diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2020-03-25 17:40:49 +0100 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2020-03-25 17:41:27 +0100 |
| commit | 3fe9da9fdba4143d89df7f86898af4e12fd779c2 (patch) | |
| tree | a707b29621a58f9aeb5265d878e46e9a81f697bb | |
| parent | dev-go/get-ego-vendor: update description (diff) | |
| download | gentoo-3fe9da9fdba4143d89df7f86898af4e12fd779c2.tar.gz gentoo-3fe9da9fdba4143d89df7f86898af4e12fd779c2.tar.bz2 gentoo-3fe9da9fdba4143d89df7f86898af4e12fd779c2.zip | |
x11-plugins/enigmail: security cleanup (bug #706134)
Bug: https://bugs.gentoo.org/706134
Package-Manager: Portage-2.3.94, Repoman-2.3.21
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
| -rw-r--r-- | x11-plugins/enigmail/Manifest | 3 | ||||
| -rw-r--r-- | x11-plugins/enigmail/enigmail-2.0.12-r1.ebuild | 84 | ||||
| -rw-r--r-- | x11-plugins/enigmail/enigmail-2.0.8-r1.ebuild | 83 | ||||
| -rw-r--r-- | x11-plugins/enigmail/enigmail-2.1.2-r1.ebuild | 85 | ||||
| -rw-r--r-- | x11-plugins/enigmail/enigmail-2.1.2.ebuild | 84 | ||||
| -rw-r--r-- | x11-plugins/enigmail/files/enigmail-2.0.12-enable_seamonkey_support.patch | 20 | ||||
| -rw-r--r-- | x11-plugins/enigmail/files/enigmail-2.1.2-mimeverify.patch | 44 |
7 files changed, 0 insertions, 403 deletions
diff --git a/x11-plugins/enigmail/Manifest b/x11-plugins/enigmail/Manifest index f443290159d7..56484559736e 100644 --- a/x11-plugins/enigmail/Manifest +++ b/x11-plugins/enigmail/Manifest @@ -1,4 +1 @@ -DIST enigmail-2.0.12.tar.gz 2614589 BLAKE2B 3db6f595c14e02cfdc71bebc763d05926dc6e0abf4668d132fd0ce43204e681de5fce45db752c4f49b231bd7e217b75c0f23d4a7e204fa9a3a51f1c8097fb63d SHA512 f9f4f1ed4c7244280be2fade0ccb2f4b5e7075dd60f53953478ffb84012e687b7ac7bad489c0b0cb2d8937916c783fe9e1841174bf1e5bdb9ab8cb58b415db74 -DIST enigmail-2.0.8.tar.gz 2525691 BLAKE2B cd69efe72b661bb103837c987937e1cee64a5888795bda7126c59cf99a39c0245f505cdfd6538d54cec5dc3fc95c64bbeca3aebc4b0823249be4c0465d4d68a1 SHA512 9d2e95c2eae6ca22897eb8b2961964d96fd633e7d33a8c0c04a29b4cbc8585777598578abfb0484b96827ca165fe9c8b873e5e7f7cb3ba8cd0779ddc4f10e305 -DIST enigmail-2.1.2.tar.gz 2819073 BLAKE2B 335c7569e2c46dde645c8992cd7017dc57a0174e109ddada2719cb60de010c8ca3691c1d31e8435986b459936bd1602153e462fb5f93d7ffd1244ea867d8d3bc SHA512 c76dcdb0561ee6e94ab19c2ed8cddac71297ffc9ad14ac3d37cd8966cc4111cbc74d1b01ccaa044acef699de27a2cc7ba1ade7a31db8ab930095722ffc62be93 DIST enigmail-2.1.5.tar.gz 2838286 BLAKE2B e86a340a916a7ac7ef39230e5bb5730198b672ab6c466db5085aa8a818da38e3681a6f22810355db986978c7d547ae50f6d70260a3ccdc9758861d03f3c4e5d5 SHA512 0ed104306ee998b368d4a5779c2daf7c20a112c9a37f357bbe10d8c64dd435448c71e83a0e1a1dc9eb10efcf654b1524676f2b490bf6a065e6dd66de0861baea diff --git a/x11-plugins/enigmail/enigmail-2.0.12-r1.ebuild b/x11-plugins/enigmail/enigmail-2.0.12-r1.ebuild deleted file mode 100644 index 231c774dd69d..000000000000 --- a/x11-plugins/enigmail/enigmail-2.0.12-r1.ebuild +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python2_7 ) - -inherit python-any-r1 - -DESCRIPTION="Mozilla extension to provide GPG support in mail clients" -HOMEPAGE="https://www.enigmail.net/" - -SLOT="0" -LICENSE="MPL-2.0 GPL-3" -IUSE="" -if [[ ${PV} == *9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.code.sf.net/p/enigmail/source" - S="${WORKDIR}/${P}" -else - if [[ ${PV} = *_beta* ]] ; then - SRC_URI="https://www.enigmail.net/download/beta/${P/_/-}.tar.gz" - else - SRC_URI="https://www.enigmail.net/download/source/${P}.tar.gz" - KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86 ~amd64-linux ~x86-linux" - fi - S="${WORKDIR}/${PN}" -fi - -RDEPEND=" - ( >=app-crypt/gnupg-2.0 - || ( - app-crypt/pinentry[gtk(-)] - app-crypt/pinentry[qt5(-)] - ) - ) - !