Fix security vulnerability.

Package-Manager: portage-2.2.14/cvs/Linux x86_64

4 files changed, 230 insertions, 2 deletions

diff --git a/kde-base/systemsettings/ChangeLog b/kde-base/systemsettings/ChangeLog
index 51f7639cedb7..8a1bb270ba96 100644
--- a/kde-base/systemsettings/ChangeLog
+++ b/kde-base/systemsettings/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for kde-base/systemsettings
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/kde-base/systemsettings/ChangeLog,v 1.265 2014/10/25 20:03:17 mrueg Exp $
+# $Header: /var/cvsroot/gentoo-x86/kde-base/systemsettings/ChangeLog,v 1.266 2014/11/06 18:29:06 mrueg Exp $
+
+*systemsettings-4.11.13-r1 (06 Nov 2014)
+
+  06 Nov 2014; Manuel Rüger <mrueg@gentoo.org>
+  +files/systemsettings-4.11.13-kcm-dateandtime.patch,
+  +systemsettings-4.11.13-r1.ebuild:
+  Fix security vulnerability.
 
 *systemsettings-4.11.13 (25 Oct 2014)
 
diff --git a/kde-base/systemsettings/Manifest b/kde-base/systemsettings/Manifest
index 3bf5d6560388..b73f3b8f9208 100644
--- a/kde-base/systemsettings/Manifest
+++ b/kde-base/systemsettings/Manifest
@@ -1,3 +1,4 @@
+AUX systemsettings-4.11.13-kcm-dateandtime.patch 4422 SHA256 c6e41ebc0ed39c5b1bdc9031d75b4a7f628ea88e3304a7651407eed0db81da90 SHA512 960fc3b97b1d2699bf1d5bd656e9ccae025c8231bbbc3d8d77e2a85b5a1a845d195b144b12bebfed8dca6e05b1ef80c5801ab94c60b912470deac9b2f32d8d35 WHIRLPOOL 5b008c636b07785e01f26d924a2d5f1cfdec84cd3cd609e6c914c3752ab398b47fcbab0fa20f633de5c826b14cf2c467eb04c79d279c0aeebbe10dec52d81a7e
 AUX systemsettings-kcm-randr.patch 909 SHA256 5ff8877c3d4b564777343332b9a2aeb78a41c96b0ffcbfc546ea278f807c3568 SHA512 67f9b8897621ada915aea68904c6417cef8698b6b58c827b4dede79df9c9f7d15b6aa07fa7662ddf0163139b85d6e2e8c991654d72f01d33a7b1eb76d15272dc WHIRLPOOL 906f487f5a3e4442e77533dd8c957026bbe04e16260ade2c75289a42f36e0c4452a56169381858dddda49fcbece0a712c62906724367de5f3e2347180ef73680
 DIST kde-workspace-4.11.11.tar.xz 13534816 SHA256 f188b003c56d2a40f71d4eea8c91b7ae0febcf25c252c383913281fce73c4d73 SHA512 0f8076150f498e84875da1b18f8d596b0c16a3f5ddf5a838133fc9345f79c10faa7ff9c0f627c17b5dac5058af39c367d8a62b51d212ccbd07a0faded390d5f7 WHIRLPOOL a6a054029c27aec255b73b3a8fc67d496328b748935526f6a51ad806eadddd0975331d2f554c39d59b851e1f2299363607c2cb3c6d9ac0e90a2989a3cf52a291
 DIST kde-workspace-4.11.12.tar.xz 13535944 SHA256 09d8ae1ac1b704fc919bdedfec47c6561033dca125b0096cb9ed398445fa942f SHA512 e2fa4582d96ee1207828afedf6249b7300033c60bfb688b36d181d58d444de6df4843ea309510ca212aa9e1393b1b52264714e8d6067a6ea059eace273bcb47b WHIRLPOOL 2fb643d348ae9fa7b709625607ff55f94ff65bf2d7256ac545ad390da9e18e065dffce0d83a35c9248d83e44d028be5312c6b8bdc8ce6fb57603d33f71004561
@@ -5,8 +6,9 @@ DIST kde-workspace-4.11.13.tar.xz 13536880 SHA256 80b916d49713e75250b2bd3358d0c0
