1 |
commit: 532434ebeb2f497074e85ce7babad5e12abf2f21 |
2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Aug 1 15:50:09 2020 +0000 |
4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Aug 1 22:57:18 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=532434eb |
7 |
|
8 |
kde-apps/kmail-account-wizard: Fix CVE-2020-15954 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/734126 |
11 |
Package-Manager: Portage-3.0.1, Repoman-2.3.23 |
12 |
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> |
13 |
|
14 |
...ail-account-wizard-20.04.3-CVE-2020-15954.patch | 81 ++++++++++++++++++++++ |
15 |
.../kmail-account-wizard-20.04.3-r1.ebuild | 55 +++++++++++++++ |
16 |
2 files changed, 136 insertions(+) |
17 |
|
18 |
diff --git a/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch b/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch |
19 |
new file mode 100644 |
20 |
index 00000000000..a1c63e3a3a1 |
21 |
--- /dev/null |
22 |
+++ b/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch |
23 |
@@ -0,0 +1,81 @@ |
24 |
+From a64d80e523edce7d3d59c26834973418fae042f6 Mon Sep 17 00:00:00 2001 |
25 |
+From: Laurent Montel <montel@×××.org> |
26 |
+Date: Tue, 28 Jul 2020 13:52:19 +0200 |
27 |
+Subject: [PATCH] Show info about encryption/authentication settings |
28 |
+ |
29 |
+CCBUG: 423426 |
30 |
+--- |
31 |
+ src/transport.cpp | 18 +++++++++++++++--- |
32 |
+ src/transport.h | 2 ++ |
33 |
+ 2 files changed, 17 insertions(+), 3 deletions(-) |
34 |
+ |
35 |
+diff --git a/src/transport.cpp b/src/transport.cpp |
36 |
+index 567df31..26344ef 100644 |
37 |
+--- a/src/transport.cpp |
38 |
++++ b/src/transport.cpp |
39 |
+@@ -53,14 +53,16 @@ static const StringValueTable<MailTransport::Transport::EnumAuthenticationType> |
40 |
+ static const int authenticationTypeEnumSize = sizeof(authenticationTypeEnum) / sizeof(*authenticationTypeEnum); |
41 |
+ |
42 |
+ template<typename T> |
43 |
+-static typename T::value_type stringToValue(const T *table, const int tableSize, const QString &string) |
44 |
++static typename T::value_type stringToValue(const T *table, const int tableSize, const QString &string, bool &valid) |
45 |
+ { |
46 |
+ const QString ref = string.toLower(); |
47 |
+ for (int i = 0; i < tableSize; ++i) { |
48 |
+ if (ref == QLatin1String(table[i].name)) { |
49 |
++ valid = true; |
50 |
+ return table[i].value; |
51 |
+ } |
52 |
+ } |
53 |
++ valid = false; |
54 |
+ return table[0].value; // TODO: error handling |
55 |
+ } |
56 |
+ |
57 |
+@@ -98,6 +100,7 @@ void Transport::create() |
58 |
+ mt->setAuthenticationType(m_auth); |
59 |
+ m_transportId = mt->id(); |
60 |
+ mt->save(); |
61 |
++ Q_EMIT info(i18n("Mail transport uses '%1' encryption and '%2' authentication.", m_encrStr, m_authStr)); |
62 |
+ MailTransport::TransportManager::self()->addTransport(mt); |
63 |
+ MailTransport::TransportManager::self()->setDefaultTransport(mt->id()); |
64 |
+ if (m_editMode) { |
65 |
+@@ -154,12 +157,21 @@ void Transport::setPassword(const QString &password) |
66 |
+ |
67 |
+ void Transport::setEncryption(const QString &encryption) |
68 |
+ { |
69 |
+- m_encr = stringToValue(encryptionEnum, encryptionEnumSize, encryption); |
70 |
++ bool valid; |
71 |
++ m_encr = stringToValue(encryptionEnum, encryptionEnumSize, encryption, valid); |
72 |
++ if (valid) { |
73 |
++ m_encrStr = encryption; |
74 |
++ } |
75 |
+ } |
76 |
+ |
77 |
