3 files changed, 309 insertions, 0 deletions
diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch
new file mode 100644
index 0000000000..f942f990bd
--- /dev/null
+++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch
@@ -0,0 +1,97 @@
+From 9165a61f95e43cc0b5abf9b98eee2818a0191e0b Mon Sep 17 00:00:00 2001
+From: Alexander Schwinn <alexxcons@xfce.org>
+Date: Sat, 1 May 2021 00:40:44 +0200
+Subject: [PATCH 1/2] Dont execute files, passed via command line due to
+ security risks
+Instead open the containing folder and select the file.
+Fixes #121
+Upstream-Status: Backport
+CVE: CVE-2021-32563
+Reference to upstream patch:
+[https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b]
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ thunar/thunar-application.c | 25 +++++++++++++++++++++++--
+ thunar/thunar-window.c      |  4 +---
+ thunar/thunar-window.h      |  2 ++
+ 3 files changed, 26 insertions(+), 5 deletions(-)
+diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c
+index df862fd..1243940 100644
+--- a/thunar/thunar-application.c
+++ b/thunar/thunar-application.c
+@@ -1512,8 +1512,29 @@ thunar_application_process_files_finish (ThunarBrowser *browser,
+     }
+   else
+     {
+-      /* try to open the file or directory */
+-      thunar_file_launch (target_file, screen, startup_id, &error);
+      if (thunar_file_is_directory (file))
+        {
+          thunar_application_open_window (application, file, screen, startup_id, FALSE);
+        }
+      else
+        {
+          /* Note that for security reasons we do not execute files passed via command line */
+          /* Lets rather open the containing directory and select the file */
+          ThunarFile *parent = thunar_file_get_parent (file, NULL);
+
+          if (G_LIKELY (parent != NULL))
+            {
+              GList* files = NULL;
+              GtkWidget *window;
+
+              window = thunar_application_open_window (application, parent, screen, startup_id, FALSE);
+              g_object_unref (parent);
+
+              files = g_list_append (files, thunar_file_get_file (file));
+              thunar_window_select_files (THUNAR_WINDOW (window), files);
+              g_list_free (files);
+            }
+        }
+ 
+       /* remove the file from the list */
+       application->files_to_launch = g_list_delete_link (application->files_to_launch,
+diff --git a/thunar/thunar-window.c b/thunar/thunar-window.c
+index b330a87..b234fd3 100644
+--- a/thunar/thunar-window.c
+++ b/thunar/thunar-window.c
+@@ -243,8 +243,6 @@ static void      thunar_window_update_go_menu             (ThunarWindow
+                                                            GtkWidget              *menu);
+ static void      thunar_window_update_help_menu           (ThunarWindow           *window,
+                                                            GtkWidget              *menu);
+-static void      thunar_window_select_files               (ThunarWindow           *window,
+-                                                           GList                  *path_list);
+ static void      thunar_window_binding_create             (ThunarWindow           *window,
+                                                            gpointer                src_object,
+                                                            const gchar            *src_prop,
+@@ -891,7 +889,7 @@ thunar_window_screen_changed (GtkWidget *widget,
+  *
+  * Visually selects the files, given by the list
+  **/
+-static void
+void
+ thunar_window_select_files (ThunarWindow *window,
+                             GList        *files_to_selected)
+ {
+diff --git a/thunar/thunar-window.h b/thunar/thunar-window.h
+index 9cbcc85..3c1aad2 100644
+--- a/thunar/thunar-window.h
+++ b/thunar/thunar-window.h
+@@ -126,6 +126,8 @@ void                      thunar_window_redirect_menu_tooltips_to_statusbar (Thu
+                                                                              GtkMenu             *menu);
+ const XfceGtkActionEntry* thunar_window_get_action_entry                    (ThunarWindow        *window,
+                                                                              ThunarWindowAction   action);
+ void                     thunar_window_select_files                        (ThunarWindow         *window,
+                                                                             GList                *path_list);
+ G_END_DECLS;
+ 
+ #endif /* !__THUNAR_WINDOW_H__ */
+-- 
+2.17.1
diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch
new file mode 100644
index 0000000000..a22cdc6d8d
--- /dev/null
+++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch
@@ -0,0 +1,208 @@
+From 3b54d9d7dbd7fd16235e2141c43a7f18718f5664 Mon Sep 17 00:00:00 2001
+From: Alexander Schwinn <alexxcons@xfce.org>
+Date: Fri, 7 May 2021 15:21:27 +0200
+Subject: [PATCH 2/2] Regression: Activating Desktop Icon does not Use Default
+ Application (Issue #575)
+- Introduced by 9165a61f (Dont execute files, passed via command line
+due to security risks)
+- Now via DBus files are executed, and via CLI, files are just selected
+Fixes #575
+Upstream-Status: Backport
+CVE: CVE-2021-32563
+Reference to upstream patch:
+[https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664]
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ thunar/thunar-application.c  | 68 +++++++++++++++++++++---------------
+ thunar/thunar-application.h  |  9 ++++-
+ thunar/thunar-dbus-service.c |  2 +-
+ 3 files changed, 49 insertions(+), 30 deletions(-)
+diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c
+index 1243940..53d0b23 100644
+--- a/thunar/thunar-application.c
+++ b/thunar/thunar-application.c
+@@ -182,37 +182,38 @@ struct _ThunarApplicationClass
+ 
+ struct _ThunarApplication
+ {
+-  GtkApplication         __parent__;
+  GtkApplication                 __parent__;
+ 
+-  ThunarSessionClient   *session_client;
+  ThunarSessionClient            *session_client;
+ 
+-  ThunarPreferences     *preferences;
+-  GtkWidget             *progress_dialog;
+  ThunarPreferences              *preferences;
+  GtkWidget                      *progress_dialog;
+ 
+-  ThunarThumbnailCache  *thumbnail_cache;
+-  ThunarThumbnailer     *thumbnailer;
+  ThunarThumbnailCache           *thumbnail_cache;
+  ThunarThumbnailer              *thumbnailer;
+ 
+-  ThunarDBusService     *dbus_service;
+  ThunarDBusService              *dbus_service;
+ 
+-  gboolean               daemon;
+  gboolean                        daemon;
+ 
+-  guint                  accel_map_save_id;
+-  GtkAccelMap           *accel_map;
+  guint                           accel_map_save_id;
+  GtkAccelMap                    *accel_map;
+ 
+-  guint                  show_dialogs_timer_id;
+  guint                           show_dialogs_timer_id;
+ 
+ #ifdef HAVE_GUDEV
+-  GUdevClient           *udev_client;
+  GUdevClient                    *udev_client;
+ 
+-  GSList                *volman_udis;
+-  guint                  volman_idle_id;
+-  guint                  volman_watch_id;
+  GSList                         *volman_udis;
+  guint                           volman_idle_id;
+  guint                           volman_watch_id;
+ #endif
+ 
+-  GList                 *files_to_launch;
+  GList                          *files_to_launch;
+  ThunarApplicationProcessAction  process_file_action;
+ 
+-  guint                  dbus_owner_id_xfce;
+-  guint                  dbus_owner_id_fdo;
+  guint                           dbus_owner_id_xfce;
+  guint                           dbus_owner_id_fdo;
+ };
+ 
+ 
+@@ -279,6 +280,7 @@ thunar_application_init (ThunarApplication *application)
+    * in the primary instance anyways */
+ 
+   application->files_to_launch = NULL;
+  application->process_file_action = THUNAR_APPLICATION_SELECT_FILES;
+   application->progress_dialog = NULL;
+   application->preferences     = NULL;
+ 
+@@ -531,7 +533,7 @@ thunar_application_command_line (GApplication            *gapp,
+     }
+   else if (filenames != NULL)
+     {
+-      if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error))
+      if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES))
+         {
+           /* we failed to process the filenames or the bulk rename failed */
+           g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message);
+@@ -539,7 +541,7 @@ thunar_application_command_line (GApplication            *gapp,
+     }
+   else if (!daemon)
+     {
+-      if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error))
+      if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES))
+         {
+           /* we failed to process the filenames or the bulk rename failed */
+           g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message);
+@@ -1512,7 +1514,12 @@ thunar_application_process_files_finish (ThunarBrowser *browser,
+     }
+   else
+     {
+-      if (thunar_file_is_directory (file))
+      if (application->process_file_action == THUNAR_APPLICATION_LAUNCH_FILES)
+        {
+          /* try to launch the file / open the directory */
+          thunar_file_launch (target_file, screen, startup_id, &error);
+        }
+      else if (thunar_file_is_directory (file))
+         {
+           thunar_application_open_window (application, file, screen, startup_id, FALSE);
+         }
+@@ -1603,18 +1610,20 @@ thunar_application_process_files (ThunarApplication *application)
+  * @startup_id        : startup id to finish startup notification and properly focus the
+  *                      window when focus stealing is enabled or %NULL.
+  * @error             : return location for errors or %NULL.
+ * @action            : action to invoke on the files
+  *
+  * Tells @application to process the given @filenames and launch them appropriately.
+  *
+  * Return value: %TRUE on success, %FALSE if @error is set.
+  **/
+ gboolean
+-thunar_application_process_filenames (ThunarApplication *application,
+-                                      const gchar       *working_directory,
+-                                      gchar            **filenames,
+-                                      GdkScreen         *screen,
+-                                      const gchar       *startup_id,
+-                                      GError           **error)
+thunar_application_process_filenames (ThunarApplication               *application,
+                                      const gchar                     *working_directory,
+                                      gchar                          **filenames,
+                                      GdkScreen                       *screen,
+                                      const gchar                     *startup_id,
+                                      GError                         **error,
+                                      ThunarApplicationProcessAction   action)
+ {
+   ThunarFile *file;
+   GError     *derror = NULL;
+@@ -1686,7 +1695,10 @@ thunar_application_process_filenames (ThunarApplication *application,
+ 
+   /* start processing files if we have any to launch */
+   if (application->files_to_launch != NULL)
+-    thunar_application_process_files (application);
+    {
+      application->process_file_action = action;
+      thunar_application_process_files (application);
+    }
+ 
+   /* free the file list */
+   g_list_free (file_list);
+diff --git a/thunar/thunar-application.h b/thunar/thunar-application.h
+index 547cb70..8c180e8 100644
+--- a/thunar/thunar-application.h
+++ b/thunar/thunar-application.h
+@@ -31,6 +31,12 @@ G_BEGIN_DECLS;
+ typedef struct _ThunarApplicationClass ThunarApplicationClass;
+ typedef struct _ThunarApplication      ThunarApplication;
+ 
+typedef enum
+{
+  THUNAR_APPLICATION_LAUNCH_FILES,
+  THUNAR_APPLICATION_SELECT_FILES
+} ThunarApplicationProcessAction;
+
+ #define THUNAR_TYPE_APPLICATION             (thunar_application_get_type ())
+ #define THUNAR_APPLICATION(obj)             (G_TYPE_CHECK_INSTANCE_CAST ((obj), THUNAR_TYPE_APPLICATION, ThunarApplication))
+ #define THUNAR_APPLICATION_CLASS(klass)     (G_TYPE_CHECK_CLASS_CAST ((klass), THUNAR_TYPE_APPLICATION, ThunarApplicationClass))
+@@ -74,7 +80,8 @@ gboolean              thunar_application_process_filenames          (ThunarAppli
+                                                                      gchar            **filenames,
+                                                                      GdkScreen         *screen,
+                                                                      const gchar       *startup_id,
+-                                                                     GError           **error);
+                                                                     GError           **error,
+                                                                     ThunarApplicationProcessAction action);
+ 
+ void                  thunar_application_rename_file                (ThunarApplication *application,
