summaryrefslogtreecommitdiff
path: root/kde-frameworks/ktexteditor
diff options
context:
space:
mode:
Diffstat (limited to 'kde-frameworks/ktexteditor')
-rw-r--r--kde-frameworks/ktexteditor/Manifest7
-rw-r--r--kde-frameworks/ktexteditor/files/ktexteditor-5.46.0-CVE-2018-10361.patch187
-rw-r--r--kde-frameworks/ktexteditor/ktexteditor-5.50.0.ebuild4
-rw-r--r--kde-frameworks/ktexteditor/ktexteditor-5.51.0.ebuild (renamed from kde-frameworks/ktexteditor/ktexteditor-5.46.0-r1.ebuild)7
4 files changed, 7 insertions, 198 deletions
diff --git a/kde-frameworks/ktexteditor/Manifest b/kde-frameworks/ktexteditor/Manifest
index f0b98f2f35f3..39fd2eade014 100644
--- a/kde-frameworks/ktexteditor/Manifest
+++ b/kde-frameworks/ktexteditor/Manifest
@@ -1,6 +1,5 @@
-AUX ktexteditor-5.46.0-CVE-2018-10361.patch 6579 BLAKE2B 9e992f2fc416cf51b30476df46f290069d490c22c09f5f0a7d790789163f1269373c607260ed638c62984cf405944ebd7a36b564ef6d80603827a3f23c4c5662 SHA512 c67557557e8eea7c74426df333301c8e8db6af7d892e7a8aff7e545b450155253b47eabc3a1baeb669e7e34539615d8f8cdf99e4b199204a4decb9962b11b423
-DIST ktexteditor-5.46.0.tar.xz 2296888 BLAKE2B 45572ff487505c38f6dfa23b96bd84ba83292ae1077bf3615fc2d30aaf6aa0347605a7c2ae4df68cc92552c1ecd8060ce1ba44f11bc78cfe736149476d6af5ab SHA512 b0197a82e9489c4093594c68a6c21dc9e204ec78cd17e5a0117d84e501710d90ad06214ed217332279f3b67ae84119d09d6eb19e33b37b7bde2ebb8a07b6a543
DIST ktexteditor-5.50.0.tar.xz 2247840 BLAKE2B 000f2e9f021d3e6275baafe0e70c7d24ef950e1d6ad13ecfc0ed7dc60ce09840a11401b3b6b00f1cddd3155ad4cde82fe93689a259af32efba1d01e8299509c4 SHA512 ab58d937d7b3e6374f7800fa81d52522a8fe73e67a222402b557b41770f1067348bb6b0e8a4e76cf4c983cc3e2e9df0760bd10791531b6d59cbd438c39e93537
-EBUILD ktexteditor-5.46.0-r1.ebuild 1478 BLAKE2B 1db4a6c3fbdd3149f0494d2d97ff7b6638393e1559df27f4206c10f04ec8dbd41c07d8c540c0cff133c8e1ff9ac7084f3b7cdf95169b8f67d6ddd7825d11b18b SHA512 86a33f3ffb9fbd7f077bed69fd3e1e800a332ac6e239c7b6994d5cb2656b7100db45fa19fb9f9bd6db46a827190c426a853b92dcf4b4b93b383ae3b71651e037
-EBUILD ktexteditor-5.50.0.ebuild 1467 BLAKE2B 1703e79ee198f14c5cd6ece3caca83caf24fb336951c8cc00315a4fa18128405b70b5f056ba5fa3862da0b73291bad3296732cb26edb0085c22d7236195cd914 SHA512 6765fb3da287956365ebfe558c7f04dcf0ed3b94305ada6e1622fea10751f6fcee80556f8b9d8e5364c49412621fc7e12e5c85e10d282621672082e9fe32377f
+DIST ktexteditor-5.51.0.tar.xz 2249636 BLAKE2B 5f537e5a69a6bbe51b9470908e66c027966d0c9cf362362b6c8a05345b7bcea35026ed87378d0a3b44d32cf5504766df176e6299b486cba6ae7d2a16aa618035 SHA512 9da7f51240b9772e03d90438a3e21f29889ef0e69c7af86ffbd702f7a1569cffeda52e1f24f1b4a28739366a5229348a147da994e2ffe32b1a6d5dc17213f0f9
+EBUILD ktexteditor-5.50.0.ebuild 1462 BLAKE2B 2079339d4c9abdba2f9519c0d45e2a3e49fcd0abd8bdeeafefdd78c6fb917988906b759f19d13f8bc9d08f0bab9ebf0cdf17c07d9f7ad225b4cf8b2dbb5d164c SHA512 93d1828f0ae9dc86ccb2551baddd6bf359b13b2e04545df16a5f404b318519c8ca2a969532a05b6f98187ae92292785530b2ca023c1f7ccc3e76372330192e43
+EBUILD ktexteditor-5.51.0.ebuild 1395 BLAKE2B b4be6ac4af75375ed216a680e467b88cb002a803ee3fbe64f2e9d7c69fe8a17cebe9e88ba8fe5ccee276b2e29bbdb4d0a94c57fe9aa98a51ada0911d19302ce1 SHA512 e829402126d57b4794a42e0899735b82e35dc9a2615d2a6eda997ab28c8fd4a1c1bb005488e901bec314bbf5c669bb862ac900acc0fcb9217d6cbd76fc73e6aa
MISC metadata.xml 351 BLAKE2B 7e4b1aefcf41fd5e37bd68d4e2fdb057be4ba7f8efb18b3494fe551c1990eb5209e4692e9b9a5618c950875c03a05ba6a39e2ea8c7f63c9894dab23277b0a070 SHA512 e87786bace9486ef7f23fe747b3a880af51a6b0b2e7dd7c0e6c7e597bb9ac11e787c403e15cded386632d13682061f7dbcd47e2b411b12f998de964bbfe57301
diff --git a/kde-frameworks/ktexteditor/files/ktexteditor-5.46.0-CVE-2018-10361.patch b/kde-frameworks/ktexteditor/files/ktexteditor-5.46.0-CVE-2018-10361.patch
deleted file mode 100644
index d3b9b5d480ac..000000000000
--- a/kde-frameworks/ktexteditor/files/ktexteditor-5.46.0-CVE-2018-10361.patch
+++ /dev/null
@@ -1,187 +0,0 @@
-From c81af5aa1d4f6e0f8c44b2e85ca007ba2a1e4590 Mon Sep 17 00:00:00 2001
-From: Christoph Cullmann <cullmann@kde.org>
-Date: Thu, 7 Jun 2018 16:12:25 +0200
-Subject: CVE-2018-10361: privilege escalation
-
-improve handling of temporary file to avoid possible race-condition
-
-Differential Revision: https://phabricator.kde.org/D12513
----
- src/buffer/katesecuretextbuffer.cpp | 99 +++++++++++++++++--------------------
- src/buffer/katesecuretextbuffer_p.h | 4 --
- 2 files changed, 46 insertions(+), 57 deletions(-)
-
-diff --git a/src/buffer/katesecuretextbuffer.cpp b/src/buffer/katesecuretextbuffer.cpp
-index 0647bee..c014608 100644
---- a/src/buffer/katesecuretextbuffer.cpp
-+++ b/src/buffer/katesecuretextbuffer.cpp
-@@ -53,39 +53,37 @@ ActionReply SecureTextBuffer::savefile(const QVariantMap &args)
- bool SecureTextBuffer::saveFileInternal(const QString &sourceFile, const QString &targetFile,
- const QByteArray &checksum, const uint ownerId, const uint groupId)
- {
-- QFileInfo targetFileInfo(targetFile);
-- if (!QDir::setCurrent(targetFileInfo.dir().path())) {
-+ /**
-+ * open source file for reading
-+ * if not possible, signal error
-+ */
-+ QFile readFile(sourceFile);
-+ if (!readFile.open(QIODevice::ReadOnly)) {
- return false;
- }
-
-- // get information about target file
-- const QString targetFileName = targetFileInfo.fileName();
-- targetFileInfo.setFile(targetFileName);
-- const bool newFile = !targetFileInfo.exists();
--
-- // open source and target file
-- QFile readFile(sourceFile);
-- //TODO use QSaveFile for saving contents and automatic atomic move on commit() when QSaveFile's security problem
-- // (default temporary file permissions) is fixed
-- //
-- // We will first generate temporary filename and then use it relatively to prevent an attacker
-- // to trick us to write contents to a different file by changing underlying directory.
-- QTemporaryFile tempFile(targetFileName);
-+ /**
-+ * construct file info for target file
-+ * we need to know things like path/exists/permissions
-+ */
-+ const QFileInfo targetFileInfo(targetFile);
-+
-+ /**
-+ * create temporary file in current directory to be able to later do an atomic rename
-+ * we need to pass full path, else QTemporaryFile uses the temporary directory
-+ * if not possible, signal error, this catches e.g. a non-existing target directory, too
-+ */
-+ QTemporaryFile tempFile(targetFileInfo.absolutePath() + QStringLiteral("/secureXXXXXX"));
- if (!tempFile.open()) {
- return false;
- }
-- tempFile.close();
-- QString tempFileName = QFileInfo(tempFile).fileName();
-- tempFile.setFileName(tempFileName);
-- if (!readFile.open(QIODevice::ReadOnly) || !tempFile.open()) {
-- return false;
-- }
-- const int tempFileDescriptor = tempFile.handle();
-
-- // prepare checksum maker
-+ /**
-+ * copy contents + do checksumming
-+ * if not possible, signal error
-+ */
- QCryptographicHash cryptographicHash(checksumAlgorithm);
--
-- // copy contents
-+ const qint64 bufferLength = 4096;
- char buffer[bufferLength];
- qint64 read = -1;
- while ((read = readFile.read(buffer, bufferLength)) > 0) {
-@@ -95,30 +93,43 @@ bool SecureTextBuffer::saveFileInternal(const QString &sourceFile, const QString
- }
- }
-
-- // check that copying was successful and checksum matched
-- QByteArray localChecksum = cryptographicHash.result();
-- if (read == -1 || localChecksum != checksum || !tempFile.flush()) {
-+ /**
-+ * check that copying was successful and checksum matched
-+ * we need to flush the file, as QTemporaryFile keeps the handle open
-+ * and we later do things like renaming of the file!
-+ * if not possible, signal error
-+ */
-+ if ((read == -1) || (cryptographicHash.result() != checksum) || !tempFile.flush()) {
- return false;
- }
-
-- tempFile.close();
--
-- if (newFile) {
-+ /**
-+ * try to preserve the permissions
-+ */
-+ if (!targetFileInfo.exists()) {
- // ensure new file is readable by anyone
- tempFile.setPermissions(tempFile.permissions() | QFile::Permission::ReadGroup | QFile::Permission::ReadOther);
- } else {
- // ensure the same file permissions
- tempFile.setPermissions(targetFileInfo.permissions());
-+
- // ensure file has the same owner and group as before
-- setOwner(tempFileDescriptor, ownerId, groupId);
-+ setOwner(tempFile.handle(), ownerId, groupId);
- }
-
-- // rename temporary file to the target file
-- if (moveFile(tempFileName, targetFileName)) {
-+ /**
-+ * try to (atomic) rename temporary file to the target file
-+ */
-+ if (moveFile(tempFile.fileName(), targetFileInfo.filePath())) {
- // temporary file was renamed, there is nothing to remove anymore
- tempFile.setAutoRemove(false);
- return true;
- }
-+
-+ /**
-+ * we failed
-+ * QTemporaryFile will handle cleanup
-+ */
- return false;
- }
-
-@@ -141,28 +152,10 @@ bool SecureTextBuffer::moveFile(const QString &sourceFile, const QString &target
- {
- #if !defined(Q_OS_WIN) && !defined(Q_OS_ANDROID)
- const int result = std::rename(QFile::encodeName(sourceFile).constData(), QFile::encodeName(targetFile).constData());
-- if (result == 0) {
-- syncToDisk(QFile(targetFile).handle());
-- return true;
-- }
-- return false;
-+ return (result == 0);
- #else
- // use racy fallback for windows
- QFile::remove(targetFile);
- return QFile::rename(sourceFile, targetFile);
- #endif
- }
--
--void SecureTextBuffer::syncToDisk(const int fd)
--{
--#ifndef Q_OS_WIN
--#if HAVE_FDATASYNC
-- fdatasync(fd);
--#else
-- fsync(fd);
--#endif
--#else
-- // no-op for windows
--#endif
--}
--
-diff --git a/src/buffer/katesecuretextbuffer_p.h b/src/buffer/katesecuretextbuffer_p.h
-index a38285b..e00721c 100644
---- a/src/buffer/katesecuretextbuffer_p.h
-+++ b/src/buffer/katesecuretextbuffer_p.h
-@@ -56,8 +56,6 @@ public:
- static const QCryptographicHash::Algorithm checksumAlgorithm = QCryptographicHash::Algorithm::Sha512;
-
- private:
-- static const qint64 bufferLength = 4096;
--
- /**
- * Saves file contents using sets permissions.
- */
-@@ -66,8 +64,6 @@ private:
-
- static bool moveFile(const QString &sourceFile, const QString &targetFile);
-
-- static void syncToDisk(const int fd);
--
- public Q_SLOTS:
- /**
- * KAuth action to perform both prepare or move work based on given parameters.
---
-cgit v0.11.2
diff --git a/kde-frameworks/ktexteditor/ktexteditor-5.50.0.ebuild b/kde-frameworks/ktexteditor/ktexteditor-5.50.0.ebuild
index 7894f7bd968c..ad58dd3ca059 100644
--- a/kde-frameworks/ktexteditor/ktexteditor-5.50.0.ebuild
+++ b/kde-frameworks/ktexteditor/ktexteditor-5.50.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -8,7 +8,7 @@ inherit kde5
DESCRIPTION="Framework providing a full text editor component"
LICENSE="LGPL-2+"
-KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+KEYWORDS="amd64 ~arm ~arm64 x86"
IUSE="editorconfig git"
RDEPEND="
diff --git a/kde-frameworks/ktexteditor/ktexteditor-5.46.0-r1.ebuild b/kde-frameworks/ktexteditor/ktexteditor-5.51.0.ebuild
index ab7450b249e3..574303e70287 100644
--- a/kde-frameworks/ktexteditor/ktexteditor-5.46.0-r1.ebuild
+++ b/kde-frameworks/ktexteditor/ktexteditor-5.51.0.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
@@ -8,7 +8,7 @@ inherit kde5
DESCRIPTION="Framework providing a full text editor component"
LICENSE="LGPL-2+"
-KEYWORDS="amd64 ~arm ~arm64 x86"
+KEYWORDS="~amd64 ~arm ~arm64 ~x86"
IUSE="editorconfig git"
RDEPEND="
@@ -40,14 +40,11 @@ RDEPEND="
git? ( dev-libs/libgit2:= )
"
DEPEND="${RDEPEND}
- $(add_qt_dep qtxmlpatterns)
test? ( $(add_frameworks_dep kservice) )
"
RESTRICT+=" test"
-PATCHES=( "${FILESDIR}/${P}-CVE-2018-10361.patch" )
-
src_configure() {
local mycmakeargs=(
$(cmake-utils_use_find_package editorconfig EditorConfig)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 10:29:01 +0000