[gentoo-commits] repo/gentoo:master commit in: kde-plasma/kde-cli-tools/files/, kde-plasma/kde-cli-tools/ - gentoo-commits

From:	Michael Palimaka <kensington@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: kde-plasma/kde-cli-tools/files/, kde-plasma/kde-cli-tools/
Date:	Thu, 29 Sep 2016 16:36:47
Message-Id:	`1475166991.d35f109306617f42f57b31169cdf2a6797850297.kensington@gentoo`

1

commit:     d35f109306617f42f57b31169cdf2a6797850297

2

Author:     Michael Palimaka <kensington <AT> gentoo <DOT> org>

3

AuthorDate: Thu Sep 29 16:34:24 2016 +0000

4

Commit:     Michael Palimaka <kensington <AT> gentoo <DOT> org>

5

CommitDate: Thu Sep 29 16:36:31 2016 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d35f1093

7

8

kde-plasma/kde-cli-tools: backport patch from upstream to resolve CVE-2016-7787

9

10

Gentoo-bug: 595534

11

12

Package-Manager: portage-2.3.1

13

14

 .../files/kde-cli-tools-5.6.5-CVE-2016-7787.patch  | 44 +++++++++++++++

15

 .../kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild    | 62 ++++++++++++++++++++++

16

 2 files changed, 106 insertions(+)

17

18

diff --git a/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch b/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch

19

new file mode 100644

20

index 00000000..cce11d8

21

--- /dev/null

22

+++ b/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch

23

@@ -0,0 +1,44 @@

24

+From 5eda179a099ba68a20dc21dc0da63e85a565a171 Mon Sep 17 00:00:00 2001

25

+From: Martin Sandsmark <martin.sandsmark@×××.org>

26

+Date: Fri, 9 Sep 2016 09:05:57 +0200

27

+Subject: [PATCH] Make sure people are not trying to sneak invisible characters

28

+ on the kdesu label

29

+

30

+i18n: Sorry for the new string

31

+

32

+CCMAIL: kde-i18n-doc@×××.org

33

+---

34

+ kdesu/kdesu.cpp | 10 ++++++++++

35

+ 1 file changed, 10 insertions(+)

36

+

37

+diff --git a/kdesu/kdesu.cpp b/kdesu/kdesu.cpp

38

+index b7a66a2..b0efbc7 100644

39

+--- a/kdesu/kdesu.cpp

40

++++ b/kdesu/kdesu.cpp

41

+@@ -162,6 +162,10 @@ int main(int argc, char *argv[])

42

+     {

43

+         KMessageBox::sorry(0, i18n("Cannot execute command '%1'.", QString::fromLocal8Bit(command)));

44

+     }

45

++    if (result == -2)

46

++    {

47

++        KMessageBox::sorry(0, i18n("Cannot execute command '%1'. It contains invalid characters.", QString::fromLocal8Bit(command)));

48

++    }

49

+

50

+     return result;

51

+ }

52

+@@ -387,6 +391,12 @@ static int startApp(QCommandLineParser& p)

53

+         qDebug() << "Don't need password!!\n";

54

+     }

55

+

56

++    for (const QChar character : QString::fromLocal8Bit(command)) {

57

++        if (!character.isPrint() && character.category() != QChar::Other_Surrogate) {

58

++            return -2;

59

++        }

60

++    }

61

++

62

+     // Start the dialog

63

+     QString password;

64

+     if (needpw)

65

+--

66

+2.7.3

67

+

68

69

diff --git a/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild b/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild

70

new file mode 100644

71

index 00000000..67d1dde

72

--- /dev/null

73

+++ b/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild

74

@@ -0,0 +1,62 @@

75

+# Copyright 1999-2016 Gentoo Foundation

76

+# Distributed under the terms of the GNU General Public License v2

77

+# $Id$

78

+

79

+EAPI=6

80

+

81

+KDE_HANDBOOK="true"

82

+KDE_TEST="true"

83

+VIRTUALX_REQUIRED="test"

84

+inherit kde5

85

+

86

+DESCRIPTION="Tools based on KDE Frameworks 5 to better interact with the system"

