[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#869574: stretch-pu: package kdepim/4:16.04.3-4

Control: tags -1 - moreinfo
 
> We'll need to see a debdiff of the proposed package, built and tested on
> stretch, before going any further, please.

The debdiff is the version, that is currently in testing. The diff was created 
when testing was in deep freeze, so actually the version state, that is now in 
stretch. The versionnumber may need to be adjusted.

Best Regards,

sandro
diff -Nru kdepim-16.04.3/debian/changelog kdepim-16.04.3/debian/changelog
--- kdepim-16.04.3/debian/changelog	2016-11-23 14:38:49.000000000 +0100
+++ kdepim-16.04.3/debian/changelog	2017-06-17 12:12:03.000000000 +0200
@@ -1,3 +1,13 @@
+kdepim (4:16.04.3-4) unstable; urgency=high
+
+  * Team upload.
+
+  [ Sandro Knauß ]
+  * Fix CVE-2017-9604: Send Later with Delay bypasses OpenPGP (Closes: #864804)
+    - Added upstream patch fix-CVE-2017-9604.patch
+
+ -- Sandro Knauß <hefee@debian.org>  Sat, 17 Jun 2017 12:12:03 +0200
+
 kdepim (4:16.04.3-3) unstable; urgency=medium
 
   * Team upload.
diff -Nru kdepim-16.04.3/debian/patches/fix-CVE-2017-9604.patch kdepim-16.04.3/debian/patches/fix-CVE-2017-9604.patch
--- kdepim-16.04.3/debian/patches/fix-CVE-2017-9604.patch	1970-01-01 01:00:00.000000000 +0100
+++ kdepim-16.04.3/debian/patches/fix-CVE-2017-9604.patch	2017-06-17 11:29:50.000000000 +0200
@@ -0,0 +1,62 @@
+From 78c5552be2f00a4ac25bd77ca39386522fca70a8 Mon Sep 17 00:00:00 2001
+From: Montel Laurent <montel@kde.org>
+Date: Fri, 2 Jun 2017 13:59:02 +0200
+Subject: Make sure that we use plugin when we use sendlater feature
+
+---
+ kmail/editor/kmcomposerwin.cpp | 9 +++++----
+ kmail/editor/kmcomposerwin.h   | 3 ++-
+ 2 files changed, 7 insertions(+), 5 deletions(-)
+
+--- a/kmail/editor/kmcomposerwin.cpp
++++ b/kmail/editor/kmcomposerwin.cpp
+@@ -2376,7 +2376,7 @@ void KMComposerWin::printComposeResult(K
+ }
+ 
+ void KMComposerWin::doSend(MessageComposer::MessageSender::SendMethod method,
+-                           MessageComposer::MessageSender::SaveIn saveIn)
++                           MessageComposer::MessageSender::SaveIn saveIn, bool willSendItWithoutReediting)
+ {
+     if (mStorageService->numProgressUpdateFile() > 0) {
+         KMessageBox::sorry(this, i18np("There is %1 file upload in progress.",
+@@ -2391,7 +2391,7 @@ void KMComposerWin::doSend(MessageCompos
+         }
+     }
+ 
+-    if (saveIn == MessageComposer::MessageSender::SaveInNone) {   // don't save as draft or template, send immediately
++    if (saveIn == MessageComposer::MessageSender::SaveInNone || willSendItWithoutReediting) {   // don't save as draft or template, send immediately
+         if (KEmailAddress::firstEmailAddress(from()).isEmpty()) {
+             if (!(mShowHeaders & HDR_FROM)) {
+                 mShowHeaders |= HDR_FROM;
+@@ -2558,6 +2558,7 @@ void KMComposerWin::slotSendLater()
+     if (!checkRecipientNumber()) {
+         return;
+     }
++    mComposerBase->setSendLaterInfo(nullptr);
+     if (mComposerBase->editor()->checkExternalEditorFinished()) {
+         const bool wasRegistered = (SendLater::SendLaterUtil::sentLaterAgentWasRegistered() && SendLater::SendLaterUtil::sentLaterAgentEnabled());
+         if (wasRegistered) {
+@@ -2580,9 +2581,9 @@ void KMComposerWin::slotSendLater()
+                 case SendLater::SendLaterDialog::SendDeliveryAtTime: {
+                     mComposerBase->setSendLaterInfo(info);
+                     if (info->isRecurrence()) {
+-                        doSend(MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInTemplates);
++                        doSend(MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInTemplates, true);
+                     } else {
+-                        doSend(MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInDrafts);
++                        doSend(MessageComposer::MessageSender::SendLater, MessageComposer::MessageSender::SaveInDrafts, true);
+                     }
+                     break;
+                 }
+--- a/kmail/editor/kmcomposerwin.h
++++ b/kmail/editor/kmcomposerwin.h
+@@ -510,7 +510,8 @@ private:
+      * Send the message.
+      */
+     void doSend(MessageComposer::MessageSender::SendMethod method = MessageComposer::MessageSender::SendDefault,
+-                MessageComposer::MessageSender::SaveIn saveIn = MessageComposer::MessageSender::SaveInNone);
++                MessageComposer::MessageSender::SaveIn saveIn = MessageComposer::MessageSender::SaveInNone,
++                bool willSendItWithoutReediting = false);
+ 
+     void doDelayedSend(MessageComposer::MessageSender::SendMethod method, MessageComposer::MessageSender::SaveIn saveIn);
+ 
diff -Nru kdepim-16.04.3/debian/patches/series kdepim-16.04.3/debian/patches/series
--- kdepim-16.04.3/debian/patches/series	2016-11-23 13:27:45.000000000 +0100
+++ kdepim-16.04.3/debian/patches/series	2017-06-17 11:22:47.000000000 +0200
@@ -4,3 +4,4 @@
 fix_crash_on_exit.patch
 fix_crash_when_a_second_instance_of_KAlarm_is_started.patch
 konsolekalendar_help.patch
+fix-CVE-2017-9604.patch

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: