diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2017-06-15 13:48:10 +0200 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-06-15 13:48:50 +0200 |
commit | 9d80a4784aa48c29ad39ed1c39ab0ed45b8867ea (patch) | |
tree | 25a22f73908aef5d00988b3ec3c57bd55dc25518 /kde-apps | |
parent | kde-apps/kdepim-common-libs: Fix CVE-2017-9604 (diff) | |
download | gentoo-9d80a4784aa48c29ad39ed1c39ab0ed45b8867ea.tar.gz gentoo-9d80a4784aa48c29ad39ed1c39ab0ed45b8867ea.tar.bz2 gentoo-9d80a4784aa48c29ad39ed1c39ab0ed45b8867ea.zip |
kde-apps/kmail: Fix CVE-2017-9604
Gentoo-bug: 621828
Package-Manager: Portage-2.3.5, Repoman-2.3.1
Diffstat (limited to 'kde-apps')
-rw-r--r-- | kde-apps/kmail/files/kmail-4.14.11_pre20160611-CVE-2017-9604.patch | 89 | ||||
-rw-r--r-- | kde-apps/kmail/kmail-4.14.11_pre20160611-r1.ebuild | 107 |
2 files changed, 196 insertions, 0 deletions
diff --git a/kde-apps/kmail/files/kmail-4.14.11_pre20160611-CVE-2017-9604.patch b/kde-apps/kmail/files/kmail-4.14.11_pre20160611-CVE-2017-9604.patch new file mode 100644 index 000000000000..e36e074e0b27 --- /dev/null +++ b/kde-apps/kmail/files/kmail-4.14.11_pre20160611-CVE-2017-9604.patch @@ -0,0 +1,89 @@ +From c54706e990bbd6498e7b1597ec7900bc809e8197 Mon Sep 17 00:00:00 2001 +From: Montel Laurent <montel@kde.org> +Date: Fri, 2 Jun 2017 13:56:41 +0200 +Subject: Make sure to sign/encrypt message when we send later + +(cherry picked from commit 4048f5e46d0a7d62d93d74fd2861dd70fb2ad660) +--- + messagecomposer/composer/composerviewbase.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: kdepim-4.14.10/messagecomposer/composer/composerviewbase.cpp +=================================================================== +--- kdepim-4.14.10.orig/messagecomposer/composer/composerviewbase.cpp ++++ kdepim-4.14.10/messagecomposer/composer/composerviewbase.cpp +@@ -435,7 +435,7 @@ void MessageComposer::ComposerViewBase:: + // if so, we create a composer per format + // if we aren't signing or encrypting, this just returns a single empty message + bool wasCanceled = false; +- if( m_neverEncrypt && mSaveIn != MessageComposer::MessageSender::SaveInNone ) { ++ if( m_neverEncrypt && mSaveIn != MessageComposer::MessageSender::SaveInNone && !mSendLaterInfo) { + MessageComposer::Composer* composer = new MessageComposer::Composer; + composer->setNoCrypto( true ); + m_composers.append( composer ); +From 78c5552be2f00a4ac25bd77ca39386522fca70a8 Mon Sep 17 00:00:00 2001 +From: Montel Laurent <montel@kde.org> +Date: Fri, 2 Jun 2017 13:59:02 +0200 +Subject: Make sure that we use plugin when we use sendlater feature + +--- + src/editor/kmcomposewin.cpp | 9 +++++---- + src/editor/kmcomposewin.h | 3 ++- + 2 files changed, 7 insertions(+), 5 deletions(-) + +Index: kdepim-4.14.10/kmail/editor/kmcomposewin.cpp +=================================================================== +--- kdepim-4.14.10.orig/kmail/editor/kmcomposewin.cpp ++++ kdepim-4.14.10/kmail/editor/kmcomposewin.cpp +@@ -2533,7 +2533,7 @@ void KMComposeWin::printComposeResult( K + + + void KMComposeWin::doSend( MessageComposer::MessageSender::SendMethod method, +- MessageComposer::MessageSender::SaveIn saveIn ) ++ MessageComposer::MessageSender::SaveIn saveIn, bool willSendItWithoutReediting ) + { + if ( mStorageService->numProgressUpdateFile() > 0) { + KMessageBox::sorry( this, i18np( "There is %1 file upload in progress.", +@@ -2549,7 +2549,7 @@ void KMComposeWin::doSend( MessageCompos + } + + +- if ( saveIn == MessageComposer::MessageSender::SaveInNone ) { // don't save as draft or template, send immediately ++ if ( saveIn == MessageComposer::MessageSender::SaveInNone || willSendItWithoutReediting ) { // don't save as draft or template, send immediately + if ( KPIMUtils::firstEmailAddress( from() ).isEmpty() ) { + if ( !