87

+HOMEPAGE="https://projects.kde.org/projects/kde/workspace/kde-cli-tools"

88

+KEYWORDS="~amd64 ~arm ~x86"

89

+IUSE="+kdesu X"

90

+

91

+DEPEND="

92

+	$(add_frameworks_dep kcmutils)

93

+	$(add_frameworks_dep kcompletion)

94

+	$(add_frameworks_dep kconfig)

95

+	$(add_frameworks_dep kconfigwidgets)

96

+	$(add_frameworks_dep kcoreaddons)

97

+	$(add_frameworks_dep ki18n)

98

+	$(add_frameworks_dep kiconthemes)

99

+	$(add_frameworks_dep kio)

100

+	$(add_frameworks_dep kservice)

101

+	$(add_frameworks_dep kwidgetsaddons)

102

+	$(add_frameworks_dep kwindowsystem)

103

+	$(add_qt_dep qtdbus)

104

+	$(add_qt_dep qtgui)

105

+	$(add_qt_dep qtsvg)

106

+	$(add_qt_dep qtwidgets)

107

+	kdesu? ( $(add_frameworks_dep kdesu) )

108

+	X? (

109

+		$(add_frameworks_dep kdelibs4support)

110

+		$(add_qt_dep qtx11extras)

111

+		x11-libs/libX11

112

+	)

113

+"

114

+RDEPEND="${DEPEND}

115

+	handbook? ( !kde-apps/kdesu[handbook] )

116

+"

117

+

118

+# requires running kde environment

119

+RESTRICT="test"

120

+

121

+PATCHES=( "${FILESDIR}/${P}-CVE-2016-7787.patch" )

122

+

123

+src_configure() {

124

+	local mycmakeargs=(

125

+		$(cmake-utils_use_find_package kdesu KF5Su)

126

+		$(cmake-utils_use_find_package X KF5KDELibs4Support)

127

+		$(cmake-utils_use_find_package X Qt5X11Extras)

128

+	)