<mail-client/thunderbird-52.5.0 -" -DEPEND="${RDEPEND} - ${PYTHON_DEPS} - app-arch/zip - dev-lang/perl - " - -PATCHES=( - "${FILESDIR}"/enigmail-no_pEp_auto_download.patch - "${FILESDIR}/${PN}-2.0.12-enable_seamonkey_support.patch" -) - -src_compile() { - emake ipc public ui package lang stdlib - emake xpi - -} - -src_install() { - local emid=$(sed -n '/<em:id>/!d; s/.*\({.*}\).*/\1/; p; q' build/dist/install.rdf) - [[ -n ${emid} ]] || die "Could not scrape EM:ID from install.rdf" - - mv build/enigmail*.xpi build/"${emid}.xpi" || die 'Could not rename XPI to match EM:ID' - - # thunderbird - insinto "/usr/share/mozilla/extensions/{3550f703-e582-4d05-9a08-453d09bdfdc6}" - doins build/"${emid}.xpi" - - # seamonkey - insinto "/usr/share/mozilla/extensions/{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}" - doins build/"${emid}.xpi" -} - -pkg_postinst() { - local peimpl=$(eselect --brief --colour=no pinentry show) - case "${peimpl}" in - *gtk*|*qt*) ;; - *) ewarn "The pinentry front-end currently selected is not one supported by thunderbird." - ewarn "You may be prompted for your password in an inaccessible shell!!" - ewarn "Please use 'eselect pinentry' to select either the gtk or qt front-end" - ;; - esac - if [[ -n ${REPLACING_VERSIONS} ]]; then - elog - elog "Please restart thunderbird and/or seamonkey in order for them to use" - elog "the newly installed version of enigmail." - fi -} diff --git a/x11-plugins/enigmail/enigmail-2.0.8-r1.ebuild b/x11-plugins/enigmail/enigmail-2.0.8-r1.ebuild deleted file mode 100644 index 0840602005ed..000000000000 --- a/x11-plugins/enigmail/enigmail-2.0.8-r1.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python2_7 ) - -inherit python-any-r1 - -DESCRIPTION="Mozilla extension to provide GPG support in mail clients" -HOMEPAGE="https://www.enigmail.net/" - -SLOT="0" -LICENSE="MPL-2.0 GPL-3" -IUSE="" -if [[ ${PV} == *9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.code.sf.net/p/enigmail/source" - S="${WORKDIR}/${P}" -else - if [[ ${PV} = *_beta* ]] ; then - SRC_URI="https://www.enigmail.net/download/beta/${P/_/-}.tar.gz" - else - SRC_URI="https://www.enigmail.net/download/source/${P}.tar.gz" - KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86 ~amd64-linux ~x86-linux" - fi - S="${WORKDIR}/${PN}" -fi - -RDEPEND=" - ( >=app-crypt/gnupg-2.0 - || ( - app-crypt/pinentry[gtk(-)] - app-crypt/pinentry[qt5(-)] - ) - ) - !<mail-client/thunderbird-52.5.0 -" -DEPEND="${RDEPEND} - ${PYTHON_DEPS} - app-arch/zip - dev-lang/perl - " - -PATCHES=( - "${FILESDIR}/${PN}-no_pEp_auto_download.patch" -) - -src_compile() { - emake ipc public ui package lang stdlib - emake xpi - -} - -src_install() { - local emid=$(sed -n '/<em:id>/!d; s/.*\({.*}\).*/\1/; p; q' build/dist/install.rdf) - [[ -n ${emid} ]] || die "Could not scrape EM:ID from install.rdf" - - mv build/enigmail*.xpi build/"${emid}.xpi" || die 'Could not rename XPI to match EM:ID' - - # thunderbird - insinto "/usr/share/mozilla/extensions/{3550f703-e582-4d05-9a08-453d09bdfdc6}" - doins build/"${emid}.xpi" - - # seamonkey - insinto "/usr/share/mozilla/extensions/{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}" - doins build/"${emid}.xpi" -} - -pkg_postinst() { - local peimpl=$(eselect --brief --colour=no pinentry show) - case "${peimpl}" in - *gtk*|*qt*) ;; - *) ewarn "The pinentry front-end currently selected is not one supported by thunderbird." - ewarn "You may be prompted for your password in an inaccessible shell!!" - ewarn "Please use 'eselect pinentry' to select either the gtk or qt front-end" - ;; - esac - if [[ -n ${REPLACING_VERSIONS} ]]; then - elog - elog "Please restart thunderbird and/or seamonkey in order for them to use" - elog "the newly installed version of enigmail." - fi -} diff --git a/x11-plugins/enigmail/enigmail-2.1.2-r1.ebuild b/x11-plugins/enigmail/enigmail-2.1.2-r1.ebuild