[gentoo-commits] repo/gentoo:master commit in: kde-apps/kimap/files/, kde-apps/kimap/ - gentoo-commits

From:	Andreas Sturmlechner <asturm@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: kde-apps/kimap/files/, kde-apps/kimap/
Date:	Tue, 23 Nov 2021 20:13:37
Message-Id:	`1637697892.a787119b1333e52653d3c394fcb0b56cbfd4d0ff.asturm@gentoo`

1

commit:     a787119b1333e52653d3c394fcb0b56cbfd4d0ff

2

Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

3

AuthorDate: Tue Nov 23 15:55:49 2021 +0000

4

Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

5

CommitDate: Tue Nov 23 20:04:52 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a787119b

7

8

kde-apps/kimap: Fix CVE-2021-38373

9

10

Upstream commit 5aed4138567934c3be20cddb60fe6d7d4a10da0f

11

12

KDE-bug: https://bugs.kde.org/show_bug.cgi?id=423424

13

Bug: https://bugs.gentoo.org/807355

14

Package-Manager: Portage-3.0.28, Repoman-3.0.3

15

Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

16

17

 .../kimap/files/kimap-21.08.3-CVE-2021-38373.patch | 51 ++++++++++++++++++++++

18

 kde-apps/kimap/kimap-21.08.3-r1.ebuild             | 42 ++++++++++++++++++

19

 2 files changed, 93 insertions(+)

20

21

diff --git a/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch

22

new file mode 100644

23

index 000000000000..90d216b0b846

24

--- /dev/null

25

+++ b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch

26

@@ -0,0 +1,51 @@

27

+From 5aed4138567934c3be20cddb60fe6d7d4a10da0f Mon Sep 17 00:00:00 2001

28

+From: Volker Krause <vkrause@×××.org>

29

+Date: Mon, 15 Nov 2021 18:18:28 +0100

30

+Subject: [PATCH] Treat SSL handshake errors as fatal also when using STARTTLS

31

+

32

+This fixes the infinite SSL error dialog loop also when using

33

+STARTTLS, the previous fix was only effective for direct TLS

34

+connections.

35

+

36

+CCBUG: 423424

37

+(cherry picked from commit cbd3a03bc1d2cec48bb97570633940bbf94c34fa)

38

+---

39

+ src/loginjob.cpp | 22 +++++++++-------------

40

+ 1 file changed, 9 insertions(+), 13 deletions(-)

41

+

42

+diff --git a/src/loginjob.cpp b/src/loginjob.cpp

43

+index 7d53187..b5fbede 100644

44

+--- a/src/loginjob.cpp

45

++++ b/src/loginjob.cpp

46

+@@ -552,19 +552,15 @@ void LoginJob::connectionLost()

47

+ {

48

+     Q_D(LoginJob);

49

+

50

+-    // don't emit the result if the connection was lost before getting the tls result, as it can mean

51

+-    // the TLS handshake failed and the socket was reconnected in normal mode

52

+-    if (d->authState != LoginJobPrivate::StartTls) {

53

+-        qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;

54

+-        if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {

55

+-            setError(KJob::UserDefinedError);

56

+-            setErrorText(i18n("SSL handshake failed."));

57

+-            emitResult();

58

+-        } else {

59

+-            setError(ERR_COULD_NOT_CONNECT);

60

+-            setErrorText(i18n("Connection to server lost."));

61

+-            emitResult();

62

+-        }

63

++    qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;

64

++    if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {

65

++        setError(KJob::UserDefinedError);

66

++        setErrorText(i18n("SSL handshake failed."));

67

++        emitResult();

68

++    } else {

69

++        setError(ERR_COULD_NOT_CONNECT);

70

++        setErrorText(i18n("Connection to server lost."));

71

++        emitResult();

72

+     }

73

+ }

74

+

75

+--

76

+2.34.0

77

+

78

79

diff --git a/kde-apps/kimap/kimap-21.08.3-r1.ebuild b/kde-apps/kimap/kimap-21.08.3-r1.ebuild