+                                                                      ThunarFile        *file,
+diff --git a/thunar/thunar-dbus-service.c b/thunar/thunar-dbus-service.c
+index 2d27642..4205a2b 100644
+--- a/thunar/thunar-dbus-service.c
+++ b/thunar/thunar-dbus-service.c
+@@ -991,7 +991,7 @@ thunar_dbus_service_launch_files (ThunarDBusFileManager  *object,
+     {
+       /* let the application process the filenames */
+       application = thunar_application_get ();
+-      thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error);
+      thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error, THUNAR_APPLICATION_LAUNCH_FILES);
+       g_object_unref (G_OBJECT (application));
+ 
+       /* release the screen */
+-- 
+2.17.1
diff --git a/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb b/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb
index 128043d19b..7bef08ed95 100644
--- a/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb
+++ b/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb
@@ -8,6 +8,10 @@ inherit xfce gobject-introspection features_check mime-xdg
 REQUIRED_DISTRO_FEATURES = "x11"
+SRC_URI += "file://CVE-2021-32563-1.patch \
+            file://CVE-2021-32563-2.patch \
+           "
 SRC_URI[sha256sum] = "cb531d3fe67196a43ca04979ef271ece7858bbc80c15b0ee4323c1252a1a02b7"
 PACKAGECONFIG ??= ""

diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch new file mode 100644 index 0000000000..f942f990bd --- /dev/null +++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch
@@ -0,0 +1,97 @@
		1	From 9165a61f95e43cc0b5abf9b98eee2818a0191e0b Mon Sep 17 00:00:00 2001
		2	From: Alexander Schwinn <alexxcons@xfce.org>
		3	Date: Sat, 1 May 2021 00:40:44 +0200
		4	Subject: [PATCH 1/2] Dont execute files, passed via command line due to
		5	security risks
		6
		7	Instead open the containing folder and select the file.
		8
		9	Fixes #121
		10
		11	Upstream-Status: Backport
		12	CVE: CVE-2021-32563
		13
		14	Reference to upstream patch:
		15	[https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b]
		16
		17	Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
		18	---
		19	thunar/thunar-application.c \| 25 +++++++++++++++++++++++--
		20	thunar/thunar-window.c \| 4 +---
		21	thunar/thunar-window.h \| 2 ++
		22	3 files changed, 26 insertions(+), 5 deletions(-)
		23
		24	diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c
		25	index df862fd..1243940 100644
		26	--- a/thunar/thunar-application.c
		27	+++ b/thunar/thunar-application.c
		28	@@ -1512,8 +1512,29 @@ thunar_application_process_files_finish (ThunarBrowser *browser,
		29	}
		30	else
		31	{
		32	- /* try to open the file or directory */
		33	- thunar_file_launch (target_file, screen, startup_id, &error);
		34	+ if (thunar_file_is_directory (file))
		35	+ {
		36	+ thunar_application_open_window (application, file, screen, startup_id, FALSE);
		37	+ }
		38	+ else
		39	+ {
		40	+ /* Note that for security reasons we do not execute files passed via command line */
		41	+ /* Lets rather open the containing directory and select the file */
		42	+ ThunarFile *parent = thunar_file_get_parent (file, NULL);
		43	+
		44	+ if (G_LIKELY (parent != NULL))
		45	+ {
		46	+ GList* files = NULL;
		47	+ GtkWidget *window;
		48	+
		49	+ window = thunar_application_open_window (application, parent, screen, startup_id, FALSE);
		50	+ g_object_unref (parent);
		51	+
		52	+ files = g_list_append (files, thunar_file_get_file (file));
