commit: 532434ebeb2f497074e85ce7babad5e12abf2f21 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> AuthorDate: Sat Aug 1 15:50:09 2020 +0000 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> CommitDate: Sat Aug 1 22:57:18 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=532434eb
kde-apps/kmail-account-wizard: Fix CVE-2020-15954 Bug: https://bugs.gentoo.org/734126 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org> ...ail-account-wizard-20.04.3-CVE-2020-15954.patch | 81 ++++++++++++++++++++++ .../kmail-account-wizard-20.04.3-r1.ebuild | 55 +++++++++++++++ 2 files changed, 136 insertions(+) diff --git a/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch b/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch new file mode 100644 index 00000000000..a1c63e3a3a1 --- /dev/null +++ b/kde-apps/kmail-account-wizard/files/kmail-account-wizard-20.04.3-CVE-2020-15954.patch @@ -0,0 +1,81 @@ +From a64d80e523edce7d3d59c26834973418fae042f6 Mon Sep 17 00:00:00 2001 +From: Laurent Montel <mon...@kde.org> +Date: Tue, 28 Jul 2020 13:52:19 +0200 +Subject: [PATCH] Show info about encryption/authentication settings + +CCBUG: 423426 +--- + src/transport.cpp | 18 +++++++++++++++--- + src/transport.h | 2 ++ + 2 files changed, 17 insertions(+), 3 deletions(-) + +diff --git a/src/transport.cpp b/src/transport.cpp +index 567df31..26344ef 100644 +--- a/src/transport.cpp ++++ b/src/transport.cpp +@@ -53,14 +53,16 @@ static const StringValueTable<MailTransport::Transport::EnumAuthenticationType> + static const int authenticationTypeEnumSize = sizeof(authenticationTypeEnum) / sizeof(*authenticationTypeEnum); + + template<typename T> +-static typename T::value_type stringToValue(const T *table, const int tableSize, const QString &string) ++static typename T::value_type stringToValue(const T *table, const int tableSize, const QString &string, bool &valid) + { + const QString ref = string.toLower(); + for (int i = 0; i < tableSize; ++i) { + if (ref == QLatin1String(table[i].name)) { ++ valid = true; + return table[i].value; + } + } ++ valid = false; + return table[0].value; // TODO: error handling + } + +@@ -98,6 +100,7 @@ void Transport::create() + mt->setAuthenticationType(m_auth); + m_transportId = mt->id(); + mt->save(); ++ Q_EMIT info(i18n("Mail transport uses '%1' encryption and '%2' authentication.", m_encrStr, m_authStr)); + MailTransport::TransportManager::self()->addTransport(mt); + MailTransport::TransportManager::self()->setDefaultTransport(mt->id()); + if (m_editMode) { +@@ -154,12 +157,21 @@ void Transport::setPassword(const QString &password) + + void Transport::setEncryption(const QString &encryption) + { +- m_encr = stringToValue(encryptionEnum, encryptionEnumSize, encryption); ++ bool valid; ++ m_encr = stringToValue(encryptionEnum, encryptionEnumSize, encryption, valid); ++ if (valid) { ++ m_encrStr = encryption; ++ } + } + + void Transport::setAuthenticationType(const QString &authType) + { +- m_auth = stringToValue(authenticationTypeEnum, authenticationTypeEnumSize, authType); ++ bool valid; ++ m_auth = stringToValue(authenticationTypeEnum, authenticationTypeEnumSize, authType, valid); ++ if (valid) { ++ m_authStr = authType; ++ } ++ + } + + int Transport::transportId() const +diff --git a/src/transport.h b/src/transport.h +index 3773b04..6415bf9 100644 +--- a/src/transport.h ++++ b/src/transport.h +@@ -53,6 +53,8 @@ private: + QString m_password; + MailTransport::Transport::EnumEncryption::type m_encr; + MailTransport::Transport::EnumAuthenticationType::type m_auth; ++ QString m_encrStr; ++ QString m_authStr; + + bool m_editMode; + }; +-- +GitLab + diff --git a/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild b/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild new file mode 100644 index 00000000000..09eacba2985 --- /dev/null +++ b/kde-apps/kmail-account-wizard/kmail-account-wizard-20.04.3-r1.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +ECM_HANDBOOK="forceoptional" # FIXME: Check back for doc in release +ECM_TEST="forceoptional" +PVCUT=$(ver_cut 1-3) +KFMIN=5.70.0 +QTMIN=5.14.2 +VIRTUALX_REQUIRED="test" +inherit ecm kde.org + +DESCRIPTION="Assistant for KMail accounts configuration" +HOMEPAGE+=" https://userbase.kde.org/KMail/Account_Wizard" + +LICENSE="GPL-2+ handbook? ( FDL-1.2+ )" +SLOT="5" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="" + +DEPEND=" + >=dev-qt/qtdbus-${QTMIN}:5 + >=dev-qt/qtgui-${QTMIN}:5 + >=dev-qt/qtwidgets-${QTMIN}:5 + >=dev-qt/qtxml-${QTMIN}:5 + >=kde-apps/akonadi-${PVCUT}:5 + >=kde-apps/kidentitymanagement-${PVCUT}:5 + >=kde-apps/kldap-${PVCUT}:5 + >=kde-apps/kmailtransport-${PVCUT}:5 + >=kde-apps/libkdepim-${PVCUT}:5 + >=kde-apps/libkleo-${PVCUT}:5 + >=kde-apps/pimcommon-${PVCUT}:5 + >=kde-frameworks/kcmutils-${KFMIN}:5 + >=kde-frameworks/kcodecs-${KFMIN}:5 + >=kde-frameworks/kconfig-${KFMIN}:5 + >=kde-frameworks/kcoreaddons-${KFMIN}:5 + >=kde-frameworks/kcrash-${KFMIN}:5 + >=kde-frameworks/kdbusaddons-${KFMIN}:5 + >=kde-frameworks/ki18n-${KFMIN}:5 + >=kde-frameworks/kio-${KFMIN}:5 + >=kde-frameworks/kitemviews-${KFMIN}:5 + >=kde-frameworks/knewstuff-${KFMIN}:5 + >=kde-frameworks/knotifications-${KFMIN}:5 + >=kde-frameworks/knotifyconfig-${KFMIN}:5 + >=kde-frameworks/kross-${KFMIN}:5 + >=kde-frameworks/kservice-${KFMIN}:5 + >=kde-frameworks/ktexteditor-${KFMIN}:5 + >=kde-frameworks/kwallet-${KFMIN}:5 + >=kde-frameworks/kwidgetsaddons-${KFMIN}:5 + >=kde-frameworks/kxmlgui-${KFMIN}:5 +" +RDEPEND="${DEPEND}" + +PATCHES=( "${FILESDIR}/${P}-CVE-2020-15954.patch" )