diff options
Diffstat (limited to 'kde-frameworks/kconfig')
-rw-r--r-- | kde-frameworks/kconfig/Manifest | 7 | ||||
-rw-r--r-- | kde-frameworks/kconfig/files/kconfig-5.60.0-CVE-2019-14744.patch | 147 | ||||
-rw-r--r-- | kde-frameworks/kconfig/kconfig-5.64.0.ebuild | 2 | ||||
-rw-r--r-- | kde-frameworks/kconfig/kconfig-5.65.0.ebuild (renamed from kde-frameworks/kconfig/kconfig-5.60.0-r1.ebuild) | 19 |
4 files changed, 13 insertions, 162 deletions
diff --git a/kde-frameworks/kconfig/Manifest b/kde-frameworks/kconfig/Manifest index 6a6a3a9d6c63..4c7100383a7a 100644 --- a/kde-frameworks/kconfig/Manifest +++ b/kde-frameworks/kconfig/Manifest @@ -1,6 +1,5 @@ -AUX kconfig-5.60.0-CVE-2019-14744.patch 5346 BLAKE2B e835fe15bacf697a50d991bb1451d2538f6a44cbf863084d979f1fe2a6c4f72284d5ddd75925240784d3868580afdc03046674c63e76ae57cde009c76bd81b60 SHA512 0265a6e02e1ac6a7bb30e75eb169c83a69237e2dd2f80a4be18b47ecd758aa27dbcecc45d2e18a52df049b32313dfd5b5432bfcfa39611279194d2c9b48dc35e -DIST kconfig-5.60.0.tar.xz 240404 BLAKE2B 92855462c8be4b95adcd87100bceb68975f2f5f5f943c7f5cc91b2c7bf14e43227f7c572663a7ad7fac3a993a2a3bcd77d11ad0a8abb24c2fe68f07ad61e1d17 SHA512 76aa15e9e1630c687ff7cc6b77060c74472f307442d07ae09d5f4aa61d7b6f29f3f1d270218c6d7fea8e86eb9dda43c96821d19d827a781c7f71da6135d98753 DIST kconfig-5.64.0.tar.xz 242300 BLAKE2B 0784340620eb46c5ed5b4c54ee05c09322eead72edb78f5abce7317340081aefeb553027036a7e662e9dade4bf8f697f4d42ff9325693eb95fe832c5a8f7cd82 SHA512 14e2f58a095eba2ae7e96523602b3426734e8147b60cbfb25068b8be8e8442d3f70489252f21bd3f8367d3c6af146d274205161b104b7dc6f2b0890f48b0816d -EBUILD kconfig-5.60.0-r1.ebuild 713 BLAKE2B c85b007da49c9b982ef2a000b81a04e11aee5aa5c963b7c41179d9dc7ef077038e34fd6383a50ca612631b40e5e3bc181f982f9dcd3f6f6ab5bd0b6737873866 SHA512 fd7329e41ffda88dfc3b0b3800a4dcd6540e2ec9d262fef35ecbfd617035c500ccfa8608ee66c5e4b7679ebdb2326fefb5c1c6e2ff989259b7cdf9221050c15d -EBUILD kconfig-5.64.0.ebuild 713 BLAKE2B 2a3fd5c1ab2ecd6fd5588df8e8fdf8c524a23f95e6b79421a60789fb81e660fa27871eff7fb9f47b88f0eb0a56865fd8b961561101c831452454f7de1b375e6b SHA512 b12372c7019081c026b1928f296a4c0a0ca49a8198c85d7be7ef4ea37970c4d156f4ff3d63448ed7d228a17a87d16b4974d0f83591d9b5a838beb6ede4ced7cc +DIST kconfig-5.65.0.tar.xz 246060 BLAKE2B 4d5a93def9d50e164d21a38d0884efc92cece563dc7362cc6c26055dae2bfe60b48fa97738b1a3700f33ecb2a8f86167b87dff3f857eb659089360555d036260 SHA512 4a15605ac1d573eb01acb06c83c1ad7dc64f1642f295ad162b460f32ef7c77eeab0d7fdf131057da04c669bbb4f35201f580c52b2f034c4bb0129bbf7775800b +EBUILD kconfig-5.64.0.ebuild 710 BLAKE2B fe4c732d49e4652207e10e775d82d79f4c3f0479bc2983487137c122aeb84e0cce4796518d4b3e6e9cc1d0525c31d1387a21a4df89fe61ac4dd283e07c7a3a36 SHA512 f57f35aff5c8eb40f9615e8b6afed03ff23678ace94fb606965854be8f98c12b1bac5aa8bd9e35b3b149b1a0f839b5d4913e2460a56ee7b6a0bf9b8a4a7f03d9 +EBUILD kconfig-5.65.0.ebuild 713 BLAKE2B 2a3fd5c1ab2ecd6fd5588df8e8fdf8c524a23f95e6b79421a60789fb81e660fa27871eff7fb9f47b88f0eb0a56865fd8b961561101c831452454f7de1b375e6b SHA512 b12372c7019081c026b1928f296a4c0a0ca49a8198c85d7be7ef4ea37970c4d156f4ff3d63448ed7d228a17a87d16b4974d0f83591d9b5a838beb6ede4ced7cc MISC metadata.xml 249 BLAKE2B ad415db89e5dee1627aa77f44ded9d4e1e5b8217d06c7ca25bbaa3fe92ce67c2b1090957c45a821b407d7927e5af798498aa6a5b903895ee1af8ee20a446c7f7 SHA512 76a5a340b13f0053ca3c5e94ed24380ea8d29b45ac8655419e22eaadb1e4a827c04d2e7e36b65145c4964e6526f656618fc6ac144e277ef53cb7373e6239e3c3 diff --git a/kde-frameworks/kconfig/files/kconfig-5.60.0-CVE-2019-14744.patch