Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Andreas Sturmlechner <asturm@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: kde-apps/kio-extras/files/, kde-apps/kio-extras/
Date: Sun, 10 May 2020 15:59:51
Message-Id: 1589126364.d68e0a691d63ed87eed3e1fc1e0972a29c69e7f1.asturm@gentoo
1 commit: d68e0a691d63ed87eed3e1fc1e0972a29c69e7f1
2 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
3 AuthorDate: Sun May 10 15:17:37 2020 +0000
4 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
5 CommitDate: Sun May 10 15:59:24 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d68e0a69
7
8 kde-apps/kio-extras: Fix CVE-2020-12755
9
10 Bug: https://bugs.gentoo.org/722152
11 Package-Manager: Portage-2.3.99, Repoman-2.3.22
12 Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
13
14 .../files/kio-extras-19.12.3-CVE-2020-12755.patch | 26 ++++++
15 kde-apps/kio-extras/kio-extras-19.12.3-r1.ebuild | 89 ++++++++++++++++++++
16 kde-apps/kio-extras/kio-extras-20.04.0-r1.ebuild | 97 ++++++++++++++++++++++
17 3 files changed, 212 insertions(+)
18
19 diff --git a/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch b/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch
20 new file mode 100644
21 index 00000000000..188eb28f104
22 --- /dev/null
23 +++ b/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch
24 @@ -0,0 +1,26 @@
25 +From d813cef3cecdec9af1532a40d677a203ff979145 Mon Sep 17 00:00:00 2001
26 +From: David Faure <faure@×××.org>
27 +Date: Sat, 9 May 2020 11:20:48 +0200
28 +Subject: Only store password in KWallet if the user asked for it
29 +
30 +---
31 + fish/fish.cpp | 4 +++-
32 + 1 file changed, 3 insertions(+), 1 deletion(-)
33 +
34 +diff --git a/fish/fish.cpp b/fish/fish.cpp
35 +index a18ef34..ccd71d3 100644
36 +--- a/fish/fish.cpp
37 ++++ b/fish/fish.cpp
38 +@@ -595,7 +595,9 @@ int fishProtocol::establishConnection(const QByteArray &buffer) {
39 + infoMessage(i18n("Initiating protocol..."));
40 + if (!connectionAuth.password.isEmpty()) {
41 + connectionAuth.password = connectionAuth.password.left(connectionAuth.password.length()-1);
42 +- cacheAuthentication(connectionAuth);
43 ++ if (connectionAuth.keepPassword) {
44 ++ cacheAuthentication(connectionAuth);
45 ++ }
46 + }
47 + isLoggedIn = true;
48 + return 0;
49 +--
50 +cgit v1.1
51
52 diff --git a/kde-apps/kio-extras/kio-extras-19.12.3-r1.ebuild b/kde-apps/kio-extras/kio-extras-19.12.3-r1.ebuild
53 new file mode 100644
54 index 00000000000..9447420e2d4
55 --- /dev/null
56 +++ b/kde-apps/kio-extras/kio-extras-19.12.3-r1.ebuild
57 @@ -0,0 +1,89 @@
58 +# Copyright 1999-2020 Gentoo Authors
59 +# Distributed under the terms of the GNU General Public License v2
60 +
61 +EAPI=7
62 +
63 +ECM_HANDBOOK="forceoptional"
64 +ECM_TEST="optional"
65 +KFMIN=5.63.0
66 +QTMIN=5.12.3
67 +VIRTUALX_REQUIRED="test"
68 +inherit ecm kde.org
69 +
70 +DESCRIPTION="KIO plugins present a filesystem-like view of arbitrary data"
71 +HOMEPAGE="https://cgit.kde.org/kio-extras.git"
72 +
73 +LICENSE="GPL-2" # TODO: CHECK
