[gentoo-commits] repo/gentoo:master commit in: kde-apps/kleopatra/files/, kde-apps/kleopatra/ - gentoo-commits

From:	Andreas Sturmlechner <asturm@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: kde-apps/kleopatra/files/, kde-apps/kleopatra/
Date:	Sun, 30 Aug 2020 08:04:13
Message-Id:	`1598774643.eacfe9541a44de00fcad31b9b7bebf364056104f.asturm@gentoo`

1

commit:     eacfe9541a44de00fcad31b9b7bebf364056104f

2

Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

3

AuthorDate: Sun Aug 30 08:03:41 2020 +0000

4

Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

5

CommitDate: Sun Aug 30 08:04:03 2020 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eacfe954

7

8

kde-apps/kleopatra: Add double dash for exec command for files

9

10

Package-Manager: Portage-3.0.4, Repoman-3.0.1

11

Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

12

13

 .../kleopatra-20.04.3-exec-w-double-dash.patch     | 108 +++++++++++++++++++++

14

 kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild     |   5 +-

15

 2 files changed, 112 insertions(+), 1 deletion(-)

16

17

diff --git a/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch b/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch

18

new file mode 100644

19

index 00000000000..d5ba1236c2d

20

--- /dev/null

21

+++ b/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch

22

@@ -0,0 +1,108 @@

23

+From 9abdda396818842de1d9af9a153b66a1399f7c0f Mon Sep 17 00:00:00 2001

24

+From: Andre Heinecke <aheinecke@×××××.org>

25

+Date: Tue, 7 Jul 2020 14:46:31 +0200

26

+Subject: [PATCH] Add double dash for exec command for files

27

+

28

+This prevents shenannigans with file names that might

29

+inject command line options.

30

+---

31

+ src/data/kleopatra_decryptverifyfiles.desktop   | 2 +-

32

+ src/data/kleopatra_decryptverifyfolders.desktop | 2 +-

33

+ src/data/kleopatra_import.desktop               | 2 +-

34

+ src/data/kleopatra_signencryptfiles.desktop     | 8 ++++----

35

+ src/data/kleopatra_signencryptfolders.desktop   | 4 ++--

36

+ 5 files changed, 9 insertions(+), 9 deletions(-)

37

+

38

+diff --git a/src/data/kleopatra_decryptverifyfiles.desktop b/src/data/kleopatra_decryptverifyfiles.desktop

39

+index 5f4832fe..1bd3200e 100644

40

+--- a/src/data/kleopatra_decryptverifyfiles.desktop

41

++++ b/src/data/kleopatra_decryptverifyfiles.desktop

42

+@@ -102,4 +102,4 @@ Name[x-test]=xxDecrypt/Verify Filexx

43

+ Name[zh_CN]=解密/验证文件

44

+ Name[zh_TW]=解密/檢查檔案

45

+ Icon=kleopatra

46

+-Exec=kleopatra --decrypt-verify %F

47

++Exec=kleopatra --decrypt-verify -- %F

48

+diff --git a/src/data/kleopatra_decryptverifyfolders.desktop b/src/data/kleopatra_decryptverifyfolders.desktop

49

+index 8b6af1e2..54644c8f 100644

50

+--- a/src/data/kleopatra_decryptverifyfolders.desktop

51

++++ b/src/data/kleopatra_decryptverifyfolders.desktop

52

+@@ -101,4 +101,4 @@ Name[x-test]=xxDecrypt/Verify All Files In Folderxx

53

+ Name[zh_CN]=文件夹中的全部解密/验证文件

54

+ Name[zh_TW]=解密/檢查所有資料夾中的檔案

55

+ Icon=kleopatra

56

+-Exec=kleopatra --decrypt-verify %F

57

++Exec=kleopatra --decrypt-verify -- %F

58

+diff --git a/src/data/kleopatra_import.desktop b/src/data/kleopatra_import.desktop

59

+index 2b886b24..8a99c81d 100644

60

+--- a/src/data/kleopatra_import.desktop

61

++++ b/src/data/kleopatra_import.desktop

62

+@@ -1,7 +1,7 @@

63

+ [Desktop Entry]