b/kde-frameworks/kconfig/files/kconfig-5.60.0-CVE-2019-14744.patch deleted file mode 100644 index e8a799ca5d2d..000000000000 --- a/kde-frameworks/kconfig/files/kconfig-5.60.0-CVE-2019-14744.patch +++ /dev/null @@ -1,147 +0,0 @@ -From 5d3e71b1d2ecd2cb2f910036e614ffdfc895aa22 Mon Sep 17 00:00:00 2001 -From: David Faure <faure@kde.org> -Date: Wed, 7 Aug 2019 09:35:36 +0200 -Subject: Security: remove support for $(...) in config keys with [$e] marker. - -Summary: -It is very unclear at this point what a valid use case for this feature -would possibly be. The old documentation only mentions $(hostname) as -an example, which can be done with $HOSTNAME instead. - -Note that $(...) is still supported in Exec lines of desktop files, -this does not require [$e] anyway (and actually works better without it, -otherwise the $ signs need to be doubled to obey kconfig $e escaping rules...). - -Test Plan: -ctest passes; various testcases with $(...) in desktop files, -directory files, and config files, no longer execute commands. - -Reviewers: mdawson, aacid, broulik, davidedmundson, kossebau, apol, sitter, security-team - -Reviewed By: mdawson, davidedmundson - -Subscribers: ZaWertun, rikmills, fvogt, ngraham, kde-frameworks-devel - -Tags: #frameworks - -Differential Revision: https://phabricator.kde.org/D22979 ---- - autotests/kconfigtest.cpp | 10 ++-------- - docs/options.md | 11 ++++------- - src/core/kconfig.cpp | 37 +------------------------------------ - 3 files changed, 7 insertions(+), 51 deletions(-) - -diff --git a/autotests/kconfigtest.cpp b/autotests/kconfigtest.cpp -index 410b5b8..9af3b46 100644 ---- a/autotests/kconfigtest.cpp -+++ b/autotests/kconfigtest.cpp -@@ -38,7 +38,7 @@ - #include <utime.h> - #endif - #ifndef Q_OS_WIN --#include <unistd.h> // gethostname -+#include <unistd.h> // getuid - #endif - - KCONFIGGROUP_DECLARE_ENUM_QOBJECT(KConfigTest, Testing) -@@ -546,14 +546,8 @@ void KConfigTest::testPath() - QCOMPARE(group.readPathEntry("withBraces", QString()), QString("file://" + HOMEPATH)); - QVERIFY(group.hasKey("URL")); - QCOMPARE(group.readEntry("URL", QString()), QString("file://" + HOMEPATH)); --#if !defined(Q_OS_WIN32) && !defined(Q_OS_MAC) -- // I don't know if this will work on windows -- // This test hangs on OS X - QVERIFY(group.hasKey("hostname")); -- char hostname[256]; -- QVERIFY(::gethostname(hostname, sizeof(hostname)) == 0); -- QCOMPARE(group.readEntry("hostname", QString()), QString::fromLatin1(hostname)); --#endif -+ QCOMPARE(group.readEntry("hostname", QString()), QStringLiteral("(hostname)")); // the $ got removed because empty var name - QVERIFY(group.hasKey("noeol")); - QCOMPARE(group.readEntry("noeol", QString()), QString("foo")); - -diff --git a/docs/options.md b/docs/options.md -index c634c00..4a6e9bc 100644 ---- a/docs/options.md -+++ b/docs/options.md -@@ -67,18 +67,15 @@ environment variables (and `XDG_CONFIG_HOME` in particular). - Shell Expansion - --------------- - --If an entry is marked with `$e`, environment variables and shell commands will --be expanded. -+If an entry is marked with `$e`, environment variables will be expanded. - - Name[$e]=$USER -- Host[$e]=$(hostname) - - When the "Name" entry is read `$USER` will be replaced with the value of the --`$USER` environment variable, and `$(hostname)` will be replaced with the output --of the `hostname` command. -+`$USER` environment variable. - --Note that the application will replace `$USER` and `$(hostname)` with their --respective expanded values