summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2020-09-28 20:40:24 +0200
committerAndreas Sturmlechner <asturm@gentoo.org>2020-09-28 23:28:22 +0200
commitf25fa2d93956341a938c84f2da5057b8fe2e259c (patch)
treee8ad7c91600c172f56b9dc531d2abcc1e36b6ecc
parentnet-irc/konversation: 1.7.6 version bump (diff)
downloadgentoo-f25fa2d93956341a938c84f2da5057b8fe2e259c.tar.gz
gentoo-f25fa2d93956341a938c84f2da5057b8fe2e259c.tar.bz2
gentoo-f25fa2d93956341a938c84f2da5057b8fe2e259c.zip
kde-apps/ark: Fix CVE-2020-24654
Bug: https://bugs.gentoo.org/743959 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
-rw-r--r--kde-apps/ark/ark-20.04.3-r2.ebuild84
-rw-r--r--kde-apps/ark/files/ark-20.04.3-CVE-2020-24654.patch53
2 files changed, 137 insertions, 0 deletions
diff --git a/kde-apps/ark/ark-20.04.3-r2.ebuild b/kde-apps/ark/ark-20.04.3-r2.ebuild
new file mode 100644
index 00000000000..d77562b55a7
--- /dev/null
+++ b/kde-apps/ark/ark-20.04.3-r2.ebuild
@@ -0,0 +1,84 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+ECM_HANDBOOK="forceoptional"
+ECM_TEST="optional"
+KFMIN=5.70.0
+QTMIN=5.14.2
+VIRTUALX_REQUIRED="test"
+inherit ecm kde.org optfeature
+
+DESCRIPTION="File archiver by KDE"
+HOMEPAGE="https://kde.org/applications/en/ark
+https://utils.kde.org/projects/ark/"
+
+LICENSE="GPL-2" # TODO: CHECK
+SLOT="5"
+KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
+IUSE="zip"
+
+BDEPEND="
+ sys-devel/gettext
+"
+RDEPEND="
+ app-arch/libarchive:=[bzip2,lzma,zlib]
+ >=dev-qt/qtdbus-${QTMIN}:5
+ >=dev-qt/qtgui-${QTMIN}:5
+ >=dev-qt/qtwidgets-${QTMIN}:5
+ >=kde-frameworks/karchive-${KFMIN}:5
+ >=kde-frameworks/kcompletion-${KFMIN}:5
+ >=kde-frameworks/kconfig-${KFMIN}:5
+ >=kde-frameworks/kconfigwidgets-${KFMIN}:5
+ >=kde-frameworks/kcoreaddons-${KFMIN}:5
+ >=kde-frameworks/kcrash-${KFMIN}:5
+ >=kde-frameworks/kdbusaddons-${KFMIN}:5
+ >=kde-frameworks/ki18n-${KFMIN}:5
+ >=kde-frameworks/kio-${KFMIN}:5
+ >=kde-frameworks/kitemmodels-${KFMIN}:5
+ >=kde-frameworks/kjobwidgets-${KFMIN}:5
+ >=kde-frameworks/kparts-${KFMIN}:5
+ >=kde-frameworks/kpty-${KFMIN}:5
+ >=kde-frameworks/kservice-${KFMIN}:5
+ >=kde-frameworks/kwidgetsaddons-${KFMIN}:5
+ >=kde-frameworks/kxmlgui-${KFMIN}:5
+ sys-libs/zlib
+ zip? ( >=dev-libs/libzip-1.2.0:= )
+"
+DEPEND="${RDEPEND}
+ >=dev-qt/qtconcurrent-${QTMIN}:5
+"
+
+PATCHES=(
+ "${FILESDIR}/${P}-CVE-2020-16116.patch"
+ "${FILESDIR}/${P}-CVE-2020-24654.patch"
+)
+
+src_configure() {
+ local mycmakeargs=(
+ $(cmake_use_find_package zip LibZip)
+ )
+
+ ecm_src_configure
+}
+
+src_test() {
+ local myctestargs=(
+ -E "(plugins-clirartest)"
+ )
+
+ ecm_src_test
+}
+
+pkg_postinst() {
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ elog "Optional dependencies:"
+ optfeature "rar archive creation/extraction" app-arch/rar
+ optfeature "rar archive extraction only" app-arch/unar app-arch/unrar
+ optfeature "7-Zip archive support" app-arch/p7zip
+ optfeature "lrz archive support" app-arch/lrzip
+ optfeature "markdown support in text previews" kde-misc/markdownpart:${SLOT} kde-misc/kmarkdownwebview:${SLOT}
+ fi
+ ecm_pkg_postinst
+}
diff --git a/kde-apps/ark/files/ark-20.04.3-CVE-2020-24654.patch b/kde-apps/ark/files/ark-20.04.3-CVE-2020-24654.patch
new file mode 100644
index 00000000000..8b3821893ef
--- /dev/null
+++ b/kde-apps/ark/files/ark-20.04.3-CVE-2020-24654.patch
@@ -0,0 +1,53 @@
+From 8bf8c5ef07b0ac5e914d752681e470dea403a5bd Mon Sep 17 00:00:00 2001
+From: Fabian Vogt <fabian@ritter-vogt.de>
+Date: Tue, 25 Aug 2020 22:14:37 +0200
+Subject: [PATCH] Pass the ARCHIVE_EXTRACT_SECURE_SYMLINKS flag to libarchive
+
+There are archive types which allow to first create a symlink and then
+later on dereference it. If the symlink points outside of the archive,
+this results in writing outside of the destination directory.
+
+With the ARCHIVE_EXTRACT_SECURE_SYMLINKS option set, libarchive avoids
+this situation by verifying that none of the target path components are
+symlinks before writing.
+
+Remove the commented out code in the method, which would actually
+misbehave if enabled again.
+
+Signed-off-by: Fabian Vogt <fabian@ritter-vogt.de>
+---
+ plugins/libarchive/libarchiveplugin.cpp | 18 +++---------------
+ 1 file changed, 3 insertions(+), 15 deletions(-)
+
+diff --git a/plugins/libarchive/libarchiveplugin.cpp b/plugins/libarchive/libarchiveplugin.cpp
+index 50e81da1..8a0fed21 100644
+--- a/plugins/libarchive/libarchiveplugin.cpp
++++ b/plugins/libarchive/libarchiveplugin.cpp
+@@ -509,21 +509,9 @@ void LibarchivePlugin::emitEntryFromArchiveEntry(struct archive_entry *aentry)
+
+ int LibarchivePlugin::extractionFlags() const
+ {
+- int result = ARCHIVE_EXTRACT_TIME;
+- result |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
+-
+- // TODO: Don't use arksettings here
+- /*if ( ArkSettings::preservePerms() )
+- {
+- result &= ARCHIVE_EXTRACT_PERM;
+- }
+-
+- if ( !ArkSettings::extractOverwrite() )
+- {
+- result &= ARCHIVE_EXTRACT_NO_OVERWRITE;
+- }*/
+-
+- return result;
++ return ARCHIVE_EXTRACT_TIME
++ | ARCHIVE_EXTRACT_SECURE_NODOTDOT
++ | ARCHIVE_EXTRACT_SECURE_SYMLINKS;
+ }
+
+ void LibarchivePlugin::copyData(const QString& filename, struct archive *dest, bool partialprogress)
+--
+GitLab
+