From 0f558761aa2dee1017b4751e4017205e015a9560 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Wed, 29 Jun 2022 12:04:12 +0100
Subject: gentoo resync : 29.12.2022

---
 mail-client/sylpheed/Manifest                      |  4 +-
 .../sylpheed/files/sylpheed-CVE-2021-37746.patch   | 39 ++++++++++++
 mail-client/sylpheed/sylpheed-3.7.0-r4.ebuild      |  8 +--
 mail-client/sylpheed/sylpheed-3.7.0-r5.ebuild      | 69 ++++++++++++++++++++++
 4 files changed, 115 insertions(+), 5 deletions(-)
 create mode 100644 mail-client/sylpheed/files/sylpheed-CVE-2021-37746.patch
 create mode 100644 mail-client/sylpheed/sylpheed-3.7.0-r5.ebuild

(limited to 'mail-client/sylpheed')

diff --git a/mail-client/sylpheed/Manifest b/mail-client/sylpheed/Manifest
index afe308d44c38..9551189f11cf 100644
--- a/mail-client/sylpheed/Manifest
+++ b/mail-client/sylpheed/Manifest
@@ -1,4 +1,6 @@
+AUX sylpheed-CVE-2021-37746.patch 1284 BLAKE2B c0b17ed528a957c9a907c5cbf8ba3288ce989cd0f6da28571e92a210e36008a3c26bc52f0d6eeea6c6c922d1fb3c920a81aeeb2cae6b8f785edee780615d768c SHA512 dd3d00ee9bfaff6e1670ed312d90ddd016c28cee244eae35feb8acd922adf916fdf134663b497bd3541e2706a612f62a932bee11ff2629d4109d2994251e39a1
 AUX sylpheed-tls-1.3.patch 496 BLAKE2B faa07a14de7f8f0501a2de29fc98ebcda52138f6a912ceaf114fddd4b5029fb81a2a2c3a55724beb191fcaa613a828225bbacf6a7cdb46a66b69e763525b5483 SHA512 a4590da5381ff60d5d0549af674f9f1a30acb7617a5d76a5e11b34d74d699bc91e1d80380e5b346a66933b097ea915fffd7508571df504686777e13701585377
 DIST sylpheed-3.7.0.tar.bz2 3612328 BLAKE2B bd8182db8a46b956e12b3da4b15d3ee8184a612e2fb216aca20fd4a022610b17416f994d36b390a5a92835915e95f08bd59bf71154a86962c9564162be891f21 SHA512 490837528bf7ba9d26994cd5fff00b6e5390a127419b9d0efd9fc25c38be1291d55c5b8daebdf5ca9d9159a51c938449e76212328f3eae40cc039db88cb5caa4
-EBUILD sylpheed-3.7.0-r4.ebuild 1556 BLAKE2B 28dc992a764a1db708a50f1f606359f392ed70d36c13a37485b99a7d252ed6b8084e071d1538e99915bd6cac3b6d7e697385489c5778d9b3b5b1fd3aba26b0d2 SHA512 07515fc97eed27c8f92435226f105671f79971646709f55bd51a78f497ebde7b54ca80dd223791acadf9a51dd1ea2f5703e9eddec9a6873615025f4fb45eb2ff
+EBUILD sylpheed-3.7.0-r4.ebuild 1596 BLAKE2B ff3de1e11dd8955a138eaa49e5a0020baab4dfc60c60a299237140ae1ad725c64bacc1652e09ee7ac2da0866ab448068b49090eff69713630c47cfb8cc94b299 SHA512 34e37a865fe051ac42480d7333b47e3933f82b352ec95ee0cc7b802acca7e4cc57a412010890afec06a243dac9ab5a54a712aad82d25b447610daefad6df9f78
+EBUILD sylpheed-3.7.0-r5.ebuild 1644 BLAKE2B 888426fc35d914b00aa6b0e54897c10122b7264148730fec983546acf32d3e6bd4487190bb9dc8e7d46878b173635378dab67206175a3bbc68d937d1def76f3f SHA512 35ee59c3a4d1436383c679298bda373770c54b6ac3ae903481b111899bd6efc95d1c7ad830cfa5a3a25bbebe5d31c6733ca51cbf314af6c8c5d8a567463c1d5e
 MISC metadata.xml 353 BLAKE2B fcf86ed5908d01a1bbc2ee5c0a20a9b378a72039814d5cdcc1a139c14cab31d4137d020449c705002e61b0fa9294d4f8e1abd09a71ca7adae37f6e298c881448 SHA512 44dac43e49c796178bad4884b9a57cd225e6e6e9f78e72eb01e34a2f68fd277bce050aa527284f9a638d8b05c2cda9fdbdc2af72d2efdeca5ebbd0e0b168fc71
diff --git a/mail-client/sylpheed/files/sylpheed-CVE-2021-37746.patch b/mail-client/sylpheed/files/sylpheed-CVE-2021-37746.patch
new file mode 100644
index 000000000000..47a6f078e824
--- /dev/null
+++ b/mail-client/sylpheed/files/sylpheed-CVE-2021-37746.patch
@@ -0,0 +1,39 @@
+https://src.fedoraproject.org/rpms/sylpheed/blob/rawhide/f/sylpheed-3.7.0-uri-check.patch
+
+From 4d7dfe055673b49391af66f45643bc956799a4ca Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
+Date: Mon, 2 Aug 2021 12:04:42 +0200
+Subject: [PATCH] harden link checker before accepting click
+
+http://git.claws-mail.org/?p=claws.git;a=commitdiff_plain;h=ac286a71ed78429e16c612161251b9ea90ccd431;hp=a4a629ce824011f5ae3f0b8cb1117f9608b7f5ad
+
+Resolves: CVE-2021-37746
+---
+ src/textview.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/textview.c b/src/textview.c
+index e55eea9e..6fbb8a1d 100644
+--- a/src/textview.c
++++ b/src/textview.c
+@@ -2689,7 +2689,7 @@ static gboolean textview_uri_security_check(TextView *textview, RemoteURI *uri)
+ 	gboolean retval = TRUE;
+ 
+ 	if (is_uri_string(uri->uri) == FALSE)
+-		return TRUE;
++		return FALSE;
+ 
+ 	buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(textview->text));
+ 	gtk_text_buffer_get_iter_at_offset(buffer, &start_iter, uri->start);
+@@ -2725,6 +2725,8 @@ static gboolean textview_uri_security_check(TextView *textview, RemoteURI *uri)
+ 		if (aval == G_ALERTDEFAULT)
+ 			retval = TRUE;
+ 	}
++	if (strlen(uri->uri) > get_uri_len(uri->uri))
++		retval = FALSE;
+ 
+ 	g_free(visible_str);
+ 
+-- 
+2.31.1
+
diff --git a/mail-client/sylpheed/sylpheed-3.7.0-r4.ebuild b/mail-client/sylpheed/sylpheed-3.7.0-r4.ebuild
index 87d688309d8c..57420df5d568 100644
--- a/mail-client/sylpheed/sylpheed-3.7.0-r4.ebuild
+++ b/mail-client/sylpheed/sylpheed-3.7.0-r4.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI="7"
+EAPI="8"
 
