diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-02-01 04:37:04 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-02-01 08:59:52 +0100 |
commit | bd42aca52dc7532946a93fb3354a8454c4adfe94 (patch) | |
tree | 2314fe66b3c943fab158a4a4d9d55f1d012cee39 /source/kde | |
parent | 84f05e024aee5a7b537c367e56755b48d34f629b (diff) | |
download | current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.gz current-bd42aca52dc7532946a93fb3354a8454c4adfe94.tar.xz |
Tue Feb 1 04:37:04 UTC 202220220201043704
The sepulchral voice intones, "The cave is now closed."
kde/falkon-3.2.0-x86_64-1.txz: Upgraded.
kde/ktexteditor-5.90.0-x86_64-2.txz: Rebuilt.
[PATCH] only start programs in user's path.
[PATCH] only execute diff in path.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853
(* Security fix *)
l/libcanberra-0.30-x86_64-9.txz: Rebuilt.
Fix a bug crashing some applications in Wayland desktops.
Thanks to 01micko.
n/samba-4.15.5-x86_64-1.txz: Upgraded.
This is a security release in order to address the following defects:
UNIX extensions in SMB1 disclose whether the outside target of a symlink
exists.
Out-of-Bound Read/Write on Samba vfs_fruit module. This vulnerability
allows remote attackers to execute arbitrary code as root on affected Samba
installations that use the VFS module vfs_fruit.
Re-adding an SPN skips subsequent SPN conflict checks. An attacker who has
the ability to write to an account can exploit this to perform a
denial-of-service attack by adding an SPN that matches an existing service.
Additionally, an attacker who can intercept traffic can impersonate existing
services, resulting in a loss of confidentiality and integrity.
For more information, see:
https://www.samba.org/samba/security/CVE-2021-44141.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44141
https://www.samba.org/samba/security/CVE-2021-44142.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142
https://www.samba.org/samba/security/CVE-2022-0336.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0336
(* Security fix *)
x/xterm-370-x86_64-7.txz: Rebuilt.
Rebuilt with --disable-sixel-graphics to fix a buffer overflow.
Thanks to gmgf.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130
(* Security fix *)
testing/source/linux-5.16.4-configs/*: Added.
Sample config files to build 5.16.4 Linux kernels.
Diffstat (limited to 'source/kde')
-rw-r--r-- | source/kde/kde/build/falkon | 2 | ||||
-rw-r--r-- | source/kde/kde/build/ktexteditor | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/falkon.patch | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/falkon/falkon.qt-5.15.diff | 20 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor.patch | 2 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor/804e4944.patch | 104 | ||||
-rw-r--r-- | source/kde/kde/patch/ktexteditor/c80f935c.patch | 55 |
7 files changed, 163 insertions, 24 deletions
diff --git a/source/kde/kde/build/falkon b/source/kde/kde/build/falkon index b8626c4cf..d00491fd7 100644 --- a/source/kde/kde/build/falkon +++ b/source/kde/kde/build/falkon @@ -1 +1 @@ -4 +1 diff --git a/source/kde/kde/build/ktexteditor b/source/kde/kde/build/ktexteditor index d00491fd7..0cfbf0888 100644 --- a/source/kde/kde/build/ktexteditor +++ b/source/kde/kde/build/ktexteditor @@ -1 +1 @@ -1 +2 diff --git a/source/kde/kde/patch/falkon.patch b/source/kde/kde/patch/falkon.patch deleted file mode 100644 index 27a466836..000000000 --- a/source/kde/kde/patch/falkon.patch +++ /dev/null @@ -1,2 +0,0 @@ -# Fix build against Qt 5.15: -cat $CWD/patch/falkon/falkon.qt-5.15.diff | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/falkon/falkon.qt-5.15.diff b/source/kde/kde/patch/falkon/falkon.qt-5.15.diff deleted file mode 100644 index 60f1699e8..000000000 --- a/source/kde/kde/patch/falkon/falkon.qt-5.15.diff +++ /dev/null @@ -1,20 +0,0 @@ ---- ./src/lib/tools/qztools.cpp.orig 2019-03-19 13:06:45.000000000 -0500 -+++ ./src/lib/tools/qztools.cpp 2020-07-18 15:00:08.881313780 -0500 -@@ -25,6 +25,7 @@ - #include <QByteArray> - #include <QPixmap> - #include <QPainter> -+#include <QPainterPath> - #include <QBuffer> - #include <QFile> - #include <QDir> ---- ./src/plugins/VerticalTabs/verticaltabsplugin.cpp.orig 2019-03-19 13:06:45.000000000 -0500 -+++ ./src/plugins/VerticalTabs/verticaltabsplugin.cpp 2020-07-18 15:03:16.468303404 -0500 -@@ -31,6 +31,7 @@ - #include "desktopfile.h" - - #include <QSettings> -+#include <QFile> - - VerticalTabsPlugin::VerticalTabsPlugin() - : QObject() diff --git a/source/kde/kde/patch/ktexteditor.patch b/source/kde/kde/patch/ktexteditor.patch new file mode 100644 index 000000000..c658b7739 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor.patch @@ -0,0 +1,2 @@ +cat $CWD/patch/ktexteditor/804e4944.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +cat $CWD/patch/ktexteditor/c80f935c.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/source/kde/kde/patch/ktexteditor/804e4944.patch b/source/kde/kde/patch/ktexteditor/804e4944.patch new file mode 100644 index 000000000..854cf0da4 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor/804e4944.patch @@ -0,0 +1,104 @@ +From 804e49444c093fe58ec0df2ab436565e50dc147e Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann <cullmann@kde.org> +Date: Thu, 20 Jan 2022 09:46:34 +0100 +Subject: [PATCH] only start programs in user's path + +don't use QProcess with just program name +first search the right program in the user's path +--- + src/document/katedocument.cpp | 29 ++++++++++++++++------------ + src/swapfile/kateswapdiffcreator.cpp | 17 ++++++++++++---- + 2 files changed, 30 insertions(+), 16 deletions(-) + +diff --git a/src/document/katedocument.cpp b/src/document/katedocument.cpp +index 01f74da1..05d0e91b 100644 +--- a/src/document/katedocument.cpp ++++ b/src/document/katedocument.cpp +@@ -72,6 +72,7 @@ + #include <QMimeDatabase> + #include <QProcess> + #include <QRegularExpression> ++#include <QStandardPaths> + #include <QTemporaryFile> + #include <QTextCodec> + #include <QTextStream> +@@ -5054,18 +5055,22 @@ void KTextEditor::DocumentPrivate::slotDelayedHandleModOnHd() + // skip that, if document is modified! + // only do that, if the file is still there, else reload makes no sense! + if (m_modOnHd && !isModified() && QFile::exists(url().toLocalFile())) { +- QProcess git; +- const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; +- git.start(QStringLiteral("git"), args); +- if (git.waitForStarted()) { +- git.closeWriteChannel(); +- if (git.waitForFinished()) { +- if (git.exitCode() == 0) { +- // this hash exists still in git => just reload +- m_modOnHd = false; +- m_modOnHdReason = OnDiskUnmodified; +- m_prevModOnHdReason = OnDiskUnmodified; +- documentReload(); ++ // we only want to use git from PATH, cache this ++ static const QString fullGitPath = QStandardPaths::findExecutable(QStringLiteral("git")); ++ if (!fullGitPath.isEmpty()) { ++ QProcess git; ++ const QStringList args{QStringLiteral("cat-file"), QStringLiteral("-e"), QString::fromUtf8(oldDigest)}; ++ git.start(fullGitPath, args); ++ if (git.waitForStarted()) { ++ git.closeWriteChannel(); ++ if (git.waitForFinished()) { ++ if (git.exitCode() == 0) { ++ // this hash exists still in git => just reload ++ m_modOnHd = false; ++ m_modOnHdReason = OnDiskUnmodified; ++ m_prevModOnHdReason = OnDiskUnmodified; ++ documentReload(); ++ } + } + } + } +diff --git a/src/swapfile/kateswapdiffcreator.cpp b/src/swapfile/kateswapdiffcreator.cpp +index 5c515c45..a185123a 100644 +--- a/src/swapfile/kateswapdiffcreator.cpp ++++ b/src/swapfile/kateswapdiffcreator.cpp +@@ -14,6 +14,7 @@ + #include <KMessageBox> + + #include <QDir> ++#include <QStandardPaths> + #include <QTextCodec> + + // BEGIN SwapDiffCreator +@@ -85,17 +86,25 @@ void