/swaylock-9999.ebuild | 4 +-- 3 files changed, 58 insertions(+), 2 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3749d0a233cdffb67e51a5c07ff1caca3be39c19 commit 3749d0a233cdffb67e51a5c07ff1caca3be39c19 Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2022-03-07 21:42:14 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2022-03-07 21:42:14 +0000 gui-apps/swaylock: fast stablize amd64 arm64 and x86 Bug: https://bugs.gentoo.org/834716 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> gui-apps/swaylock/swaylock-1.6.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
swaylock-1.6 ebuild should depend on >=dev-libs/wayland-protocols-1.25 With stable 1.24, swaylock won't build for me: > Dependency wayland-protocols found: NO found 1.24 but need: '>=1.25' > Found CMake: /usr/bin/cmake (3.22.2) > Run-time dependency wayland-protocols found: NO (tried pkgconfig and cmake) > Looking for a fallback subproject for the dependency wayland-protocols
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eacbcf3fbb52865b0547a784e3747cc7e2a2e6de commit eacbcf3fbb52865b0547a784e3747cc7e2a2e6de Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-08 12:17:21 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-08 12:17:21 +0000 gui-apps/swaylock: fix 1.6 Wayland dependencies Bug: https://bugs.gentoo.org/834716 Closes: https://bugs.gentoo.org/834776 Signed-off-by: Sam James <sam@gentoo.org> gui-apps/swaylock/{swaylock-1.6.ebuild => swaylock-1.6-r1.ebuild} | 5 +++-- gui-apps/swaylock/swaylock-9999.ebuild | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-)
(In reply to Zbynek Lstiburek from comment #4) > swaylock-1.6 ebuild should depend on >=dev-libs/wayland-protocols-1.25 > > With stable 1.24, swaylock won't build for me: > > > Dependency wayland-protocols found: NO found 1.24 but need: '>=1.25' > > Found CMake: /usr/bin/cmake (3.22.2) > > Run-time dependency wayland-protocols found: NO (tried pkgconfig and cmake) > > Looking for a fallback subproject for the dependency wayland-protocols See bug 834776.
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d85e2c47e370a6ecd6b5348bfe7ceb6c5ccbe4e2 commit d85e2c47e370a6ecd6b5348bfe7ceb6c5ccbe4e2 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-12-18 16:44:13 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-12-18 16:45:19 +0000 gui-apps/swaylock: drop 1.3-r1, 1.5-r1 Bug: https://bugs.gentoo.org/834716 Signed-off-by: John Helmert III <ajak@gentoo.org> gui-apps/swaylock/Manifest | 2 -- gui-apps/swaylock/swaylock-1.3-r1.ebuild | 61 -------------------------------- gui-apps/swaylock/swaylock-1.5-r1.ebuild | 54 ---------------------------- 3 files changed, 117 deletions(-)