 DIST kde-workspace-4.11.9.tar.xz 13536252 SHA256 aa3d12a264e7fcb6c1330e800b9c7d43c00277275d182824d42f9fe1def0c0cf SHA512 9f4292144981a94ccd9cfcd9a70ce673c3212c9962cce049668b15b86c5a037dfe0a4b0acfa4ad0c4c2902ded2b17521cbcff7e2411af7efb4c05af5b9465c81 WHIRLPOOL 26327aaee0ac92a6d8f9d9981b1f1cd4d2090d1124a7435301c55287228b57dba1f50814753abb468080787514ed19a60099ede0764d1bc09e76d948f1360879
 EBUILD systemsettings-4.11.11.ebuild 2225 SHA256 f9d59eb6931660b04c15468324f2f7c9a1abc8d6dabbbabecc08f0d416e96f47 SHA512 86f41a57a3fb9301438174d7166436e59f5295c3871c239ed9105822916778b9b096d05b8873d077c27c152105e16661b544b849571a03815faf50933c3375a7 WHIRLPOOL 569e442f736799e9db031825c1c3174d2f69b312db470312e1d51bfaf74cc89a9eb8ff3a7de7adfc5ec0b31c05f0878420c18750dca116c732612a79357f2c76
 EBUILD systemsettings-4.11.12.ebuild 2224 SHA256 145fcc872342b341b7219561e9a779afb791a713fb5a68bcfead2f545aba327c SHA512 e76c628e4c937ce3fed87c267c9a1fdb40ed352c2639a582e7508c502062e7df628113d4b67e10afa00ef581a98eaadc25ac5a6eeaf6ae396bf299bfb80204a4 WHIRLPOOL 5999e789fd322051aa79ae0c5c7ecce78f66cc587321f0d39cfa832768ca1adc7d36f9e458eda73fe6bc429cd74a5b7932c6b2fed9ded2892edf8d9fded41390
+EBUILD systemsettings-4.11.13-r1.ebuild 2395 SHA256 d2f053e435afc5a8003d3636656b6660006f3df05a52cca4260e2475ac53c88d SHA512 583b138fa39d079badafc1db6d8567d91ee7d4e06cef7f3310eae2c89a8017b085f9fd75bd6c881c863ab809209ca64898c86bc2061a2494cb50b131f0bf9c09 WHIRLPOOL f499155f7a4c3cbf60d19b1f68eda690a3352da48e7408e0890cbe065719e45b28047c52586025a253cd974da7deb16ceb1357b37cf433a542b71fe6156501d7
 EBUILD systemsettings-4.11.13.ebuild 2351 SHA256 5854f8956f353b384b9b2e64c9dd61f8ef1250e06adccf58fae5040608a0e770 SHA512 ed15e8f2ec32e2429ad63c6b8336f3f54fdafc5977d6f6b5b96459f8ecc9a69d72e5c27daa502fda80efa8d4a2578abb7aa07755333400f00978e1e65aeeb1bc WHIRLPOOL 0f22057b459d2be2b2a4b65f10569de7060fb6dcac56517700c356d83942e2b58c8cf7e2043ef8d1225fdc811e4c4f64b9e6126bd47927004baa0d2bfaef752a
 EBUILD systemsettings-4.11.9-r1.ebuild 2220 SHA256 e69fb2c8bd16c295467f4d3963e2cf26ca8135a6913bf2e9cacf1d485f755e9a SHA512 e5ccb3de229d1a1247c43880872d9e996a21dc152045d8fa30eb45598be78e3b3da78be60c34883fe7e7044527a10643349c0545d421e8e18b0e6aec2ba719f6 WHIRLPOOL a89399d1dce574ea680fe2fcaf24e3a08d1953297381b2e3b85cedaa434f241d997831120999f4d71c671d28e78e7c937249686509375fae0c3b6b3b3d994822
 EBUILD systemsettings-4.11.9.ebuild 2230 SHA256 a0da17b52d841a3df1f21d267107fcbc3968532508070a55326643f76205080e SHA512 56ebfd42a805aa7f704d7fe025de1d850bc2669967c554532f00e66b23ffd0d4d5cc328b69fe231a1376789a49a1bd0db3fcf43db0bb5ca7f5a12359d55e4358 WHIRLPOOL b9ce0dbf0254866f2e673f8a0dfc731d067bf9727024b0f8b6e1cc9eacabc5455c1df0fb6a81272b384e7e01703084fbb0980886f591cb878e605c7c1bb9ffeb