		53	+ thunar_window_select_files (THUNAR_WINDOW (window), files);
		54	+ g_list_free (files);
		55	+ }
		56	+ }
		57
		58	/* remove the file from the list */
		59	application->files_to_launch = g_list_delete_link (application->files_to_launch,
		60	diff --git a/thunar/thunar-window.c b/thunar/thunar-window.c
		61	index b330a87..b234fd3 100644
		62	--- a/thunar/thunar-window.c
		63	+++ b/thunar/thunar-window.c
		64	@@ -243,8 +243,6 @@ static void thunar_window_update_go_menu (ThunarWindow
		65	GtkWidget *menu);
		66	static void thunar_window_update_help_menu (ThunarWindow *window,
		67	GtkWidget *menu);
		68	-static void thunar_window_select_files (ThunarWindow *window,
		69	- GList *path_list);
		70	static void thunar_window_binding_create (ThunarWindow *window,
		71	gpointer src_object,
		72	const gchar *src_prop,
		73	@@ -891,7 +889,7 @@ thunar_window_screen_changed (GtkWidget *widget,
		74	*
		75	* Visually selects the files, given by the list
		76	**/
		77	-static void
		78	+void
		79	thunar_window_select_files (ThunarWindow *window,
		80	GList *files_to_selected)
		81	{
		82	diff --git a/thunar/thunar-window.h b/thunar/thunar-window.h
		83	index 9cbcc85..3c1aad2 100644
		84	--- a/thunar/thunar-window.h
		85	+++ b/thunar/thunar-window.h
		86	@@ -126,6 +126,8 @@ void thunar_window_redirect_menu_tooltips_to_statusbar (Thu
		87	GtkMenu *menu);
		88	const XfceGtkActionEntry* thunar_window_get_action_entry (ThunarWindow *window,
		89	ThunarWindowAction action);
		90	+ void thunar_window_select_files (ThunarWindow *window,
		91	+ GList *path_list);
		92	G_END_DECLS;
		93
		94	#endif /* !__THUNAR_WINDOW_H__ */
		95	--
		96	2.17.1
		97


diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch new file mode 100644 index 0000000000..a22cdc6d8d --- /dev/null +++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-2.patch
@@ -0,0 +1,208 @@
		1	From 3b54d9d7dbd7fd16235e2141c43a7f18718f5664 Mon Sep 17 00:00:00 2001
		2	From: Alexander Schwinn <alexxcons@xfce.org>
		3	Date: Fri, 7 May 2021 15:21:27 +0200
		4	Subject: [PATCH 2/2] Regression: Activating Desktop Icon does not Use Default
		5	Application (Issue #575)
		6
		7	- Introduced by 9165a61f (Dont execute files, passed via command line
		8	due to security risks)
		9	- Now via DBus files are executed, and via CLI, files are just selected
		10
		11	Fixes #575
		12
		13	Upstream-Status: Backport
		14	CVE: CVE-2021-32563
		15
		16	Reference to upstream patch:
		17	[https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664]
		18
		19	Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
		20	---
		21	thunar/thunar-application.c \| 68 +++++++++++++++++++++---------------
		22	thunar/thunar-application.h \| 9 ++++-
		23	thunar/thunar-dbus-service.c \| 2 +-
		24	3 files changed, 49 insertions(+), 30 deletions(-)
		25
		26	diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c
		27	index 1243940..53d0b23 100644
		28	--- a/thunar/thunar-application.c
		29	+++ b/thunar/thunar-application.c
		30	@@ -182,37 +182,38 @@ struct _ThunarApplicationClass
		31
		32	struct _ThunarApplication
		33	{
		34	- GtkApplication __parent__;
		35	+ GtkApplication __parent__;
		36
		37	- ThunarSessionClient *session_client;
		38	+ ThunarSessionClient *session_client;
		39
		40	- ThunarPreferences *preferences;
		41	- GtkWidget *progress_dialog;
		42	+ ThunarPreferences *preferences;
		43	+ GtkWidget *progress_dialog;
		44