SwapDiffCreator::viewDiff() + connect(&m_proc, &QProcess::readyRead, this, &SwapDiffCreator::slotDataAvailable, Qt::UniqueConnection); + connect(&m_proc, &QProcess::finished, this, &SwapDiffCreator::slotDiffFinished, Qt::UniqueConnection); + +- // try to start diff process, if we can't be started be done with error +- m_proc.start(QStringLiteral("diff"), QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); +- if (!m_proc.waitForStarted()) { ++ // use diff from PATH only => inform if not found at all ++ const QString fullDiffPath = QStandardPaths::findExecutable(QStringLiteral("diff")); ++ if (fullDiffPath.isEmpty()) { + KMessageBox::sorry(nullptr, +- i18n("The diff command could not be started. Please make sure that " ++ i18n("The diff command could not be found. Please make sure that " + "diff(1) is installed and in your PATH."), + i18n("Error Creating Diff")); + deleteLater(); + return; + } + ++ // try to start the diff program, might fail, too ++ m_proc.start(fullDiffPath, QStringList() << QStringLiteral("-u") << m_originalFile.fileName() << m_recoveredFile.fileName()); ++ if (!m_proc.waitForStarted()) { ++ KMessageBox::sorry(nullptr, i18n("The diff command '%1' could not be started.").arg(fullDiffPath), i18n("Error Creating Diff")); ++ deleteLater(); ++ return; ++ } ++ + // process is up and running, we can write data to it + QTextStream ts(&m_proc); + int lineCount = recoverDoc.lines(); +-- +GitLab + diff --git a/source/kde/kde/patch/ktexteditor/c80f935c.patch b/source/kde/kde/patch/ktexteditor/c80f935c.patch new file mode 100644 index 000000000..8cccfe3a9 --- /dev/null +++ b/source/kde/kde/patch/ktexteditor/c80f935c.patch @@ -0,0 +1,55 @@ +From c80f935c345de2e2fb10635202800839ca9697bf Mon Sep 17 00:00:00 2001 +From: Christoph Cullmann <cullmann@kde.org> +Date: Thu, 20 Jan 2022 10:30:20 +0100 +Subject: [PATCH] only execute diff in path + +--- + src/dialogs/katedialogs.cpp | 5 +++-- + src/dialogs/katedialogs.h | 1 + + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/dialogs/katedialogs.cpp b/src/dialogs/katedialogs.cpp +index 5b949f36..63a58aee 100644 +--- a/src/dialogs/katedialogs.cpp ++++ b/src/dialogs/katedialogs.cpp +@@ -1317,6 +1317,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + : QObject(doc) + , m_doc(doc) + , m_modtype(modtype) ++ , m_fullDiffPath(QStandardPaths::findExecutable(QStringLiteral("diff"))) + , m_proc(nullptr) + , m_diffFile(nullptr) + , m_diffAction(nullptr) +@@ -1334,7 +1335,7 @@ KateModOnHdPrompt::KateModOnHdPrompt(KTextEditor::DocumentPrivate *doc, KTextEdi + m_message->addAction(aAutoReload, false); + connect(aAutoReload, &QAction::triggered, this, &KateModOnHdPrompt::autoReloadTriggered); + +- if (!QStandardPaths::findExecutable(QStringLiteral("diff")).isEmpty()) { ++ if (!m_fullDiffPath.isEmpty()) { + m_diffAction = new QAction(i18n("View &Difference"), this); + m_diffAction->setIcon(QIcon::fromTheme(QStringLiteral("document-multiple"))); + m_diffAction->setToolTip(i18n("Shows a diff of the changes")); +@@ -1394,7 +1395,7 @@ void KateModOnHdPrompt::slotDiff() + // Start a KProcess that creates a diff + m_proc = new KProcess(this); + m_proc->setOutputChannelMode(KProcess::MergedChannels); +- *m_proc << QStringLiteral("diff") << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); ++ *m_proc << m_fullDiffPath << QStringLiteral("-u") << QStringLiteral("-") << m_doc->url().toLocalFile(); + connect(m_proc, &KProcess::readyRead, this, &KateModOnHdPrompt::slotDataAvailable); + connect(m_proc, &KProcess::finished, this, &KateModOnHdPrompt::slotPDone); + +diff --git a/src/dialogs/katedialogs.h b/src/dialogs/katedialogs.h +index 80b611d9..e5574023 100644 +--- a/src/dialogs/katedialogs.h ++++ b/src/dialogs/katedialogs.h +@@ -376,6 +376,7 @@ private: + KTextEditor::DocumentPrivate *m_doc; + QPointer<KTextEditor::Message> m_message; + KTextEditor::ModificationInterface::ModifiedOnDiskReason m_modtype; ++ QString m_fullDiffPath; + KProcess *m_proc; + QTemporaryFile *m_diffFile; + QAction *m_diffAction; +-- +GitLab + |