slackware-current/source/xfce/garcon/0001-Fix-use-after-free-crash-Bug-15679.patch

From 6f452937366bb1599fb0ae986958786d52946f15 Mon Sep 17 00:00:00 2001
From: Andre Miranda <andreldm@xfce.org>
Date: Sat, 6 Jul 2019 13:42:20 -0300
Subject: [PATCH] Fix use after free crash (Bug #15679)

---
 garcon/garcon-menu-item.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/garcon/garcon-menu-item.c b/garcon/garcon-menu-item.c
index 35f6bed..5f23467 100644
--- a/garcon/garcon-menu-item.c
+++ b/garcon/garcon-menu-item.c
@@ -1154,6 +1154,8 @@ garcon_menu_item_reload_from_file (GarconMenuItem  *item,
 
   /* Update application actions */
   _garcon_g_list_free_full (item->priv->actions, garcon_menu_item_action_unref);
+  item->priv->actions = NULL;
+
   str_list = xfce_rc_read_list_entry (rc, G_KEY_FILE_DESKTOP_KEY_ACTIONS, ";");
   if (G_LIKELY (str_list != NULL))
     {
-- 
2.22.0
Wed Jul 10 23:56:13 UTC 2019 a/glibc-zoneinfo-2019b-noarch-1.txz: Upgraded. a/kernel-generic-4.19.58-x86_64-1.txz: Upgraded. a/kernel-huge-4.19.58-x86_64-1.txz: Upgraded. a/kernel-modules-4.19.58-x86_64-1.txz: Upgraded. d/Cython-0.29.12-x86_64-1.txz: Upgraded. d/kernel-headers-4.19.58-x86-1.txz: Upgraded. d/mercurial-5.0.2-x86_64-1.txz: Upgraded. d/python3-3.7.4-x86_64-1.txz: Upgraded. k/kernel-source-4.19.58-noarch-1.txz: Upgraded. l/glib2-2.60.5-x86_64-1.txz: Upgraded. n/gnupg2-2.2.17-x86_64-1.txz: Upgraded. n/iproute2-5.2.0-x86_64-1.txz: Upgraded. n/samba-4.10.6-x86_64-1.txz: Upgraded. x/libva-utils-2.5.0-x86_64-1.txz: Upgraded. x/mesa-19.1.2-x86_64-1.txz: Upgraded. xap/mozilla-firefox-68.0esr-x86_64-1.txz: Upgraded. This release contains security fixes and improvements. Some of the patched flaws are considered critical, and could be used to run attacker code and install software, requiring no user interaction beyond normal browsing. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709 (* Security fix ) xap/mozilla-thunderbird-60.8.0-x86_64-1.txz: Upgraded. This is a bugfix release. For more information, see: https://www.mozilla.org/en-US/thunderbird/60.8.0/releasenotes/ xfce/garcon-0.6.3-x86_64-2.txz: Rebuilt. Patched crash bug. Installed gtk-doc HTML docs. Thanks to Robby Workman. isolinux/initrd.img: Rebuilt. kernels/: Upgraded. testing/packages/blueman-2.1.1-x86_64-1.txz: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt. 2019-07-11 01:56:13 +02:00			`From 6f452937366bb1599fb0ae986958786d52946f15 Mon Sep 17 00:00:00 2001`
			`From: Andre Miranda <andreldm@xfce.org>`
			`Date: Sat, 6 Jul 2019 13:42:20 -0300`
			`Subject: [PATCH] Fix use after free crash (Bug #15679)`

			`---`
			`garcon/garcon-menu-item.c \| 2 ++`
			`1 file changed, 2 insertions(+)`

			`diff --git a/garcon/garcon-menu-item.c b/garcon/garcon-menu-item.c`
			`index 35f6bed..5f23467 100644`
			`--- a/garcon/garcon-menu-item.c`
			`+++ b/garcon/garcon-menu-item.c`
			`@@ -1154,6 +1154,8 @@ garcon_menu_item_reload_from_file (GarconMenuItem *item,`

			`/* Update application actions */`
			`_garcon_g_list_free_full (item->priv->actions, garcon_menu_item_action_unref);`
			`+ item->priv->actions = NULL;`
			`+`
			`str_list = xfce_rc_read_list_entry (rc, G_KEY_FILE_DESKTOP_KEY_ACTIONS, ";");`
			`if (G_LIKELY (str_list != NULL))`
			`{`
			`--`
			`2.22.0`