From a2943e36c7c6309e955708552a72d532844576a8 Mon Sep 17 00:00:00 2001 From: Léo Le Bouter Date: Thu, 11 Mar 2021 01:18:35 +0100 Subject: gnu: evolution: Fix CVE-2020-11879. * gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnome.scm (evolution): Apply it. --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 3 +- .../patches/evolution-CVE-2020-11879.patch | 122 +++++++++++++++++++++ 3 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/evolution-CVE-2020-11879.patch diff --git a/gnu/local.mk b/gnu/local.mk index e24cee8ecf..9e20260ec3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -973,6 +973,7 @@ dist_patch_DATA = \ %D%/packages/patches/erlang-man-path.patch \ %D%/packages/patches/eudev-rules-directory.patch \ %D%/packages/patches/evilwm-lost-focus-bug.patch \ + %D%/packages/patches/evolution-CVE-2020-11879.patch \ %D%/packages/patches/evolution-data-server-CVE-2020-14928.patch \ %D%/packages/patches/evolution-data-server-CVE-2020-16117.patch \ %D%/packages/patches/evolution-data-server-locales.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 1db2de4751..5ee28eec03 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -10711,7 +10711,8 @@ (define-public evolution "evolution-" version ".tar.xz")) (sha256 (base32 - "164vy8h432pjglafn8y2ms4gsvk3kbgc63h5qp0mk5dv4smsp29c")))) + "164vy8h432pjglafn8y2ms4gsvk3kbgc63h5qp0mk5dv4smsp29c")) + (patches (search-patches "evolution-CVE-2020-11879.patch")))) (build-system cmake-build-system) (arguments `(#:imported-modules (,@%cmake-build-system-modules diff --git a/gnu/packages/patches/evolution-CVE-2020-11879.patch b/gnu/packages/patches/evolution-CVE-2020-11879.patch new file mode 100644 index 0000000000..8c85895aab --- /dev/null +++ b/gnu/packages/patches/evolution-CVE-2020-11879.patch @@ -0,0 +1,122 @@ +From 6489f20d6905cc797e2b2581c415e558c457caa7 Mon Sep 17 00:00:00 2001 +From: Milan Crha +Date: Wed, 12 Feb 2020 18:59:52 +0100 +Subject: [PATCH] I#784 - Warn about and limit what can be attached using + mailto: URI + +Closes https://gitlab.gnome.org/GNOME/evolution/issues/784 +--- + src/composer/e-msg-composer.c | 58 +++++++++++++++++++++++++++++------ + src/e-util/e-system.error.xml | 7 ++++- + 2 files changed, 54 insertions(+), 11 deletions(-) + +diff --git a/src/composer/e-msg-composer.c b/src/composer/e-msg-composer.c +index e4c9ac095e..cd3168d882 100644 +--- a/src/composer/e-msg-composer.c ++++ b/src/composer/e-msg-composer.c +@@ -4761,7 +4761,8 @@ handle_mailto (EMsgComposer *composer, + gchar *header, *content, *buf; + gsize nread, nwritten; + const gchar *p; +- gint len, clen; ++ gint len, clen, has_attachments = 0; ++ gboolean has_blacklisted_attachment = FALSE; + + table = e_msg_composer_get_header_table (composer); + view = e_msg_composer_get_attachment_view (composer); +@@ -4844,22 +4845,36 @@ handle_mailto (EMsgComposer *composer, + } else if (!g_ascii_strcasecmp (header, "attach") || + !g_ascii_strcasecmp (header, "attachment")) { + EAttachment *attachment; ++ GFile *file; + + camel_url_decode (content); +- if (file_is_blacklisted (content)) +- e_alert_submit ( +- E_ALERT_SINK (e_msg_composer_get_editor (composer)), +- "mail:blacklisted-file", +- content, NULL); + if (g_ascii_strncasecmp (content, "file:", 5) == 0) + attachment = e_attachment_new_for_uri (content); + else + attachment = e_attachment_new_for_path (content); +- e_attachment_store_add_attachment (store, attachment); +- e_attachment_load_async ( +- attachment, (GAsyncReadyCallback) +- e_attachment_load_handle_error, composer); ++ file = e_attachment_ref_file (attachment); ++ if (!file || !g_file_peek_path (file) || ++ !g_file_test (g_file_peek_path (file), G_FILE_TEST_EXISTS) || ++ g_file_test (g_file_peek_path (file), G_FILE_TEST_IS_DIR)) { ++ /* Do nothing, simply ignore the attachment request */ ++ } else { ++ has_attachments++; ++ ++ if (file_is_blacklisted (content)) { ++ has_blacklisted_attachment = TRUE; ++ e_alert_submit ( ++ E_ALERT_SINK (e_msg_composer_get_editor (composer)), ++ "mail:blacklisted-file", ++ content, NULL); ++ } ++ ++ e_attachment_store_add_attachment (store, attachment); ++ e_attachment_load_async ( ++ attachment, (GAsyncReadyCallback) ++ e_attachment_load_handle_error, composer); ++ } + g_object_unref (attachment); ++ g_clear_object (&file); + } else if (!g_ascii_strcasecmp (header, "from")) { + /* Ignore */ + } else if (!g_ascii_strcasecmp (header, "reply-to")) { +@@ -4883,6 +4898,29 @@ handle_mailto (EMsgComposer *composer, + + g_free (buf); + ++ if (has_attachments && !has_blacklisted_attachment) { ++ const gchar *primary; ++ gchar *secondary; ++ ++ primary = g_dngettext (GETTEXT_PACKAGE, ++ "Review attachment before sending.", ++ "Review attachments before sending.", ++ has_attachments); ++ ++ secondary = g_strdup_printf (g_dngettext (GETTEXT_PACKAGE, ++ "There had been added %d attachment. Make sure it does not contain any sensitive information before sending the message.", ++ "There had been added %d attachments. Make sure they do not contain any sensitive information before sending the message.", ++ has_attachments), ++ has_attachments); ++ ++ e_alert_submit ( ++ E_ALERT_SINK (e_msg_composer_get_editor (composer)), ++ "system:generic-warning", ++ primary, secondary, NULL); ++ ++ g_free (secondary); ++ } ++ + merge_always_cc_and_bcc (table, to, &cc, &bcc); + + tov = destination_list_to_vector (to); +diff --git a/src/e-util/e-system.error.xml b/src/e-util/e-system.error.xml +index ddcf989fda..02facb7d26 100644 +--- a/src/e-util/e-system.error.xml ++++ b/src/e-util/e-system.error.xml +@@ -1,6 +1,11 @@ + + +- ++ ++ {0} ++ {1} ++ ++ ++ + {0} + {1} + +-- +GitLab + -- cgit v1.2.3