diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2017-01-07 14:01:36 +0100 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-01-07 14:01:36 +0100 |
commit | 2cf4f014d8881fd140be957d5de57ddbbd1e3974 (patch) | |
tree | 9d019372ca6a7de9f6247165005d1366e5e0562b /kde-apps/ark | |
parent | sys-block/partitionmanager: Drop old (diff) | |
download | gentoo-2cf4f014d8881fd140be957d5de57ddbbd1e3974.tar.gz gentoo-2cf4f014d8881fd140be957d5de57ddbbd1e3974.tar.bz2 gentoo-2cf4f014d8881fd140be957d5de57ddbbd1e3974.zip |
kde-apps/ark: Disable shell script execution
Gentoo-bug: 604846
Package-Manager: portage-2.3.0
Diffstat (limited to 'kde-apps/ark')
-rw-r--r-- | kde-apps/ark/ark-16.08.3-r1.ebuild | 70 | ||||
-rw-r--r-- | kde-apps/ark/ark-16.12.0-r1.ebuild | 70 | ||||
-rw-r--r-- | kde-apps/ark/files/ark-16.12.0-disable-executables.patch | 25 |
3 files changed, 165 insertions, 0 deletions
diff --git a/kde-apps/ark/ark-16.08.3-r1.ebuild b/kde-apps/ark/ark-16.08.3-r1.ebuild new file mode 100644 index 000000000000..5c128ad38e71 --- /dev/null +++ b/kde-apps/ark/ark-16.08.3-r1.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +KDE_HANDBOOK="forceoptional" +KDE_TEST="optional" +VIRTUALX_REQUIRED="test" +inherit kde5 + +DESCRIPTION="KDE Archiving tool" +HOMEPAGE="https://www.kde.org/applications/utilities/ark +https://utils.kde.org/projects/ark" +KEYWORDS="~amd64 ~x86" +IUSE="bzip2 lzma zlib" + +RDEPEND=" + $(add_frameworks_dep karchive) + $(add_frameworks_dep kcompletion) + $(add_frameworks_dep kconfig) + $(add_frameworks_dep kconfigwidgets) + $(add_frameworks_dep kcoreaddons) + $(add_frameworks_dep kcrash) + $(add_frameworks_dep kdbusaddons) + $(add_frameworks_dep ki18n) + $(add_frameworks_dep kiconthemes) + $(add_frameworks_dep kio) + $(add_frameworks_dep kjobwidgets) + $(add_frameworks_dep kparts) + $(add_frameworks_dep kpty) + $(add_frameworks_dep kservice) + $(add_frameworks_dep kwidgetsaddons) + $(add_frameworks_dep kxmlgui) + $(add_qt_dep qtdbus) + $(add_qt_dep qtgui) + $(add_qt_dep qtwidgets) + >=app-arch/libarchive-3.1.0[bzip2?,lzma?,zlib?] +" +DEPEND="${RDEPEND} + $(add_qt_dep qtconcurrent) + sys-devel/gettext +" + +# bug #560548, last checked with 16.04.1 +RESTRICT="test" + +PATCHES=( "${FILESDIR}/${PN}-16.12.0-disable-executables.patch" ) + +src_configure() { + local mycmakeargs=( + $(cmake-utils_use_find_package bzip2 BZip2) + $(cmake-utils_use_find_package lzma LibLZMA) + $(cmake-utils_use_find_package zlib ZLIB) + ) + + kde5_src_configure +} + +pkg_postinst() { + kde5_pkg_postinst + + if ! has_version app-arch/unar ; then + elog "For handling rar archives, install app-arch/unar" + fi + + if ! has_version app-arch/p7zip ; then + elog "For handling 7-Zip archives, install app-arch/p7zip" + fi +} diff --git a/kde-apps/ark/ark-16.12.0-r1.ebuild b/kde-apps/ark/ark-16.12.0-r1.ebuild new file mode 100644 index 000000000000..a00cb5780743 --- /dev/null +++ b/kde-apps/ark/ark-16.12.0-r1.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +KDE_HANDBOOK="forceoptional" +KDE_TEST="optional" +VIRTUALX_REQUIRED="test" +inherit kde5 + +DESCRIPTION="KDE Archiving tool" +HOMEPAGE="https://www.kde.org/applications/utilities/ark +https://utils.kde.org/projects/ark" +KEYWORDS="~amd64 ~x86" +IUSE="bzip2 lzma zlib" + +RDEPEND=" + $(add_frameworks_dep karchive) + $(add_frameworks_dep kcompletion) + $(add_frameworks_dep kconfig) + $(add_frameworks_dep kconfigwidgets) + $(add_frameworks_dep kcoreaddons) + $(add_frameworks_dep kcrash) + $(add_frameworks_dep kdbusaddons) + $(add_frameworks_dep ki18n) + $(add_frameworks_dep kiconthemes) + $(add_frameworks_dep kio) + $(add_frameworks_dep kjobwidgets) + $(add_frameworks_dep kparts) + $(add_frameworks_dep kpty) + $(add_frameworks_dep kservice) + $(add_frameworks_dep kwidgetsaddons) + $(add_frameworks_dep kxmlgui) + $(add_qt_dep qtdbus) + $(add_qt_dep qtgui) + $(add_qt_dep qtwidgets) + >=app-arch/libarchive-3.1.0[bzip2?,lzma?,zlib?] +" +DEPEND="${RDEPEND} + $(add_qt_dep qtconcurrent) + sys-devel/gettext +" + +# bug #560548, last checked with 16.04.1 +RESTRICT+=" test" + +PATCHES=( "${FILESDIR}/${P}-disable-executables.patch" ) + +src_configure() { + local mycmakeargs=( + $(cmake-utils_use_find_package bzip2 BZip2) + $(cmake-utils_use_find_package lzma LibLZMA) + $(cmake-utils_use_find_package zlib ZLIB) + ) + + kde5_src_configure +} + +pkg_postinst() { + kde5_pkg_postinst + + if ! has_version app-arch/unar ; then + elog "For handling rar archives, install app-arch/unar" + fi + + if ! has_version app-arch/p7zip ; then + elog "For handling 7-Zip archives, install app-arch/p7zip" + fi +} diff --git a/kde-apps/ark/files/ark-16.12.0-disable-executables.patch b/kde-apps/ark/files/ark-16.12.0-disable-executables.patch new file mode 100644 index 000000000000..35cd3046599e --- /dev/null +++ b/kde-apps/ark/files/ark-16.12.0-disable-executables.patch @@ -0,0 +1,25 @@ +commit 82fdfd24d46966a117fa625b68784735a40f9065 +Author: Elvis Angelaccio <elvis.angelaccio@kde.org> +Date: Fri Jan 6 15:35:46 2017 +0100 + + Stop running executables when opening urls + + This is a security risk because it's not clear when an entry in an + archive is an executable. + + BUG: 374572 + FIXED-IN: 16.12.1 + +diff --git a/part/part.cpp b/part/part.cpp +index f1adf21..80f657b 100644 +--- a/part/part.cpp ++++ b/part/part.cpp +@@ -988,7 +988,7 @@ void Part::slotOpenExtractedEntry(KJob *job) + } else { + KRun::runUrl(QUrl::fromUserInput(fullName, QString(), QUrl::AssumeLocalFile), + QMimeDatabase().mimeTypeForFile(fullName).name(), +- widget()); ++ widget(), false, false); + } + } else if (job->error() != KJob::KilledJobError) { + KMessageBox::error(widget(), job->errorString()); |