 inherit desktop xdg
 
@@ -24,9 +24,7 @@ CDEPEND="net-libs/liblockfile
 		app-text/gtkspell:2
 		dev-libs/dbus-glib
 	)
-	ssl? (
-		dev-libs/openssl:0=
-	)"
+	ssl? ( dev-libs/openssl:0= )"
 RDEPEND="${CDEPEND}
 	app-misc/mime-types
 	net-misc/curl"
@@ -63,4 +61,6 @@ src_install() {
 	emake DESTDIR="${D}" install-plugin
 	docinto plugin/attachment_tool
 	dodoc README
+
+	find "${ED}" -name '*.la' -delete || die
 }
diff --git a/mail-client/sylpheed/sylpheed-3.7.0-r5.ebuild b/mail-client/sylpheed/sylpheed-3.7.0-r5.ebuild
new file mode 100644
index 000000000000..e305207ab055
--- /dev/null
+++ b/mail-client/sylpheed/sylpheed-3.7.0-r5.ebuild
@@ -0,0 +1,69 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="8"
+
+inherit desktop xdg
+
+DESCRIPTION="A lightweight email client and newsreader"
+HOMEPAGE="http://sylpheed.sraoss.jp/"
+SRC_URI="http://${PN}.sraoss.jp/${PN}/v${PV%.*}/${P}.tar.bz2"
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="crypt ipv6 ldap nls oniguruma spell ssl xface"
+
+CDEPEND="net-libs/liblockfile
+	x11-libs/gtk+:2
+	crypt? ( app-crypt/gpgme:= )
+	ldap? ( net-nds/openldap:= )
+	nls? ( sys-devel/gettext )
+	oniguruma? ( dev-libs/oniguruma:= )
+	spell? (
+		app-text/gtkspell:2
+		dev-libs/dbus-glib
+	)
+	ssl? ( dev-libs/openssl:0= )"
+RDEPEND="${CDEPEND}
+	app-misc/mime-types
+	net-misc/curl"
+DEPEND="${CDEPEND}
+	xface? ( media-libs/compface )"
+BDEPEND="virtual/pkgconfig"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-tls-1.3.patch
+	"${FILESDIR}"/${PN}-CVE-2021-37746.patch
+)
+DOCS="AUTHORS ChangeLog* NEW* PLUGIN* README* TODO*"
+
+src_configure() {
+	local htmldir="${EPREFIX}"/usr/share/doc/${PF}/html
+	econf \
+		$(use_enable crypt gpgme) \
+		$(use_enable ipv6) \
+		$(use_enable ldap) \
+		$(use_enable oniguruma) \
+		$(use_enable spell gtkspell) \
+		$(use_enable ssl) \
+		$(use_enable xface compface) \
+		--with-plugindir="${EPREFIX}"/usr/$(get_libdir)/${PN}/plugins \
+		--with-manualdir="${htmldir}"/manual \
+		--with-faqdir="${htmldir}"/faq \
+		--disable-updatecheck
+}
+
+src_install() {
+	default
+
+	doicon *.png
+	domenu *.desktop
+
+	cd plugin/attachment_tool
+	emake DESTDIR="${D}" install-plugin
+	docinto plugin/attachment_tool
+	dodoc README
+
+	find "${ED}" -name '*.la' -delete || die
+}
-- 
cgit v1.2.3