deleted file mode 100644 index 596a08529286..000000000000 --- a/x11-plugins/enigmail/enigmail-2.1.2-r1.ebuild +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python2_7 ) - -inherit python-any-r1 - -DESCRIPTION="Mozilla extension to provide GPG support in mail clients" -HOMEPAGE="https://www.enigmail.net/" - -SLOT="0" -LICENSE="MPL-2.0 GPL-3" -IUSE="" -if [[ ${PV} == *9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.code.sf.net/p/enigmail/source" - S="${WORKDIR}/${P}" -else - if [[ ${PV} = *_beta* ]] ; then - SRC_URI="https://www.enigmail.net/download/beta/${P/_/-}.tar.gz" - else - SRC_URI="https://www.enigmail.net/download/source/${P}.tar.gz" - KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linux" - fi - S="${WORKDIR}/${PN}" -fi - -RDEPEND=" - ( >=app-crypt/gnupg-2.0 - || ( - app-crypt/pinentry[gtk(-)] - app-crypt/pinentry[qt5(-)] - ) - ) - !<mail-client/thunderbird-52.5.0 -" -DEPEND="${RDEPEND} - ${PYTHON_DEPS} - app-arch/zip - dev-lang/perl - " - -PATCHES=( "${FILESDIR}/enigmail-no_pEp_auto_download.patch" - "${FILESDIR}/${PN}-2.1.2-mimeverify.patch" ) - -src_compile() { - # Required or parallel make fails - emake -C stdlib createlib - - emake ipc public ui package lang stdlib - emake xpi - -} - -src_install() { - local emid=$(sed -n '/"id":/!d; s/.*\({.*}\).*/\1/; p; q' build/dist/manifest.json) - [[ -n ${emid} ]] || die "Could not scrape EM:ID from install.rdf" - - mv build/enigmail*.xpi build/"${emid}.xpi" || die 'Could not rename XPI to match EM:ID' - - # thunderbird - insinto "/usr/share/mozilla/extensions/{3550f703-e582-4d05-9a08-453d09bdfdc6}" - doins build/"${emid}.xpi" - - # seamonkey - insinto "/usr/share/mozilla/extensions/{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}" - doins build/"${emid}.xpi" -} - -pkg_postinst() { - local peimpl=$(eselect --brief --colour=no pinentry show) - case "${peimpl}" in - *gtk*|*qt*) ;; - *) ewarn "The pinentry front-end currently selected is not one supported by thunderbird." - ewarn "You may be prompted for your password in an inaccessible shell!!" - ewarn "Please use 'eselect pinentry' to select either the gtk or qt front-end" - ;; - esac - if [[ -n ${REPLACING_VERSIONS} ]]; then - elog - elog "Please restart thunderbird and/or seamonkey in order for them to use" - elog "the newly installed version of enigmail." - fi -} diff --git a/x11-plugins/enigmail/enigmail-2.1.2.ebuild b/x11-plugins/enigmail/enigmail-2.1.2.ebuild deleted file mode 100644 index 934957dbee79..000000000000 --- a/x11-plugins/enigmail/enigmail-2.1.2.ebuild +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -PYTHON_COMPAT=( python2_7 ) - -inherit python-any-r1 - -DESCRIPTION="Mozilla extension to provide GPG support in mail clients" -HOMEPAGE="https://www.enigmail.net/" - -SLOT="0" -LICENSE="MPL-2.0 GPL-3" -IUSE="" -if [[ ${PV} == *9999 ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.code.sf.net/p/enigmail/source" - S="${WORKDIR}/${P}" -else - if [[ ${PV} = *_beta* ]] ; then - SRC_URI="https://www.enigmail.net/download/beta/${P/_/-}.tar.gz" - else - SRC_URI="https://www.enigmail.net/download/source/${P}.tar.gz" - KEYWORDS="~alpha amd64 ~arm ppc ppc64 x86 ~amd64-linux ~x86-linux" - fi - S="${WORKDIR}/${PN}" -fi - -RDEPEND=" - ( >=app-crypt/gnupg-2.0 - || ( - app-crypt/pinentry[gtk(-)] - app-crypt/pinentry[qt5(-)] - ) - ) - !<mail-client/thunderbird-52.5.0 -" -DEPEND="${RDEPEND} - ${PYTHON_DEPS} - app-arch/zip - dev-lang/perl - " - -PATCHES=( "${FILESDIR}"/enigmail-no_pEp_auto_download.patch ) - -src_compile() { - # Required or parallel make fails - emake -C stdlib createlib - - emake ipc public ui package lang stdlib - emake xpi - -} - -src_install() { - local emid=$(sed -n '/"id":/!d; s/.*\({.*}\).