64

+ Type=Application

65

+ Icon=kleopatra

66

+-Exec=kleopatra --import-certificate %F

67

++Exec=kleopatra --import-certificate -- %F

68

+ MimeType=application/pkcs7-mime;application/x-x509-ca-cert;application/x-pkcs12;application/pgp-keys;

69

+ Categories=Qt;KDE;Utility;X-KDE-Utilities-PIM;

70

+

71

+diff --git a/src/data/kleopatra_signencryptfiles.desktop b/src/data/kleopatra_signencryptfiles.desktop

72

+index d3ea5f98..8656bccb 100644

73

+--- a/src/data/kleopatra_signencryptfiles.desktop

74

++++ b/src/data/kleopatra_signencryptfiles.desktop

75

+@@ -103,7 +103,7 @@ Name[x-test]=xxSign & Encrypt Filexx

76

+ Name[zh_CN]=签名并加密文件

77

+ Name[zh_TW]=簽署並加密檔案

78

+ Icon=kleopatra

79

+-Exec=kleopatra --encrypt-sign %F

80

++Exec=kleopatra --encrypt-sign -- %F

81

+

82

+ [Desktop Action kleoencryptfiles]

83

+ Name=Encrypt File

84

+@@ -159,7 +159,7 @@ Name[x-test]=xxEncrypt Filexx

85

+ Name[zh_CN]=加密文件

86

+ Name[zh_TW]=加密檔案

87

+ Icon=kleopatra

88

+-Exec=kleopatra --encrypt %F

89

++Exec=kleopatra --encrypt -- %F

90

+

91

+ [Desktop Action kleosignfilesopenpgp]

92

+ Name=OpenPGP-Sign File

93

+@@ -211,7 +211,7 @@ Name[x-test]=xxOpenPGP-Sign Filexx

94

+ Name[zh_CN]=OpenPGP 签名文件

95

+ Name[zh_TW]=OpenPGP─簽署檔案

96

+ Icon=kleopatra

97

+-Exec=kleopatra --openpgp --sign %F

98

++Exec=kleopatra --openpgp --sign -- %F

99

+

100

+ [Desktop Action kleosignfilescms]

101

+ Name=S/MIME-Sign File

102

+@@ -263,5 +263,5 @@ Name[x-test]=xxS/MIME-Sign Filexx

103

+ Name[zh_CN]=S/MIME 签名文件

104

+ Name[zh_TW]=S/MIME─簽署檔案

105

+ Icon=kleopatra

106

+-Exec=kleopatra --cms --sign %F

107

++Exec=kleopatra --cms --sign -- %F

108

+

109

+diff --git a/src/data/kleopatra_signencryptfolders.desktop b/src/data/kleopatra_signencryptfolders.desktop

110

+index 5ef802ce..b9146d5a 100644

111

+--- a/src/data/kleopatra_signencryptfolders.desktop

112

++++ b/src/data/kleopatra_signencryptfolders.desktop

113

+@@ -100,7 +100,7 @@ Name[x-test]=xxArchive, Sign && Encrypt Folderxx

114

+ Name[zh_CN]=归档、签名并加密文件夹

115

+ Name[zh_TW]=歸檔，簽署與加密資料夾

116

+ Icon=kleopatra

117

+-Exec=kleopatra --encrypt-sign %F

118

++Exec=kleopatra --encrypt-sign -- %F

119

+

120

+ [Desktop Action kleoencryptfolder]

121

+ Name=Archive && Encrypt Folder

122

+@@ -151,4 +151,4 @@ Name[x-test]=xxArchive && Encrypt Folderxx

123

+ Name[zh_CN]=归档并加密文件夹

124

+ Name[zh_TW]=歸檔並加密資料夾

125

+ Icon=kleopatra

126

+-Exec=kleopatra --encrypt %F

127

++Exec=kleopatra --encrypt -- %F

128

+--

129

+GitLab

130

+

131

132

diff --git a/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild b/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild

133

index 3953432cb0f..e8e36d082f7 100644

134

--- a/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild

135

+++ b/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild

136

@@ -54,4 +54,7 @@ RDEPEND="${DEPEND}

137

 # tests completely broken, bug #641720

138

 RESTRICT+=" test"

139

140

-PATCHES=( "${FILESDIR}/${P}-CVE-2020-24972.patch" )

141

+PATCHES=(

142

+	"${FILESDIR}/${P}-CVE-2020-24972.patch"