		45	- ThunarThumbnailCache *thumbnail_cache;
		46	- ThunarThumbnailer *thumbnailer;
		47	+ ThunarThumbnailCache *thumbnail_cache;
		48	+ ThunarThumbnailer *thumbnailer;
		49
		50	- ThunarDBusService *dbus_service;
		51	+ ThunarDBusService *dbus_service;
		52
		53	- gboolean daemon;
		54	+ gboolean daemon;
		55
		56	- guint accel_map_save_id;
		57	- GtkAccelMap *accel_map;
		58	+ guint accel_map_save_id;
		59	+ GtkAccelMap *accel_map;
		60
		61	- guint show_dialogs_timer_id;
		62	+ guint show_dialogs_timer_id;
		63
		64	#ifdef HAVE_GUDEV
		65	- GUdevClient *udev_client;
		66	+ GUdevClient *udev_client;
		67
		68	- GSList *volman_udis;
		69	- guint volman_idle_id;
		70	- guint volman_watch_id;
		71	+ GSList *volman_udis;
		72	+ guint volman_idle_id;
		73	+ guint volman_watch_id;
		74	#endif
		75
		76	- GList *files_to_launch;
		77	+ GList *files_to_launch;
		78	+ ThunarApplicationProcessAction process_file_action;
		79
		80	- guint dbus_owner_id_xfce;
		81	- guint dbus_owner_id_fdo;
		82	+ guint dbus_owner_id_xfce;
		83	+ guint dbus_owner_id_fdo;
		84	};
		85
		86
		87	@@ -279,6 +280,7 @@ thunar_application_init (ThunarApplication *application)
		88	* in the primary instance anyways */
		89
		90	application->files_to_launch = NULL;
		91	+ application->process_file_action = THUNAR_APPLICATION_SELECT_FILES;
		92	application->progress_dialog = NULL;
		93	application->preferences = NULL;
		94
		95	@@ -531,7 +533,7 @@ thunar_application_command_line (GApplication *gapp,
		96	}
		97	else if (filenames != NULL)
		98	{
		99	- if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error))
		100	+ if (!thunar_application_process_filenames (application, cwd, filenames, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES))
		101	{
		102	/* we failed to process the filenames or the bulk rename failed */
		103	g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message);
		104	@@ -539,7 +541,7 @@ thunar_application_command_line (GApplication *gapp,
		105	}
		106	else if (!daemon)
		107	{
		108	- if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error))
		109	+ if (!thunar_application_process_filenames (application, cwd, cwd_list, NULL, NULL, &error, THUNAR_APPLICATION_SELECT_FILES))
		110	{
		111	/* we failed to process the filenames or the bulk rename failed */
		112	g_application_command_line_printerr (command_line, "Thunar: %s\n", error->message);
		113	@@ -1512,7 +1514,12 @@ thunar_application_process_files_finish (ThunarBrowser *browser,
		114	}
		115	else
		116	{
		117	- if (thunar_file_is_directory (file))
		118	+ if (application->process_file_action == THUNAR_APPLICATION_LAUNCH_FILES)
		119	+ {
		120	+ /* try to launch the file / open the directory */
		121	+ thunar_file_launch (target_file, screen, startup_id, &error);
		122	+ }
		123	+ else if (thunar_file_is_directory (file))
		124	{
		125	thunar_application_open_window (application, file, screen, startup_id, FALSE);
		126	}
		127	@@ -1603,18 +1610,20 @@ thunar_application_process_files (ThunarApplication *application)
		128	* @startup_id : startup id to finish startup notification and properly focus the
		129	* window when focus stealing is enabled or %NULL.
		130	* @error : return location for errors or %NULL.
		131	+ * @action : action to invoke on the files
		132	*
		133	* Tells @application to process the given @filenames and launch them appropriately.
		134	*
		135	* Return value: %TRUE on success, %FALSE if @error is set.