80

new file mode 100644

81

index 000000000000..47f2ded2955a

82

--- /dev/null

83

+++ b/kde-apps/kimap/kimap-21.08.3-r1.ebuild

84

@@ -0,0 +1,42 @@

85

+# Copyright 1999-2021 Gentoo Authors

86

+# Distributed under the terms of the GNU General Public License v2

87

+

88

+EAPI=8

89

+

90

+ECM_TEST="forceoptional"

91

+PVCUT=$(ver_cut 1-3)

92

+KFMIN=5.84.0

93

+QTMIN=5.15.2

94

+inherit ecm kde.org

95

+

96

+DESCRIPTION="Library for interacting with IMAP servers"

97

+HOMEPAGE="https://api.kde.org/kdepim/kimap/html/index.html"

98

+

99

+LICENSE="GPL-2+"

100

+SLOT="5"

101

+KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"

102

+IUSE=""

103

+

104

+RDEPEND="

105

+	dev-libs/cyrus-sasl

106

+	>=dev-qt/qtgui-${QTMIN}:5

107

+	>=kde-apps/kmime-${PVCUT}:5

108

+	>=kde-frameworks/kcodecs-${KFMIN}:5

109

+	>=kde-frameworks/kcoreaddons-${KFMIN}:5

110

+	>=kde-frameworks/ki18n-${KFMIN}:5

111

+	>=kde-frameworks/kio-${KFMIN}:5

112

+"

113

+# TODO: Convince upstream not to install stuff with tests

114

+DEPEND="${RDEPEND}

115

+	test? ( >=dev-qt/qtnetwork-${QTMIN}:5 )

116

+"

117

+

118

+PATCHES=( "${FILESDIR}/${P}-CVE-2021-38373.patch" )

119

+

120

+src_test() {

121

+	# tests cannot be run in parallel #605586

122

+	local myctestargs=(

123

+		-j1

124

+	)