-MISC ChangeLog 36529 SHA256 5ff686265250d9e3cc955a93e1e9bd7c43e6948ce5fe3e8d9677dbd4083b2c83 SHA512 7b97134a2a4802aeb9ba3605cefd389134b2c6193e8e9f1c98857d2a09fe465dfdcf64a3d8625aa208f285afe339c17c238a7d1b7de3e3aa52657e60992feb3d WHIRLPOOL f758e7cf7a2a12eb054e2c8c5d57b2897cac222f6ba54c693f9311c07402b122573f0eb2cc969f4dbb6b819e1f22ce57392a8d53e9a117e01f4451fa6a3a60e4
+MISC ChangeLog 36742 SHA256 b9ff64fa081ff3a1030adec92fc824cb1ddb3561c25cf4596d3bf3a43147bfac SHA512 19d307fdd5eb1d4f8012556d070982b3895e65f2cbf90b370023f8834e91ebb708499e446ded1bd24feb85535a8b904d6ee5c1f6771d2b571eae1cb623c3fc43 WHIRLPOOL 7cd72175e1a4ca9d9f133b06b6f4a0d388e5f9f5662c4f980838ef447cc138695b7042ce20ee33a6d58a218c62ff83bed15174f97c397861bd0d50eebe397f5c
 MISC metadata.xml 345 SHA256 a665c9084b2515e3b3d7e82ea9cd4bf09580b92e31bbc7fb9a17f3f23edbc8a4 SHA512 c0ee3b2e5d7f698add2af73be54a7a7584723c578e5c45316b9642e85435aa0973d7dd7a904e4777c5e6544e00a0889df4d9f2dc652f77b43dc0ac202044488c WHIRLPOOL 792ab0b2c5f9b81da4fa8b5cc23987ed901a7509562fefc9a7f858cdb788612c90b2e75f5b55bd951eda8d7c9318c3b20b6c2cfd2499f804b333be0bab647893
diff --git a/kde-base/systemsettings/files/systemsettings-4.11.13-kcm-dateandtime.patch b/kde-base/systemsettings/files/systemsettings-4.11.13-kcm-dateandtime.patch
new file mode 100644
index 000000000000..85d88a8ffa13
--- /dev/null
+++ b/kde-base/systemsettings/files/systemsettings-4.11.13-kcm-dateandtime.patch
@@ -0,0 +1,119 @@
+diff --git a/kcontrol/dateandtime/dtime.cpp b/kcontrol/dateandtime/dtime.cpp
+index 518afe5..68485bb 100644
+--- a/kcontrol/dateandtime/dtime.cpp
++++ b/kcontrol/dateandtime/dtime.cpp
+@@ -142,27 +142,15 @@ void Dtime::serverTimeCheck() {
+   //kclock->setEnabled(enabled);
+ }
+ 
+-void Dtime::findNTPutility(){
+-  QByteArray envpath = qgetenv("PATH");
+-  if (!envpath.isEmpty() && envpath[0] == ':') {
+-    envpath = envpath.mid(1);
+-  }
+-
+-  QString path = "/sbin:/usr/sbin:";
+-  if (!envpath.isEmpty()) {
+-    path += QString::fromLocal8Bit(envpath);
+-  } else {
+-    path += QLatin1String("/bin:/usr/bin");
+-  }
+-
+-  foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) {
+-    if( !((ntpUtility = KStandardDirs::findExe(possible_ntputility, path)).isEmpty()) ) {
+-      kDebug() << "ntpUtility = " << ntpUtility;
+-      return;
++void Dtime::findNTPutility()
++{
++    const QString exePath = QLatin1String("/usr/sbin:/usr/bin:/sbin:/bin");
++    foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) {
++        ntpUtility = KStandardDirs::findExe(possible_ntputility, exePath);
++        if (!ntpUtility.isEmpty()) {
++            return;
++        }
+     }
+-  }
+-
+-  kDebug() << "ntpUtility not found!";
+ }
+ 
+ void Dtime::set_time()
+@@ -238,7 +226,6 @@ void Dtime::save( QVariantMap& helperargs )
+   helperargs["ntp"] = true;
+   helperargs["ntpServers"] = list;
+   helperargs["ntpEnabled"] = setDateTimeAuto->isChecked();