+ void Transport::setAuthenticationType(const QString &authType) |
78 |
+ { |
79 |
+- m_auth = stringToValue(authenticationTypeEnum, authenticationTypeEnumSize, authType); |
80 |
++ bool valid; |
81 |
++ m_auth = stringToValue(authenticationTypeEnum, authenticationTypeEnumSize, authType, valid); |
82 |
++ if (valid) { |
83 |
++ m_authStr = authType; |
84 |
++ } |
85 |
++ |
86 |
+ } |
87 |
+ |
88 |
+ int Transport::transportId() const |
89 |
+diff --git a/src/transport.h b/src/transport.h |
90 |
+index 3773b04..6415bf9 100644 |
91 |
+--- a/src/transport.h |
92 |
++++ b/src/transport.h |
93 |
+@@ -53,6 +53,8 @@ private: |
94 |
+ QString m_password; |
95 |
+ MailTransport::Transport::EnumEncryption::type m_encr; |
96 |
+ MailTransport::Transport::EnumAuthenticationType::type m_auth; |
97 |
++ QString m_encrStr; |
98 |
++ QString m_authStr; |
99 |
+ |
100 |
+ bool m_editMode; |
101 |
+ }; |
102 |
+-- |
103 |
+GitLab |
104 |
+ |
105 |
|
106 |
diff --git a/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild b/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild |
107 |
new file mode 100644 |
108 |
index 00000000000..09eacba2985 |
109 |
--- /dev/null |
110 |
+++ b/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild |
111 |
@@ -0,0 +1,55 @@ |
112 |
+# Copyright 1999-2020 Gentoo Authors |
113 |
+# Distributed under the terms of the GNU General Public License v2 |
114 |
+ |
115 |
+EAPI=7 |
116 |
+ |
117 |
+ECM_HANDBOOK="forceoptional" # FIXME: Check back for doc in release |
118 |
+ECM_TEST="forceoptional" |
119 |
+PVCUT=$(ver_cut 1-3) |
120 |
+KFMIN=5.70.0 |
121 |
+QTMIN=5.14.2 |
122 |
+VIRTUALX_REQUIRED="test" |
123 |
+inherit ecm kde.org |
124 |
+ |
125 |
+DESCRIPTION="Assistant for KMail accounts configuration" |
126 |
+HOMEPAGE+=" https://userbase.kde.org/KMail/Account_Wizard" |
127 |
+ |
128 |
+LICENSE="GPL-2+ handbook? ( FDL-1.2+ )" |
129 |
+SLOT="5" |
130 |
+KEYWORDS="~amd64 ~arm64 ~x86" |
131 |
+IUSE="" |
132 |
+ |
133 |
+DEPEND=" |
134 |
+ >=dev-qt/qtdbus-${QTMIN}:5 |
135 |
+ >=dev-qt/qtgui-${QTMIN}:5 |
136 |
+ >=dev-qt/qtwidgets-${QTMIN}:5 |
137 |
+ >=dev-qt/qtxml-${QTMIN}:5 |
138 |
+ >=kde-apps/akonadi-${PVCUT}:5 |
139 |
+ >=kde-apps/kidentitymanagement-${PVCUT}:5 |
140 |
+ >=kde-apps/kldap-${PVCUT}:5 |
141 |
+ >=kde-apps/kmailtransport-${PVCUT}:5 |
142 |
+ >=kde-apps/libkdepim-${PVCUT}:5 |
143 |
+ >=kde-apps/libkleo-${PVCUT}:5 |
144 |
+ >=kde-apps/pimcommon-${PVCUT}:5 |
145 |
+ >=kde-frameworks/kcmutils-${KFMIN}:5 |
146 |
+ >=kde-frameworks/kcodecs-${KFMIN}:5 |
147 |
+ >=kde-frameworks/kconfig-${KFMIN}:5 |
148 |
+ >=kde-frameworks/kcoreaddons-${KFMIN}:5 |
149 |
+ >=kde-frameworks/kcrash-${KFMIN}:5 |
150 |
+ >=kde-frameworks/kdbusaddons-${KFMIN}:5 |
151 |
+ >=kde-frameworks/ki18n-${KFMIN}:5 |
152 |
+ >=kde-frameworks/kio-${KFMIN}:5 |
153 |
+ >=kde-frameworks/kitemviews-${KFMIN}:5 |
154 |
+ >=kde-frameworks/knewstuff-${KFMIN}:5 |
155 |
+ >=kde-frameworks/knotifications-${KFMIN}:5 |
156 |
+ >=kde-frameworks/knotifyconfig-${KFMIN}:5 |
157 |
+ >=kde-frameworks/kross-${KFMIN}:5 |
158 |
+ >=kde-frameworks/kservice-${KFMIN}:5 |
159 |
+ >=kde-frameworks/ktexteditor-${KFMIN}:5 |
160 |
+ >=kde-frameworks/kwallet-${KFMIN}:5 |
161 |
+ >=kde-frameworks/kwidgetsaddons-${KFMIN}:5 |
162 |
+ >=kde-frameworks/kxmlgui-${KFMIN}:5 |
163 |
+" |
164 |
+RDEPEND="${DEPEND}" |
165 |
+ |
166 |
+PATCHES=( "${FILESDIR}/${P}-CVE-2020-15954.patch" ) |