74 +SLOT="5"
75 +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
76 +IUSE="activities +man mtp nfs openexr phonon samba +sftp taglib"
77 +
78 +BDEPEND="
79 + man? ( dev-util/gperf )
80 +"
81 +DEPEND="
82 + >=kde-frameworks/karchive-${KFMIN}:5[bzip2,lzma]
83 + >=kde-frameworks/kbookmarks-${KFMIN}:5
84 + >=kde-frameworks/kcodecs-${KFMIN}:5
85 + >=kde-frameworks/kconfig-${KFMIN}:5
86 + >=kde-frameworks/kconfigwidgets-${KFMIN}:5
87 + >=kde-frameworks/kcoreaddons-${KFMIN}:5
88 + >=kde-frameworks/kdbusaddons-${KFMIN}:5
89 + >=kde-frameworks/kdnssd-${KFMIN}:5
90 + >=kde-frameworks/kguiaddons-${KFMIN}:5
91 + >=kde-frameworks/ki18n-${KFMIN}:5
92 + >=kde-frameworks/kiconthemes-${KFMIN}:5
93 + >=kde-frameworks/kio-${KFMIN}:5
94 + >=kde-frameworks/kparts-${KFMIN}:5
95 + >=kde-frameworks/kpty-${KFMIN}:5
96 + >=kde-frameworks/kservice-${KFMIN}:5
97 + >=kde-frameworks/kxmlgui-${KFMIN}:5
98 + >=kde-frameworks/solid-${KFMIN}:5
99 + >=kde-frameworks/syntax-highlighting-${KFMIN}:5
100 + >=dev-qt/qtdbus-${QTMIN}:5
101 + >=dev-qt/qtgui-${QTMIN}:5
102 + >=dev-qt/qtnetwork-${QTMIN}:5
103 + >=dev-qt/qtsvg-${QTMIN}:5
104 + >=dev-qt/qtwidgets-${QTMIN}:5
105 + >=dev-qt/qtxml-${QTMIN}:5
106 + activities? (
107 + >=kde-frameworks/kactivities-${KFMIN}:5
108 + >=kde-frameworks/kactivities-stats-${KFMIN}:5
109 + >=dev-qt/qtsql-${QTMIN}:5
110 + )
111 + mtp? ( >=media-libs/libmtp-1.1.16:= )
112 + nfs? ( net-libs/libtirpc:= )
113 + openexr? ( media-libs/openexr:= )
114 + phonon? ( media-libs/phonon[qt5(+)] )
115 + samba? ( net-fs/samba[client] )
116 + sftp? ( net-libs/libssh:=[sftp] )
117 + taglib? ( >=media-libs/taglib-1.11.1 )
118 +"
119 +RDEPEND="${DEPEND}
120 + >=kde-frameworks/kded-${KFMIN}:5
121 +"
122 +
123 +# requires running kde environment
124 +RESTRICT+=" test"
125 +
126 +PATCHES=(
127 + "${FILESDIR}/${P}-kio_nfs.patch"
128 + "${FILESDIR}/${P}-CVE-2020-12755.patch" # bug 722152
129 +)
130 +
131 +src_configure() {
132 + local mycmakeargs=(
133 + $(cmake_use_find_package activities KF5Activities)
134 + $(cmake_use_find_package activities KF5ActivitiesStats)
135 + $(cmake_use_find_package man Gperf)
136 + $(cmake_use_find_package mtp Mtp)
137 + $(cmake_use_find_package nfs TIRPC)
138 + $(cmake_use_find_package openexr OpenEXR)
139 + $(cmake_use_find_package phonon Phonon4Qt5)
140 + $(cmake_use_find_package samba Samba)
141 + $(cmake_use_find_package sftp libssh)
142 + $(cmake_use_find_package taglib Taglib)
143 + )
144 +
145 + ecm_src_configure
146 +}
147
148 diff --git a/kde-apps/kio-extras/kio-extras-20.04.0-r1.ebuild b/kde-apps/kio-extras/kio-extras-20.04.0-r1.ebuild
149 new file mode 100644
150 index 00000000000..5850b2c388f
151 --- /dev/null
152 +++ b/kde-apps/kio-extras/kio-extras-20.04.0-r1.ebuild
153 @@ -0,0 +1,97 @@
154 +# Copyright 1999-2020 Gentoo Authors
155 +# Distributed under the terms of the GNU General Public License v2
156 +
157 +EAPI=7
158 +
159 +ECM_HANDBOOK="forceoptional"
160 +ECM_TEST="optional"
161 +KFMIN=5.69.0
162 +QTMIN=5.12.3