+-  helperargs["ntpUtility"] = ntpUtility;
+ 
+   if(setDateTimeAuto->isChecked() && !ntpUtility.isEmpty()){
+     // NTP Time setting - done in helper
+diff --git a/kcontrol/dateandtime/helper.cpp b/kcontrol/dateandtime/helper.cpp
+index 9168db3..21fc51a 100644
+--- a/kcontrol/dateandtime/helper.cpp
++++ b/kcontrol/dateandtime/helper.cpp
+@@ -52,8 +52,18 @@
+ // clears it. So we have to use a reasonable default.
+ static const QString exePath = QLatin1String("/usr/sbin:/usr/bin:/sbin:/bin");
+ 
+-int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled,
+-                      const QString& ntpUtility )
++static QString findNtpUtility()
++{
++    foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) {
++        const QString ntpUtility = KStandardDirs::findExe(possible_ntputility, exePath);
++        if (!ntpUtility.isEmpty()) {
++            return ntpUtility;
++        }
++    }
++    return QString();
++}
++
++int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled )
+ {
+   int ret = 0;
+ 
+@@ -69,6 +79,8 @@ int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled,
+   config.writeEntry("servers", ntpServers );
+   config.writeEntry("enabled", ntpEnabled );
+ 
++  QString ntpUtility(findNtpUtility());
++
+   if ( ntpEnabled && !ntpUtility.isEmpty() ) {
+     // NTP Time setting
+     QString timeServer = ntpServers.first();
+@@ -111,6 +123,13 @@ int ClockHelper::date( const QString& newdate, const QString& olddate )
+ int ClockHelper::tz( const QString& selectedzone )
+ {
+     int ret = 0;
++
++    //only allow letters, numbers hyphen underscore plus and forward slash
++    //allowed pattern taken from time-util.c in systemd
++    if (!QRegExp("[a-zA-Z0-9-_+/]*").exactMatch(selectedzone)) {
++        return ret;
++    }
++
+ #if defined(USE_SOLARIS)	// MARCO
+ 
+         KTemporaryFile tf;
+@@ -227,7 +246,7 @@ ActionReply ClockHelper::save(const QVariantMap &args)
+   int ret = 0; // error code
+ //  The order here is important
+   if( _ntp )
+-    ret |= ntp( args.value("ntpServers").toStringList(), args.value("ntpEnabled").toBool(), args.value("ntpUtility").toString() );
++    ret |= ntp( args.value("ntpServers").toStringList(), args.value("ntpEnabled").toBool());
+   if( _date )
+     ret |= date( args.value("newdate").toString(), args.value("olddate").toString() );
+   if( _tz )
+diff --git a/kcontrol/dateandtime/helper.h b/kcontrol/dateandtime/helper.h
+index 1cbf103..fea71ba 100644
+--- a/kcontrol/dateandtime/helper.h
++++ b/kcontrol/dateandtime/helper.h
+@@ -42,8 +42,7 @@ class ClockHelper : public QObject
+         ActionReply save(const QVariantMap &map);
+ 
+     private:
+-        int ntp(const QStringList& ntpServers, bool ntpEnabled,
+-                const QString& ntpUtility);
++        int ntp(const QStringList& ntpServers, bool ntpEnabled);