143

+	"${FILESDIR}/${P}-exec-w-double-dash.patch"

144

+)

1	commit: eacfe9541a44de00fcad31b9b7bebf364056104f
2	Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
3	AuthorDate: Sun Aug 30 08:03:41 2020 +0000
4	Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
5	CommitDate: Sun Aug 30 08:04:03 2020 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eacfe954
7
8	kde-apps/kleopatra: Add double dash for exec command for files
9
10	Package-Manager: Portage-3.0.4, Repoman-3.0.1
11	Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
12
13	.../kleopatra-20.04.3-exec-w-double-dash.patch \| 108 +++++++++++++++++++++
14	kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild \| 5 +-
15	2 files changed, 112 insertions(+), 1 deletion(-)
16
17	diff --git a/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch b/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch
18	new file mode 100644
19	index 00000000000..d5ba1236c2d
20	--- /dev/null
21	+++ b/kde-apps/kleopatra/files/kleopatra-20.04.3-exec-w-double-dash.patch
22	@@ -0,0 +1,108 @@
23	+From 9abdda396818842de1d9af9a153b66a1399f7c0f Mon Sep 17 00:00:00 2001
24	+From: Andre Heinecke <aheinecke@×××××.org>
25	+Date: Tue, 7 Jul 2020 14:46:31 +0200
26	+Subject: [PATCH] Add double dash for exec command for files
27	+
28	+This prevents shenannigans with file names that might
29	+inject command line options.
30	+---
31	+ src/data/kleopatra_decryptverifyfiles.desktop \| 2 +-
32	+ src/data/kleopatra_decryptverifyfolders.desktop \| 2 +-
33	+ src/data/kleopatra_import.desktop \| 2 +-
34	+ src/data/kleopatra_signencryptfiles.desktop \| 8 ++++----
35	+ src/data/kleopatra_signencryptfolders.desktop \| 4 ++--
36	+ 5 files changed, 9 insertions(+), 9 deletions(-)
37	+
38	+diff --git a/src/data/kleopatra_decryptverifyfiles.desktop b/src/data/kleopatra_decryptverifyfiles.desktop
39	+index 5f4832fe..1bd3200e 100644
40	+--- a/src/data/kleopatra_decryptverifyfiles.desktop
41	++++ b/src/data/kleopatra_decryptverifyfiles.desktop
42	+@@ -102,4 +102,4 @@ Name[x-test]=xxDecrypt/Verify Filexx
43	+ Name[zh_CN]=解密/验证文件
44	+ Name[zh_TW]=解密/檢查檔案
45	+ Icon=kleopatra
46	+-Exec=kleopatra --decrypt-verify %F
47	++Exec=kleopatra --decrypt-verify -- %F
48	+diff --git a/src/data/kleopatra_decryptverifyfolders.desktop b/src/data/kleopatra_decryptverifyfolders.desktop
49	+index 8b6af1e2..54644c8f 100644
50	+--- a/src/data/kleopatra_decryptverifyfolders.desktop
51	++++ b/src/data/kleopatra_decryptverifyfolders.desktop
52	+@@ -101,4 +101,4 @@ Name[x-test]=xxDecrypt/Verify All Files In Folderxx
53	+ Name[zh_CN]=文件夹中的全部解密/验证文件
54	+ Name[zh_TW]=解密/檢查所有資料夾中的檔案
55	+ Icon=kleopatra
56	+-Exec=kleopatra --decrypt-verify %F
57	++Exec=kleopatra --decrypt-verify -- %F
58	+diff --git a/src/data/kleopatra_import.desktop b/src/data/kleopatra_import.desktop
59	+index 2b886b24..8a99c81d 100644
60	+--- a/src/data/kleopatra_import.desktop
61	++++ b/src/data/kleopatra_import.desktop
62	+@@ -1,7 +1,7 @@
63	+ [Desktop Entry]
64	+ Type=Application
65	+ Icon=kleopatra