129

+

130

+	kde5_src_configure

131

+}

132

+

133

+src_install() {

134

+	kde5_src_install

135

+	use kdesu && dosym /usr/$(get_libdir)/libexec/kf5/kdesu /usr/bin/kdesu5

136

+}

1	commit: d35f109306617f42f57b31169cdf2a6797850297
2	Author: Michael Palimaka <kensington <AT> gentoo <DOT> org>
3	AuthorDate: Thu Sep 29 16:34:24 2016 +0000
4	Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org>
5	CommitDate: Thu Sep 29 16:36:31 2016 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d35f1093
7
8	kde-plasma/kde-cli-tools: backport patch from upstream to resolve CVE-2016-7787
9
10	Gentoo-bug: 595534
11
12	Package-Manager: portage-2.3.1
13
14	.../files/kde-cli-tools-5.6.5-CVE-2016-7787.patch \| 44 +++++++++++++++
15	.../kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild \| 62 ++++++++++++++++++++++
16	2 files changed, 106 insertions(+)
17
18	diff --git a/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch b/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch
19	new file mode 100644
20	index 00000000..cce11d8
21	--- /dev/null
22	+++ b/kde-plasma/kde-cli-tools/files/kde-cli-tools-5.6.5-CVE-2016-7787.patch
23	@@ -0,0 +1,44 @@
24	+From 5eda179a099ba68a20dc21dc0da63e85a565a171 Mon Sep 17 00:00:00 2001
25	+From: Martin Sandsmark <martin.sandsmark@×××.org>
26	+Date: Fri, 9 Sep 2016 09:05:57 +0200
27	+Subject: [PATCH] Make sure people are not trying to sneak invisible characters
28	+ on the kdesu label
29	+
30	+i18n: Sorry for the new string
31	+
32	+CCMAIL: kde-i18n-doc@×××.org
33	+---
34	+ kdesu/kdesu.cpp \| 10 ++++++++++
35	+ 1 file changed, 10 insertions(+)
36	+
37	+diff --git a/kdesu/kdesu.cpp b/kdesu/kdesu.cpp
38	+index b7a66a2..b0efbc7 100644
39	+--- a/kdesu/kdesu.cpp
40	++++ b/kdesu/kdesu.cpp
41	+@@ -162,6 +162,10 @@ int main(int argc, char *argv[])
42	+ {
43	+ KMessageBox::sorry(0, i18n("Cannot execute command '%1'.", QString::fromLocal8Bit(command)));
44	+ }
45	++ if (result == -2)
46	++ {
47	++ KMessageBox::sorry(0, i18n("Cannot execute command '%1'. It contains invalid characters.", QString::fromLocal8Bit(command)));
48	++ }
49	+
50	+ return result;
51	+ }
52	+@@ -387,6 +391,12 @@ static int startApp(QCommandLineParser& p)
53	+ qDebug() << "Don't need password!!\n";
54	+ }
55	+
56	++ for (const QChar character : QString::fromLocal8Bit(command)) {
57	++ if (!character.isPrint() && character.category() != QChar::Other_Surrogate) {
58	++ return -2;
59	++ }
60	++ }
61	++
62	+ // Start the dialog
63	+ QString password;
64	+ if (needpw)
65	+--
66	+2.7.3
67	+
68
69	diff --git a/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild b/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild
70	new file mode 100644
71	index 00000000..67d1dde
72	--- /dev/null
73	+++ b/kde-plasma/kde-cli-tools/kde-cli-tools-5.6.5-r1.ebuild
74	@@ -0,0 +1,62 @@
75	+# Copyright 1999-2016 Gentoo Foundation
76	+# Distributed under the terms of the GNU General Public License v2
77	+# $Id$
78	+
79	+EAPI=6
80	+
81	+KDE_HANDBOOK="true"
82	+KDE_TEST="true"
83	+VIRTUALX_REQUIRED="test"
84	+inherit kde5
85	+
86	+DESCRIPTION="Tools based on KDE Frameworks 5 to better interact with the system"
87	+HOMEPAGE="https://projects.kde.org/projects/kde/workspace/kde-cli-tools"
88	+KEYWORDS="~amd64 ~arm ~x86"
89	+IUSE="+kdesu X"
90	+
91	+DEPEND="
92	+ $(add_frameworks_dep kcmutils)
93	+ $(add_frameworks_dep kcompletion)
94	+ $(add_frameworks_dep kconfig)
95	+ $(add_frameworks_dep kconfigwidgets)
96	+ $(add_frameworks_dep kcoreaddons)
97	+ $(add_frameworks_dep ki18n)
98	+ $(add_frameworks_dep kiconthemes)
99	+ $(add_frameworks_dep kio)
100	+ $(add_frameworks_dep kservice)
101	+ $(add_frameworks_dep kwidgetsaddons)
102	+ $(add_frameworks_dep kwindowsystem)
103	+ $(add_qt_dep qtdbus)
104	+ $(add_qt_dep qtgui)
105	+ $(add_qt_dep qtsvg)
106	+ $(add_qt_dep qtwidgets)
107	+ kdesu? ( $(add_frameworks_dep kdesu) )
108	+ X? (
109	+ $(add_frameworks_dep kdelibs4support)
110	+ $(add_qt_dep qtx11extras)
111	+ x11-libs/libX11
112	+ )
113	+"
114	+RDEPEND="${DEPEND}
115	+ handbook? ( !kde-apps/kdesu[handbook] )
116	+"
117	+
118	+# requires running kde environment
119	+RESTRICT="test"
120	+
121	+PATCHES=( "${FILESDIR}/${P}-CVE-2016-7787.patch" )
122	+
123	+src_configure() {
124	+ local mycmakeargs=(
125	+ $(cmake-utils_use_find_package kdesu KF5Su)
126	+ $(cmake-utils_use_find_package X KF5KDELibs4Support)
127	+ $(cmake-utils_use_find_package X Qt5X11Extras)
128	+ )
129	+
130	+ kde5_src_configure
131	+}
132	+
133	+src_install() {
134	+ kde5_src_install
135	+ use kdesu && dosym /usr/$(get_libdir)/libexec/kf5/kdesu /usr/bin/kdesu5
136	+}

Gentoo Archives: gentoo-commits