*/\1/; p; q' build/dist/manifest.json) - [[ -n ${emid} ]] || die "Could not scrape EM:ID from install.rdf" - - mv build/enigmail*.xpi build/"${emid}.xpi" || die 'Could not rename XPI to match EM:ID' - - # thunderbird - insinto "/usr/share/mozilla/extensions/{3550f703-e582-4d05-9a08-453d09bdfdc6}" - doins build/"${emid}.xpi" - - # seamonkey - insinto "/usr/share/mozilla/extensions/{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}" - doins build/"${emid}.xpi" -} - -pkg_postinst() { - local peimpl=$(eselect --brief --colour=no pinentry show) - case "${peimpl}" in - *gtk*|*qt*) ;; - *) ewarn "The pinentry front-end currently selected is not one supported by thunderbird." - ewarn "You may be prompted for your password in an inaccessible shell!!" - ewarn "Please use 'eselect pinentry' to select either the gtk or qt front-end" - ;; - esac - if [[ -n ${REPLACING_VERSIONS} ]]; then - elog - elog "Please restart thunderbird and/or seamonkey in order for them to use" - elog "the newly installed version of enigmail." - fi -} diff --git a/x11-plugins/enigmail/files/enigmail-2.0.12-enable_seamonkey_support.patch b/x11-plugins/enigmail/files/enigmail-2.0.12-enable_seamonkey_support.patch deleted file mode 100644 index 11d9702eb970..000000000000 --- a/x11-plugins/enigmail/files/enigmail-2.0.12-enable_seamonkey_support.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- enigmail/package/install.rdf -+++ enigmail/package/install.rdf -@@ -19,14 +19,14 @@ - <em:maxVersion>60.*</em:maxVersion> - </Description> - </em:targetApplication> -- <!--em:targetApplication> -- < ! - - Seamonkey is no longer supported - - > -+ <em:targetApplication> -+ <!-- Seamonkey --> - <Description> - <em:id>{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}</em:id> - <em:minVersion>2.49</em:minVersion> - <em:maxVersion>2.57</em:maxVersion> - </Description> -- </em:targetApplication --> -+ </em:targetApplication> - - <!-- Front End MetaData --> - <em:name>Enigmail</em:name> diff --git a/x11-plugins/enigmail/files/enigmail-2.1.2-mimeverify.patch b/x11-plugins/enigmail/files/enigmail-2.1.2-mimeverify.patch deleted file mode 100644 index 8d3830c14586..000000000000 --- a/x11-plugins/enigmail/files/enigmail-2.1.2-mimeverify.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 745d8a0e6929e61a66b0e6c1474175d4b0a84cd6 Mon Sep 17 00:00:00 2001 -From: Jonas Witschel <diabonas@gmx.de> -Date: Sun, 29 Sep 2019 22:07:52 +0200 -Subject: [PATCH] mimeVerify: fix incorrect newline treatment in PGP/MIME - messages - -RFC 3156 specifies: - -Upon receipt of a signed message, an application MUST: - -(1) Convert line endings to the canonical <CR><LF> sequence before - the signature can be verified. This is necessary since the - local MTA may have converted to a local end of line convention. - -The code in this commit was originally added in -ab1b9a2d1c023c5bdf9c058681b93da99ee95465 to fix SourceForge bugs #209 -and #4, but was later accidentally removed during refactoring. This -commit restores the previous state so that signed messages created by -MUAs such as alot or NeoMutt can be verified successfully. - -Fixes: c36bef32a70ee9f2eac1b839cb8644e2fddb32ca -Closes: #1020 (SourceForge) ---- - package/mimeVerify.jsm | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/package/mimeVerify.jsm b/package/mimeVerify.jsm -index 7cc1b228..a6e01d86 100644 ---- a/package/mimeVerify.jsm -+++ b/package/mimeVerify.jsm -@@ -497,6 +497,10 @@ MimeVerify.prototype = { - mimeSignatureFile: sigFileName - }; - const cApi = EnigmailCryptoAPI(); -+ -+ // ensure all lines end with CRLF as specified in RFC 3156, section 5 -+ this.signedData = this.signedData.replace(/\r\n/g, "\n").replace(/\n/g, "\r\n"); -+ - this.returnStatus = cApi.sync(cApi.verifyMime(this.signedData, options)); - this.exitCode = this.returnStatus.exitCode; - --- -2.22.0 - |