( mShowHeaders & HDR_FROM ) ) { + mShowHeaders |= HDR_FROM; +@@ -2716,6 +2716,7 @@ void KMComposeWin::slotSendLater() + return; + if ( !checkRecipientNumber() ) + return; ++ mComposerBase->setSendLaterInfo(NULL); + if ( mComposerBase->editor()->checkExternalEditorFinished() ) { + const bool wasRegistered = (SendLater::SendLaterUtil::sentLaterAgentWasRegistered() && SendLater::SendLaterUtil::sentLaterAgentEnabled()); + if (wasRegistered) { +@@ -2739,9 +2740,9 @@ void KMComposeWin::slotSendLater() + { + mComposerBase->setSendLaterInfo(info); + if (info->isRecurrence()) { +- doSend( MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInTemplates ); ++ doSend( MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInTemplates, true ); + } else { +- doSend( MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInDrafts ); ++ doSend( MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInDrafts, true ); + } + break; + } +Index: kdepim-4.14.10/kmail/editor/kmcomposewin.h +=================================================================== +--- kdepim-4.14.10.orig/kmail/editor/kmcomposewin.h ++++ kdepim-4.14.10/kmail/editor/kmcomposewin.h +@@ -549,7 +549,8 @@ private: + * Send the message. + */ + void doSend( MessageComposer::MessageSender::SendMethod method=MessageComposer::MessageSender::SendDefault, +- MessageComposer::MessageSender::SaveIn saveIn = MessageComposer::MessageSender::SaveInNone ); ++ MessageComposer::MessageSender::SaveIn saveIn = MessageComposer::MessageSender::SaveInNone, ++ bool willSendItWithoutReediting = false); + + void doDelayedSend( MessageComposer::MessageSender::SendMethod method, MessageComposer::MessageSender::SaveIn saveIn ); + diff --git a/kde-apps/kmail/kmail-4.14.11_pre20160611-r1.ebuild b/kde-apps/kmail/kmail-4.14.11_pre20160611-r1.ebuild new file mode 100644 index 000000000000..0a6b95d051cf --- /dev/null +++ b/kde-apps/kmail/kmail-4.14.11_pre20160611-r1.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +KDE_HANDBOOK="optional" +KMNAME="kdepim" +VIRTUALX_REQUIRED="test" +WEBKIT_REQUIRED="always" +inherit flag-o-matic kde4-meta + +DESCRIPTION="Email client, supporting POP3 and IMAP mailboxes." +HOMEPAGE="https://www.kde.org/applications/internet/kmail/" + +KEYWORDS="~amd64 ~x86" +IUSE="debug" + +DEPEND=" + $(add_kdeapps_dep kdepim-common-libs '' 4.14.11_pre20160611) + $(add_kdeapps_dep kdepimlibs '' 4.14.11_pre20160611) + $(add_kdeapps_dep korganizer) +" +RDEPEND="${DEPEND}" + +RESTRICT="test" +# bug 393147 + +KMEXTRACTONLY=" + agents/folderarchiveagent.desktop + agents/sendlateragent/ + akonadi_next/ + calendarviews/ + grantleeeditor/grantleethemeeditor/ + kdgantt2/ + korganizer/ + kresources/ + libkdepimdbusinterfaces/ + libkleo/ + libkpgp/ +" +KMCOMPILEONLY=" + calendarsupport/ + grantleetheme/ + incidenceeditor-ng/ + kaddressbookgrantlee/ + mailcommon/ + mailimporter/ + messagecomposer/ + messagecore/ + messagelist/ + messageviewer/ + mailcommon/ + mailimporter/ + noteshared/ + pimcommon/ + templateparser/ +" +KMEXTRA=" + agents/archivemailagent/ + agents/followupreminderagent/ + agents/mailfilteragent/ + grantleeeditor/headerthemeeditor/ + importwizard/ + kmailcvt/ + ksendemail/ + libksieve/ + mboximporter/ + pimsettingexporter/ + plugins/messageviewer/ +" + +KMLOADLIBS="kdepim-common-libs" + +PATCHES=( "${FILESDIR}/${P}-CVE-2017-9604.patch" ) + +src_compile() { + kde4-meta_src_compile kmail_xml + kde4-meta_src_compile +} + +pkg_postinst() { + kde4-meta_pkg_postinst + + if ! has_version kde-apps/kdepim-kresources:${SLOT}; then + echo + elog "For groupware functionality, please install kde-apps/kdepim-kresources:${SLOT}" + echo + fi + if ! has_version kde-apps/kleopatra:${SLOT}; then + echo + elog "For certificate management and the gnupg log viewer, please install kde-apps/kleopatra:${SLOT}" + echo + fi + + if has_version "kde-apps/akonadi[sqlite]"; then + ewarn + ewarn "We strongly recommend you set your Akonadi database backend to QMYSQL in your" + ewarn "user configuration. This is the backend recommended by KDE upstream." + ewarn "Reports indicate that kde-apps/kmail-4.10 does not work properly with the sqlite" + ewarn "backend anymore." + if has_version "kde-apps/akonadi[-mysql]"; then + ewarn "FOR THAT, YOU WILL HAVE TO RE-BUILD kde-apps/akonadi WITH mysql USEFLAG ENABLED." + fi + ewarn "You can select the backend in your ~/.config/akonadi/akonadiserverrc." + ewarn + fi +} |