		136	**/
		137	gboolean
		138	-thunar_application_process_filenames (ThunarApplication *application,
		139	- const gchar *working_directory,
		140	- gchar **filenames,
		141	- GdkScreen *screen,
		142	- const gchar *startup_id,
		143	- GError **error)
		144	+thunar_application_process_filenames (ThunarApplication *application,
		145	+ const gchar *working_directory,
		146	+ gchar **filenames,
		147	+ GdkScreen *screen,
		148	+ const gchar *startup_id,
		149	+ GError **error,
		150	+ ThunarApplicationProcessAction action)
		151	{
		152	ThunarFile *file;
		153	GError *derror = NULL;
		154	@@ -1686,7 +1695,10 @@ thunar_application_process_filenames (ThunarApplication *application,
		155
		156	/* start processing files if we have any to launch */
		157	if (application->files_to_launch != NULL)
		158	- thunar_application_process_files (application);
		159	+ {
		160	+ application->process_file_action = action;
		161	+ thunar_application_process_files (application);
		162	+ }
		163
		164	/* free the file list */
		165	g_list_free (file_list);
		166	diff --git a/thunar/thunar-application.h b/thunar/thunar-application.h
		167	index 547cb70..8c180e8 100644
		168	--- a/thunar/thunar-application.h
		169	+++ b/thunar/thunar-application.h
		170	@@ -31,6 +31,12 @@ G_BEGIN_DECLS;
		171	typedef struct _ThunarApplicationClass ThunarApplicationClass;
		172	typedef struct _ThunarApplication ThunarApplication;
		173
		174	+typedef enum
		175	+{
		176	+ THUNAR_APPLICATION_LAUNCH_FILES,
		177	+ THUNAR_APPLICATION_SELECT_FILES
		178	+} ThunarApplicationProcessAction;
		179	+
		180	#define THUNAR_TYPE_APPLICATION (thunar_application_get_type ())
		181	#define THUNAR_APPLICATION(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), THUNAR_TYPE_APPLICATION, ThunarApplication))
		182	#define THUNAR_APPLICATION_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), THUNAR_TYPE_APPLICATION, ThunarApplicationClass))
		183	@@ -74,7 +80,8 @@ gboolean thunar_application_process_filenames (ThunarAppli
		184	gchar **filenames,
		185	GdkScreen *screen,
		186	const gchar *startup_id,
		187	- GError **error);
		188	+ GError **error,
		189	+ ThunarApplicationProcessAction action);
		190
		191	void thunar_application_rename_file (ThunarApplication *application,
		192	ThunarFile *file,
		193	diff --git a/thunar/thunar-dbus-service.c b/thunar/thunar-dbus-service.c
		194	index 2d27642..4205a2b 100644
		195	--- a/thunar/thunar-dbus-service.c
		196	+++ b/thunar/thunar-dbus-service.c
		197	@@ -991,7 +991,7 @@ thunar_dbus_service_launch_files (ThunarDBusFileManager *object,
		198	{
		199	/* let the application process the filenames */
		200	application = thunar_application_get ();
		201	- thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error);
		202	+ thunar_application_process_filenames (application, working_directory, filenames, screen, startup_id, &error, THUNAR_APPLICATION_LAUNCH_FILES);
		203	g_object_unref (G_OBJECT (application));
		204
		205	/* release the screen */
		206	--
		207	2.17.1
		208


diff --git a/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb b/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb index 128043d19b..7bef08ed95 100644 --- a/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb +++ b/meta-xfce/recipes-xfce/thunar/thunar_4.16.6.bb
@@ -8,6 +8,10 @@ inherit xfce gobject-introspection features_check mime-xdg
8		8
9	REQUIRED_DISTRO_FEATURES = "x11"	9	REQUIRED_DISTRO_FEATURES = "x11"
10		10
		11	SRC_URI += "file://CVE-2021-32563-1.patch \
		12	file://CVE-2021-32563-2.patch \
		13	"
		14
11	SRC_URI[sha256sum] = "cb531d3fe67196a43ca04979ef271ece7858bbc80c15b0ee4323c1252a1a02b7"	15	SRC_URI[sha256sum] = "cb531d3fe67196a43ca04979ef271ece7858bbc80c15b0ee4323c1252a1a02b7"
12		16
13	PACKAGECONFIG ??= ""	17	PACKAGECONFIG ??= ""