+         int date(const QString& newdate, const QString& olddate);
+         int tz(const QString& selectedzone);
+         int tzreset();
diff --git a/kde-base/systemsettings/systemsettings-4.11.13-r1.ebuild b/kde-base/systemsettings/systemsettings-4.11.13-r1.ebuild
new file mode 100644
index 000000000000..357757c2719b
--- /dev/null
+++ b/kde-base/systemsettings/systemsettings-4.11.13-r1.ebuild
@@ -0,0 +1,100 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/kde-base/systemsettings/systemsettings-4.11.13-r1.ebuild,v 1.1 2014/11/06 18:29:06 mrueg Exp $
+
+EAPI=5
+
+KDE_HANDBOOK="optional"
+KMNAME="kde-workspace"
+OPENGL_REQUIRED="optional"
+VIRTUALX_REQUIRED="test"
+VIRTUALDBUS_TEST="true"
+inherit kde4-meta
+
+DESCRIPTION="System settings utility"
+HOMEPAGE+=" http://userbase.kde.org/System_Settings"
+IUSE="debug gtk +kscreen nepomuk +usb"
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
+
+COMMONDEPEND="
+	app-misc/strigi
+	dev-libs/glib:2
+	$(add_kdebase_dep kwin)
+	$(add_kdebase_dep libkworkspace)
+	media-libs/fontconfig
+	>=media-libs/freetype-2
+	>=x11-libs/libxklavier-3.2
+	x11-libs/libX11
+	x11-libs/libXcursor
+	x11-libs/libXext
+	x11-libs/libXfixes
+	x11-libs/libXft
+	x11-libs/libXi
+	x11-libs/libxkbfile
+	x11-libs/libXrandr
+	x11-libs/libXtst
+	opengl? ( virtual/opengl )
+	usb? ( virtual/libusb:0 )
+"
+DEPEND="${COMMONDEPEND}
+	x11-proto/kbproto
+	x11-proto/xextproto
+"
+RDEPEND="${COMMONDEPEND}
+	sys-libs/timezone-data
+	x11-apps/setxkbmap
+	x11-misc/xkeyboard-config
+	gtk? ( kde-misc/kde-gtk-config )
+	kscreen? ( kde-misc/kscreen )
+	nepomuk? ( $(add_kdebase_dep nepomuk) )
+"
+
+KMEXTRA="
+	kcontrol/
+"
+KMEXTRACTONLY="
+	krunner/dbus/org.kde.krunner.App.xml
+	krunner/dbus/org.kde.screensaver.xml
+	ksmserver/screenlocker/dbus/org.kde.screensaver.xml
+	kwin/
+	libs/
+	plasma/
+"
+# fails to connect to a kded instance
+RESTRICT="test"
+
+PATCHES=( "${FILESDIR}"/${PN}-kcm-randr.patch "${FILESDIR}"/${P}-kcm-dateandtime.patch )
+
+src_unpack() {
+	if use handbook; then
+		KMEXTRA+="
+			doc/kcontrol
+			doc/kfontview
+		"
+	fi
+
+	kde4-meta_src_unpack
+}
+
+src_prepare() {
+	sed -i -e 's/systemsettingsrc DESTINATION ${SYSCONF_INSTALL_DIR}/systemsettingsrc DESTINATION ${CONFIG_INSTALL_DIR}/' \
+		systemsettings/CMakeLists.txt \
+		|| die "Failed to fix systemsettingsrc install location"
+
+	kde4-meta_src_prepare
+}
+
+# FIXME: is have_openglxvisual found without screensaver
+src_configure() {
+	# Old keyboard-detection code is unmaintained,
+	# so we force the new stuff, using libxklavier.
+	local mycmakeargs=(
+		-DUSE_XKLAVIER=ON -DWITH_LibXKlavier=ON
+		-DWITH_GLIB2=ON -DWITH_GObject=ON
+		-DBUILD_KCM_RANDR=$(usex !kscreen)
+		$(cmake-utils_use_with opengl OpenGL)
+		$(cmake-utils_use_with usb)
+	)
+
+	kde4-meta_src_configure
+}