163 +VIRTUALX_REQUIRED="test"
164 +inherit ecm kde.org
165 +
166 +DESCRIPTION="KIO plugins present a filesystem-like view of arbitrary data"
167 +HOMEPAGE="https://cgit.kde.org/kio-extras.git"
168 +
169 +LICENSE="GPL-2" # TODO: CHECK
170 +SLOT="5"
171 +KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
172 +IUSE="activities +man mtp nfs openexr phonon samba +sftp taglib X"
173 +
174 +BDEPEND="
175 + man? ( dev-util/gperf )
176 +"
177 +DEPEND="
178 + >=dev-qt/qtdbus-${QTMIN}:5
179 + >=dev-qt/qtgui-${QTMIN}:5
180 + >=dev-qt/qtnetwork-${QTMIN}:5
181 + >=dev-qt/qtsvg-${QTMIN}:5
182 + >=dev-qt/qtwidgets-${QTMIN}:5
183 + >=dev-qt/qtxml-${QTMIN}:5
184 + >=kde-frameworks/karchive-${KFMIN}:5[bzip2,lzma]
185 + >=kde-frameworks/kbookmarks-${KFMIN}:5
186 + >=kde-frameworks/kcodecs-${KFMIN}:5
187 + >=kde-frameworks/kconfig-${KFMIN}:5
188 + >=kde-frameworks/kconfigwidgets-${KFMIN}:5
189 + >=kde-frameworks/kcoreaddons-${KFMIN}:5
190 + >=kde-frameworks/kdbusaddons-${KFMIN}:5
191 + >=kde-frameworks/kdnssd-${KFMIN}:5
192 + >=kde-frameworks/kguiaddons-${KFMIN}:5
193 + >=kde-frameworks/ki18n-${KFMIN}:5
194 + >=kde-frameworks/kiconthemes-${KFMIN}:5
195 + >=kde-frameworks/kio-${KFMIN}:5
196 + >=kde-frameworks/kparts-${KFMIN}:5
197 + >=kde-frameworks/kpty-${KFMIN}:5
198 + >=kde-frameworks/kservice-${KFMIN}:5
199 + >=kde-frameworks/kxmlgui-${KFMIN}:5
200 + >=kde-frameworks/solid-${KFMIN}:5
201 + >=kde-frameworks/syntax-highlighting-${KFMIN}:5
202 + activities? (
203 + >=dev-qt/qtsql-${QTMIN}:5
204 + >=kde-frameworks/kactivities-${KFMIN}:5
205 + >=kde-frameworks/kactivities-stats-${KFMIN}:5
206 + )
207 + mtp? ( >=media-libs/libmtp-1.1.16:= )
208 + nfs? ( net-libs/libtirpc:= )
209 + openexr? ( media-libs/openexr:= )
210 + phonon? ( media-libs/phonon[qt5(+)] )
211 + samba? (
212 + net-fs/samba[client]
213 + net-libs/kdsoap-ws-discovery-client
214 + )
215 + sftp? ( net-libs/libssh:=[sftp] )
216 + taglib? ( >=media-libs/taglib-1.11.1 )
217 + X? (
218 + x11-libs/libX11
219 + x11-libs/libXcursor
220 + )
221 +"
222 +RDEPEND="${DEPEND}
223 + >=kde-frameworks/kded-${KFMIN}:5
224 +"
225 +
226 +# requires running kde environment
227 +RESTRICT+=" test"
228 +
229 +PATCHES=( "${FILESDIR}/${PN}-19.12.3-CVE-2020-12755.patch" ) # bug 722152
230 +
231 +src_configure() {
232 + local mycmakeargs=(
233 + $(cmake_use_find_package activities KF5Activities)
234 + $(cmake_use_find_package activities KF5ActivitiesStats)
235 + $(cmake_use_find_package man Gperf)
236 + $(cmake_use_find_package mtp Mtp)
237 + $(cmake_use_find_package nfs TIRPC)
238 + $(cmake_use_find_package openexr OpenEXR)
239 + $(cmake_use_find_package phonon Phonon4Qt5)
240 + $(cmake_use_find_package samba Samba)
241 + $(cmake_use_find_package sftp libssh)
242 + $(cmake_use_find_package taglib Taglib)
243 + $(cmake_use_find_package X X11)
244 + )
245 + use samba && mycmakeargs+=(
246 + -DBUILD_KDSoapWSDiscoveryClient=OFF # disable bundled stuff
247 + )
248 +
249 + ecm_src_configure
250 +}
Report Message
Find on MARC Find on Google Groups