125

+	ecm_src_test

126

+}

1	commit: a787119b1333e52653d3c394fcb0b56cbfd4d0ff
2	Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
3	AuthorDate: Tue Nov 23 15:55:49 2021 +0000
4	Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
5	CommitDate: Tue Nov 23 20:04:52 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a787119b
7
8	kde-apps/kimap: Fix CVE-2021-38373
9
10	Upstream commit 5aed4138567934c3be20cddb60fe6d7d4a10da0f
11
12	KDE-bug: https://bugs.kde.org/show_bug.cgi?id=423424
13	Bug: https://bugs.gentoo.org/807355
14	Package-Manager: Portage-3.0.28, Repoman-3.0.3
15	Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
16
17	.../kimap/files/kimap-21.08.3-CVE-2021-38373.patch \| 51 ++++++++++++++++++++++
18	kde-apps/kimap/kimap-21.08.3-r1.ebuild \| 42 ++++++++++++++++++
19	2 files changed, 93 insertions(+)
20
21	diff --git a/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch
22	new file mode 100644
23	index 000000000000..90d216b0b846
24	--- /dev/null
25	+++ b/kde-apps/kimap/files/kimap-21.08.3-CVE-2021-38373.patch
26	@@ -0,0 +1,51 @@
27	+From 5aed4138567934c3be20cddb60fe6d7d4a10da0f Mon Sep 17 00:00:00 2001
28	+From: Volker Krause <vkrause@×××.org>
29	+Date: Mon, 15 Nov 2021 18:18:28 +0100
30	+Subject: [PATCH] Treat SSL handshake errors as fatal also when using STARTTLS
31	+
32	+This fixes the infinite SSL error dialog loop also when using
33	+STARTTLS, the previous fix was only effective for direct TLS
34	+connections.
35	+
36	+CCBUG: 423424
37	+(cherry picked from commit cbd3a03bc1d2cec48bb97570633940bbf94c34fa)
38	+---
39	+ src/loginjob.cpp \| 22 +++++++++-------------
40	+ 1 file changed, 9 insertions(+), 13 deletions(-)
41	+
42	+diff --git a/src/loginjob.cpp b/src/loginjob.cpp
43	+index 7d53187..b5fbede 100644
44	+--- a/src/loginjob.cpp
45	++++ b/src/loginjob.cpp
46	+@@ -552,19 +552,15 @@ void LoginJob::connectionLost()
47	+ {
48	+ Q_D(LoginJob);
49	+
50	+- // don't emit the result if the connection was lost before getting the tls result, as it can mean
51	+- // the TLS handshake failed and the socket was reconnected in normal mode
52	+- if (d->authState != LoginJobPrivate::StartTls) {
53	+- qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;
54	+- if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {
55	+- setError(KJob::UserDefinedError);
56	+- setErrorText(i18n("SSL handshake failed."));
57	+- emitResult();
58	+- } else {
59	+- setError(ERR_COULD_NOT_CONNECT);
60	+- setErrorText(i18n("Connection to server lost."));
61	+- emitResult();
62	+- }
63	++ qCWarning(KIMAP_LOG) << "Connection to server lost " << d->m_socketError;
64	++ if (d->m_socketError == QAbstractSocket::SslHandshakeFailedError) {
65	++ setError(KJob::UserDefinedError);
66	++ setErrorText(i18n("SSL handshake failed."));
67	++ emitResult();
68	++ } else {
69	++ setError(ERR_COULD_NOT_CONNECT);
70	++ setErrorText(i18n("Connection to server lost."));
71	++ emitResult();
72	+ }
73	+ }
74	+
75	+--
76	+2.34.0
77	+
78
79	diff --git a/kde-apps/kimap/kimap-21.08.3-r1.ebuild b/kde-apps/kimap/kimap-21.08.3-r1.ebuild
80	new file mode 100644
81	index 000000000000..47f2ded2955a
82	--- /dev/null
83	+++ b/kde-apps/kimap/kimap-21.08.3-r1.ebuild
84	@@ -0,0 +1,42 @@
85	+# Copyright 1999-2021 Gentoo Authors
86	+# Distributed under the terms of the GNU General Public License v2
87	+
88	+EAPI=8
89	+
90	+ECM_TEST="forceoptional"
91	+PVCUT=$(ver_cut 1-3)
92	+KFMIN=5.84.0
93	+QTMIN=5.15.2
94	+inherit ecm kde.org
95	+
96	+DESCRIPTION="Library for interacting with IMAP servers"
97	+HOMEPAGE="https://api.kde.org/kdepim/kimap/html/index.html"
98	+
99	+LICENSE="GPL-2+"
100	+SLOT="5"
101	+KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
102	+IUSE=""
103	+
104	+RDEPEND="
105	+ dev-libs/cyrus-sasl
106	+ >=dev-qt/qtgui-${QTMIN}:5
107	+ >=kde-apps/kmime-${PVCUT}:5
108	+ >=kde-frameworks/kcodecs-${KFMIN}:5
109	+ >=kde-frameworks/kcoreaddons-${KFMIN}:5
110	+ >=kde-frameworks/ki18n-${KFMIN}:5
111	+ >=kde-frameworks/kio-${KFMIN}:5
112	+"
113	+# TODO: Convince upstream not to install stuff with tests
114	+DEPEND="${RDEPEND}
115	+ test? ( >=dev-qt/qtnetwork-${QTMIN}:5 )
116	+"
117	+
118	+PATCHES=( "${FILESDIR}/${P}-CVE-2021-38373.patch" )
119	+
120	+src_test() {
121	+ # tests cannot be run in parallel #605586
122	+ local myctestargs=(
123	+ -j1
124	+ )
125	+ ecm_src_test
126	+}

Gentoo Archives: gentoo-commits