66	+-Exec=kleopatra --import-certificate %F
67	++Exec=kleopatra --import-certificate -- %F
68	+ MimeType=application/pkcs7-mime;application/x-x509-ca-cert;application/x-pkcs12;application/pgp-keys;
69	+ Categories=Qt;KDE;Utility;X-KDE-Utilities-PIM;
70	+
71	+diff --git a/src/data/kleopatra_signencryptfiles.desktop b/src/data/kleopatra_signencryptfiles.desktop
72	+index d3ea5f98..8656bccb 100644
73	+--- a/src/data/kleopatra_signencryptfiles.desktop
74	++++ b/src/data/kleopatra_signencryptfiles.desktop
75	+@@ -103,7 +103,7 @@ Name[x-test]=xxSign & Encrypt Filexx
76	+ Name[zh_CN]=签名并加密文件
77	+ Name[zh_TW]=簽署並加密檔案
78	+ Icon=kleopatra
79	+-Exec=kleopatra --encrypt-sign %F
80	++Exec=kleopatra --encrypt-sign -- %F
81	+
82	+ [Desktop Action kleoencryptfiles]
83	+ Name=Encrypt File
84	+@@ -159,7 +159,7 @@ Name[x-test]=xxEncrypt Filexx
85	+ Name[zh_CN]=加密文件
86	+ Name[zh_TW]=加密檔案
87	+ Icon=kleopatra
88	+-Exec=kleopatra --encrypt %F
89	++Exec=kleopatra --encrypt -- %F
90	+
91	+ [Desktop Action kleosignfilesopenpgp]
92	+ Name=OpenPGP-Sign File
93	+@@ -211,7 +211,7 @@ Name[x-test]=xxOpenPGP-Sign Filexx
94	+ Name[zh_CN]=OpenPGP 签名文件
95	+ Name[zh_TW]=OpenPGP─簽署檔案
96	+ Icon=kleopatra
97	+-Exec=kleopatra --openpgp --sign %F
98	++Exec=kleopatra --openpgp --sign -- %F
99	+
100	+ [Desktop Action kleosignfilescms]
101	+ Name=S/MIME-Sign File
102	+@@ -263,5 +263,5 @@ Name[x-test]=xxS/MIME-Sign Filexx
103	+ Name[zh_CN]=S/MIME 签名文件
104	+ Name[zh_TW]=S/MIME─簽署檔案
105	+ Icon=kleopatra
106	+-Exec=kleopatra --cms --sign %F
107	++Exec=kleopatra --cms --sign -- %F
108	+
109	+diff --git a/src/data/kleopatra_signencryptfolders.desktop b/src/data/kleopatra_signencryptfolders.desktop
110	+index 5ef802ce..b9146d5a 100644
111	+--- a/src/data/kleopatra_signencryptfolders.desktop
112	++++ b/src/data/kleopatra_signencryptfolders.desktop
113	+@@ -100,7 +100,7 @@ Name[x-test]=xxArchive, Sign && Encrypt Folderxx
114	+ Name[zh_CN]=归档、签名并加密文件夹
115	+ Name[zh_TW]=歸檔，簽署與加密資料夾
116	+ Icon=kleopatra
117	+-Exec=kleopatra --encrypt-sign %F
118	++Exec=kleopatra --encrypt-sign -- %F
119	+
120	+ [Desktop Action kleoencryptfolder]
121	+ Name=Archive && Encrypt Folder
122	+@@ -151,4 +151,4 @@ Name[x-test]=xxArchive && Encrypt Folderxx
123	+ Name[zh_CN]=归档并加密文件夹
124	+ Name[zh_TW]=歸檔並加密資料夾
125	+ Icon=kleopatra
126	+-Exec=kleopatra --encrypt %F
127	++Exec=kleopatra --encrypt -- %F
128	+--
129	+GitLab
130	+
131
132	diff --git a/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild b/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild
133	index 3953432cb0f..e8e36d082f7 100644
134	--- a/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild
135	+++ b/kde-apps/kleopatra/kleopatra-20.04.3-r1.ebuild
136	@@ -54,4 +54,7 @@ RDEPEND="${DEPEND}
137	# tests completely broken, bug #641720
138	RESTRICT+=" test"
139
140	-PATCHES=( "${FILESDIR}/${P}-CVE-2020-24972.patch" )
141	+PATCHES=(
142	+ "${FILESDIR}/${P}-CVE-2020-24972.patch"
143	+ "${FILESDIR}/${P}-exec-w-double-dash.patch"
144	+)

Gentoo Archives: gentoo-commits