Created attachment 226413 [details]
Update cde to 2.4.0
CDE 2.4.0 was recently released. The attached patch updates CDE to 2.4.0.
It builds on amd64 however fails to build on i386 due to varargs error, with support for this wanting on i386.
^Triage: [tags] in issue Titles are deprecated
Changelog notes, among many bugfixes:
dtsession, DtSvc: fix CVE-2020-2696/VU#308289
(In reply to Kubilay Kocak from comment #1)
Sorry, I didn't check any release notes, just that git repo had a new tag.
There's no maintainer feedback yet. Assigning this PR to myself for commit.
Ahhh, sorry, must have missed this. Please go ahead, of course- would you like to maintain it? :)
Sure, I'd be glad to take it over.
I'll pop the stash and commit, and push it with a bunch of other commits this week.
A commit in branch main references this bug:
Author: Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2021-08-09 18:18:33 +0000
Commit: Cy Schubert <cy@FreeBSD.org>
CommitDate: 2021-08-09 20:15:04 +0000
x11/cde: Update to 2.4.0
This commit updates x11/cde from 2.3.2 to 2.4.0. 2.4.0 fixes a local
privilege escalation in dteseesion, DtSvc.
Other changes include:
- 2.4.0 builds under FreeBSD 14-CURRENT using both poudriere (as before)
and now directly on the command line using make.
- i386 is now broken because it cannot bind to a temporary of type va_list.
- This commit also changes maintainership to myself (cy) as requested
by crees (maintainer) in PR/257148.
Submitted by: cy
Reported by: cy
Approved by: crees
Security: VuXML: 848bdd06-f93a-11eb-9f7d-206a8a720317
x11/cde/Makefile | 10 +-
x11/cde/distinfo | 6 +-
.../files/patch-lib_DtSearch_raima_dbtype.h (gone) | 13 -
x11/cde/files/patch-programs_dtcm_dtcm_calendarA.c | 13 +-
x11/cde/pkg-plist | 4760 ++++++++++----------
5 files changed, 2393 insertions(+), 2409 deletions(-)