diff options
Diffstat (limited to 'kde-apps/kdepim-runtime/files/kdepim-runtime-21.08.3-CVE-2020-15954.patch')
-rw-r--r-- | kde-apps/kdepim-runtime/files/kdepim-runtime-21.08.3-CVE-2020-15954.patch | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/kde-apps/kdepim-runtime/files/kdepim-runtime-21.08.3-CVE-2020-15954.patch b/kde-apps/kdepim-runtime/files/kdepim-runtime-21.08.3-CVE-2020-15954.patch new file mode 100644 index 000000000000..14ba90537025 --- /dev/null +++ b/kde-apps/kdepim-runtime/files/kdepim-runtime-21.08.3-CVE-2020-15954.patch @@ -0,0 +1,110 @@ +From 35447bd04e8c12afac524e1c4556ef3db088e014 Mon Sep 17 00:00:00 2001 +From: Laurent Montel <montel@kde.org> +Date: Fri, 12 Nov 2021 13:09:22 +0100 +Subject: [PATCH] Fix POP3 setup wizard defaults to unencrypted connections. + +Now I check encrypt support when I create resource. +So if resource support starttls it will set option for it. + +BUG: 423426 +FIXED-IN: 5.19.0 +--- + resources/pop3/wizard/pop3wizard.es | 73 ++++++++++++++++++++++++----- + 1 file changed, 61 insertions(+), 12 deletions(-) + +diff --git a/resources/pop3/wizard/pop3wizard.es b/resources/pop3/wizard/pop3wizard.es +index 5864db5d2..6bcf9a1dd 100644 +--- a/resources/pop3/wizard/pop3wizard.es ++++ b/resources/pop3/wizard/pop3wizard.es +@@ -1,5 +1,5 @@ + /* +- SPDX-FileCopyrightText: 2009 Montel Laurent <montel@kde.org> ++ SPDX-FileCopyrightText: 2009-2021 Montel Laurent <montel@kde.org> + + SPDX-License-Identifier: LGPL-2.0-or-later + */ +@@ -30,21 +30,70 @@ function validateInput() + } + } + ++var stage = 1; ++ + function setup() + { +- var pop3Res = SetupManager.createResource( "akonadi_pop3_resource" ); +- pop3Res.setOption( "Host", page.widget().incommingAddress.text.trim() ); +- pop3Res.setOption( "Login", page.widget().userName.text.trim() ); +- pop3Res.setOption( "Password", SetupManager.password() ); ++ if ( stage == 1 ) { ++ ServerTest.test( page.widget().incommingAddress.text.trim(), "pop" ); ++ } else { ++ ServerTest.test( page.widget().outgoingAddress.text.trim(), "smtp" ); ++ } ++} ++ ++function testResultFail() ++{ ++ testOk( -1 ); ++} + +- var smtp = SetupManager.createTransport( "smtp" ); +- smtp.setName( SetupManager.name() ); +- smtp.setHost( page.widget().outgoingAddress.text.trim() ); +- smtp.setEncryption( "SSL" ); ++function testOk( arg ) ++{ ++ if (stage == 1) { ++ SetupManager.openWallet(); ++ var pop3Res = SetupManager.createResource( "akonadi_pop3_resource" ); ++ var server = page.widget().incommingAddress.text.trim(); ++ pop3Res.setOption( "Host", server ); ++ pop3Res.setOption( "Login", page.widget().userName.text.trim() ); ++ pop3Res.setOption( "Password", SetupManager.password() ); ++ ++ if ( arg == "ssl" ) { ++ pop3Res.setOption( "Port", 995 ); ++ pop3Res.setOption( "UseTLS", true ); ++ } else if ( arg == "tls" ) { // tls is really STARTTLS ++ pop3Res.setOption( "Port", 110 ); ++ pop3Res.setOption( "UseTLS", true ); ++ } else if ( arg == "none" ) { ++ pop3Res.setOption( "Port", 110 ); ++ } else { ++ pop3Res.setOption( "Port", 110 ); ++ } ++ ++ stage = 2; ++ setup(); ++ } else { ++ var smtp = SetupManager.createTransport( "smtp" ); ++ smtp.setName( page.widget().outgoingAddress.text.trim() ); ++ smtp.setHost( page.widget().outgoingAddress.text.trim() ); ++ if ( arg == "ssl" ) { ++ smtp.setEncryption( "SSL" ); ++ } else if ( arg == "tls" ) { ++ smtp.setEncryption( "TLS" ); ++ } else { ++ smtp.setEncryption( "None" ); ++ } ++ smtp.setUsername( page.widget().userName.text ); ++ smtp.setPassword( SetupManager.password() ); ++ SetupManager.execute(); ++ } ++} + +- SetupManager.execute(); ++try { ++ ServerTest.testFail.connect( testResultFail ); ++ ServerTest.testResult.connect( testOk ); ++ page.widget().incommingAddress.textChanged.connect( validateInput ); ++ page.pageLeftNext.connect( setup ); ++} catch ( e ) { ++ print( e ); + } + +-page.widget().incommingAddress.textChanged.connect( serverChanged ); +-page.pageLeftNext.connect( setup ); + validateInput(); +-- +GitLab + |