after saving. To prevent this combine the `$e` option -+Note that the application will replace `$USER` with its -+expanded value after saving. To prevent this combine the `$e` option - with `$i` (immmutable) option. For example: - - Name[$ei]=$USER -diff --git a/src/core/kconfig.cpp b/src/core/kconfig.cpp -index e1b11ed..f6824ce 100644 ---- a/src/core/kconfig.cpp -+++ b/src/core/kconfig.cpp -@@ -28,19 +28,6 @@ - #include <cstdlib> - #include <fcntl.h> - --#ifdef _MSC_VER --static inline FILE *popen(const char *cmd, const char *mode) --{ -- return _popen(cmd, mode); --} --static inline int pclose(FILE *stream) --{ -- return _pclose(stream); --} --#else --#include <unistd.h> --#endif -- - #include "kconfigbackend_p.h" - #include "kconfiggroup.h" - -@@ -183,29 +170,7 @@ QString KConfigPrivate::expandString(const QString &value) - int nDollarPos = aValue.indexOf(QLatin1Char('$')); - while (nDollarPos != -1 && nDollarPos + 1 < aValue.length()) { - // there is at least one $ -- if (aValue[nDollarPos + 1] == QLatin1Char('(')) { -- int nEndPos = nDollarPos + 1; -- // the next character is not $ -- while ((nEndPos <= aValue.length()) && (aValue[nEndPos] != QLatin1Char(')'))) { -- nEndPos++; -- } -- nEndPos++; -- QString cmd = aValue.mid(nDollarPos + 2, nEndPos - nDollarPos - 3); -- -- QString result; -- --// FIXME: wince does not have pipes --#ifndef _WIN32_WCE -- FILE *fs = popen(QFile::encodeName(cmd).data(), "r"); -- if (fs) { -- QTextStream ts(fs, QIODevice::ReadOnly); -- result = ts.readAll().trimmed(); -- pclose(fs); -- } --#endif -- aValue.replace(nDollarPos, nEndPos - nDollarPos, result); -- nDollarPos += result.length(); -- } else if (aValue[nDollarPos + 1] != QLatin1Char('$')) { -+ if (aValue[nDollarPos + 1] != QLatin1Char('$')) { - int nEndPos = nDollarPos + 1; - // the next character is not $ - QStringRef aVarName; --- -cgit v1.1 - diff --git a/kde-frameworks/kconfig/kconfig-5.64.0.ebuild b/kde-frameworks/kconfig/kconfig-5.64.0.ebuild index 2d595084213f..49afb6da4795 100644 --- a/kde-frameworks/kconfig/kconfig-5.64.0.ebuild +++ b/kde-frameworks/kconfig/kconfig-5.64.0.ebuild @@ -9,7 +9,7 @@ inherit ecm kde.org DESCRIPTION="Framework for reading and writing configuration" LICENSE="LGPL-2+" -KEYWORDS="~amd64 ~arm ~arm64 ~x86" +KEYWORDS="amd64 ~arm arm64 x86" IUSE="dbus nls" BDEPEND=" diff --git a/kde-frameworks/kconfig/kconfig-5.60.0-r1.ebuild b/kde-frameworks/kconfig/kconfig-5.65.0.ebuild index 051742601b42..2d595084213f 100644 --- a/kde-frameworks/kconfig/kconfig-5.60.0-r1.ebuild +++ b/kde-frameworks/kconfig/kconfig-5.65.0.ebuild @@ -3,24 +3,25 @@ EAPI=7 +QTMIN=5.12.3 VIRTUALX_REQUIRED="test" -inherit kde5 +inherit ecm kde.org DESCRIPTION="Framework for reading and writing configuration" LICENSE="LGPL-2+" -KEYWORDS="amd64 ~arm arm64 x86" +KEYWORDS="~amd64 ~arm ~arm64 ~x86" IUSE="dbus nls" BDEPEND=" - nls? ( $(add_qt_dep linguist-tools) ) + nls? ( >=dev-qt/linguist-tools-${QTMIN}:5 ) " RDEPEND=" - $(add_qt_dep qtgui) - $(add_qt_dep qtxml) - dbus? ( $(add_qt_dep qtdbus) ) + >=dev-qt/qtgui-${QTMIN}:5 + >=dev-qt/qtxml-${QTMIN}:5 + dbus? ( >=dev-qt/qtdbus-${QTMIN}:5 ) " DEPEND="${RDEPEND} - test? ( $(add_qt_dep qtconcurrent) ) + test? ( >=dev-qt/qtconcurrent-${QTMIN}:5 ) " # bug 560086 @@ -28,11 +29,9 @@ RESTRICT+=" test" DOCS=( DESIGN docs/DESIGN.kconfig docs/options.md ) -PATCHES=( "${FILESDIR}/${P}-CVE-2019-14744.patch") - src_configure() { local mycmakeargs=( -DKCONFIG_USE_DBUS=$(usex dbus) ) - kde5_src_configure + ecm_src_configure } |