[gentoo-commits] repo/gentoo:master commit in: kde-apps/kmailtransport/files/, kde-apps/kmailtransport/

Tue, 23 Nov 2021 12:13:40 -0800 

commit:     4754456d4c60b3dc562a7d32de2ff6bf66ab6679
Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 23 15:21:55 2021 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Tue Nov 23 20:04:51 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4754456d

kde-apps/kmailtransport: Adapt to kde-apps/ksmtp CVE-2021-38373 fix

Upstream commit cc4907eba8e16c319fb837b5ec85393b118c4ab6

KDE-bug: https://bugs.kde.org/show_bug.cgi?id=423423
Bug: https://bugs.gentoo.org/807355
Package-Manager: Portage-3.0.28, Repoman-3.0.3
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../kmailtransport-21.08.3-CVE-2021-38373.patch    | 63 ++++++++++++++++++++++
 .../kmailtransport-21.08.3-r2.ebuild               | 49 +++++++++++++++++
 2 files changed, 112 insertions(+)

diff --git 
a/kde-apps/kmailtransport/files/kmailtransport-21.08.3-CVE-2021-38373.patch 
b/kde-apps/kmailtransport/files/kmailtransport-21.08.3-CVE-2021-38373.patch
new file mode 100644
index 000000000000..e83449e4e32a
--- /dev/null
+++ b/kde-apps/kmailtransport/files/kmailtransport-21.08.3-CVE-2021-38373.patch
@@ -0,0 +1,63 @@
+From cc4907eba8e16c319fb837b5ec85393b118c4ab6 Mon Sep 17 00:00:00 2001
+From: Volker Krause <[email protected]>
+Date: Thu, 16 Sep 2021 17:07:08 +0200
+Subject: [PATCH] Adapt to KSmtp moving encryption settings from LoginJob to
+ Session
+
+See https://invent.kde.org/pim/ksmtp/-/merge_requests/5.
+
+(cherry picked from commit b49ee72009620f152aaab1f592704e56e3be01f5)
+---
+ src/kmailtransport/plugins/smtp/smtpjob.cpp | 29 ++++++++++-----------
+ 1 file changed, 14 insertions(+), 15 deletions(-)
+
+diff --git a/src/kmailtransport/plugins/smtp/smtpjob.cpp 
b/src/kmailtransport/plugins/smtp/smtpjob.cpp
+index 7ad0124..5a08dfd 100644
+--- a/src/kmailtransport/plugins/smtp/smtpjob.cpp
++++ b/src/kmailtransport/plugins/smtp/smtpjob.cpp
+@@ -134,6 +134,20 @@ void SmtpJob::startSmtpJob()
+         d->session = new KSmtp::Session(transport()->host(), 
transport()->port());
+         d->session->setUseNetworkProxy(transport()->useProxy());
+         d->session->setUiProxy(d->uiProxy);
++        switch (transport()->encryption()) {
++        case Transport::EnumEncryption::None:
++            d->session->setEncryptionMode(KSmtp::Session::Unencrypted);
++            break;
++        case Transport::EnumEncryption::TLS:
++            d->session->setEncryptionMode(KSmtp::Session::STARTTLS);
++            break;
++        case Transport::EnumEncryption::SSL:
++            d->session->setEncryptionMode(KSmtp::Session::TLS);
++            break;
++        default:
++            qCWarning(MAILTRANSPORT_SMTP_LOG) << "Unknown encryption mode" << 
transport()->encryption();
++            break;
++        }
+         if (transport()->specifyHostname()) {
+             d->session->setCustomHostname(transport()->localHostname());
+         }
+@@ -298,21 +312,6 @@ void SmtpJobPrivate::doLogin()
+         break;
+     }
+ 
+-    switch (q->transport()->encryption()) {
+-    case Transport::EnumEncryption::None:
+-        login->setEncryptionMode(KSmtp::LoginJob::Unencrypted);
+-        break;
+-    case Transport::EnumEncryption::TLS:
+-        login->setEncryptionMode(KSmtp::LoginJob::STARTTLS);
+-        break;
+-    case Transport::EnumEncryption::SSL:
+-        login->setEncryptionMode(KSmtp::LoginJob::SSLorTLS);
+-        break;
+-    default:
+-        qCWarning(MAILTRANSPORT_SMTP_LOG) << "Unknown encryption mode" << 
q->transport()->encryption();
+-        break;
+-    }
+-
+     q->connect(login, &KJob::result, q, &SmtpJob::slotResult);
+     q->addSubjob(login);
+     login->start();
+-- 
+2.34.0
+

diff --git a/kde-apps/kmailtransport/kmailtransport-21.08.3-r2.ebuild 
b/kde-apps/kmailtransport/kmailtransport-21.08.3-r2.ebuild
new file mode 100644
index 000000000000..c9317630cf43
--- /dev/null
+++ b/kde-apps/kmailtransport/kmailtransport-21.08.3-r2.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+ECM_TEST="true"
+PVCUT=$(ver_cut 1-3)
+KFMIN=5.84.0
+QTMIN=5.15.2
+inherit ecm kde.org
+
+DESCRIPTION="Mail transport service"
+
+LICENSE="LGPL-2.1+"
+SLOT="5"
+KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
+IUSE=""
+
+RESTRICT="test"
+
+RDEPEND="
+       dev-libs/qtkeychain:=
+       >=dev-qt/qtdbus-${QTMIN}:5
+       >=dev-qt/qtgui-${QTMIN}:5
+       >=dev-qt/qtnetwork-${QTMIN}:5
+       >=dev-qt/qtwidgets-${QTMIN}:5
+       >=kde-apps/akonadi-${PVCUT}:5
+       >=kde-apps/akonadi-mime-${PVCUT}:5
+       >=kde-apps/kmime-${PVCUT}:5
+       >=kde-apps/ksmtp-21.08.3-r1:5
+       >=kde-apps/libkgapi-${PVCUT}:5
+       >=kde-frameworks/kcmutils-${KFMIN}:5
+       >=kde-frameworks/kcompletion-${KFMIN}:5
+       >=kde-frameworks/kconfig-${KFMIN}:5
+       >=kde-frameworks/kconfigwidgets-${KFMIN}:5
+       >=kde-frameworks/kcoreaddons-${KFMIN}:5
+       >=kde-frameworks/ki18n-${KFMIN}:5
+       >=kde-frameworks/kio-${KFMIN}:5
+       >=kde-frameworks/kwallet-${KFMIN}:5
+       >=kde-frameworks/kwidgetsaddons-${KFMIN}:5
+"
+DEPEND="${RDEPEND}
+       test? ( >=kde-frameworks/ktextwidgets-${KFMIN}:5 )
+"
+
+PATCHES=(
+       "${FILESDIR}/${P}-fix-crash-when-response-empty.patch"
+       "${FILESDIR}/${P}-CVE-2021-38373.patch"
+)

Reply via email to