From 5b4d186c91cf439be06feeba1353927a67156b5df236a8ca8e58269b5e547d8b Mon Sep 17 00:00:00 2001 From: Christophe Giboudeaux Date: Sun, 28 Mar 2021 07:27:01 +0000 Subject: [PATCH] 21.04 beta OBS-URL: https://build.opensuse.org/package/show/KDE:Applications/kate?expand=0&rev=166 --- 0001-Defuse-root-block.patch | 77 +++++++++++++++++++++--------------- kate-20.12.3.tar.xz | 3 -- kate-20.12.3.tar.xz.sig | 16 -------- kate-21.03.80.tar.xz | 3 ++ kate-21.03.80.tar.xz.sig | 16 ++++++++ kate.changes | 8 ++++ kate.spec | 20 +++++----- 7 files changed, 83 insertions(+), 60 deletions(-) delete mode 100644 kate-20.12.3.tar.xz delete mode 100644 kate-20.12.3.tar.xz.sig create mode 100644 kate-21.03.80.tar.xz create mode 100644 kate-21.03.80.tar.xz.sig diff --git a/0001-Defuse-root-block.patch b/0001-Defuse-root-block.patch index 86a8793..b22e81f 100644 --- a/0001-Defuse-root-block.patch +++ b/0001-Defuse-root-block.patch @@ -1,4 +1,4 @@ -From 435ed5853b9451ab8fdfff722545c57a8f154625 Mon Sep 17 00:00:00 2001 +From 5cec675834a722a6cb55858074eb7a2d13ec685e Mon Sep 17 00:00:00 2001 From: Fabian Vogt Date: Sat, 18 Feb 2017 13:49:14 +0100 Subject: [PATCH] Defuse root block @@ -8,47 +8,62 @@ X session (not sandboxed) can use kate's capability to open a console, we allow (even encourage) running YaST on X11 as root. That way it's only an impact on usability. --- - kate/main.cpp | 3 +-- - kwrite/main.cpp | 3 +-- - 2 files changed, 2 insertions(+), 4 deletions(-) + kate/main.cpp | 15 ++------------- + kwrite/main.cpp | 15 ++------------- + 2 files changed, 4 insertions(+), 26 deletions(-) -Index: kate-19.03.60git.20190930T050110~1d9a68423/kate/main.cpp -=================================================================== ---- kate-19.03.60git.20190930T050110~1d9a68423.orig/kate/main.cpp 2019-09-30 05:01:10.000000000 +0200 -+++ kate-19.03.60git.20190930T050110~1d9a68423/kate/main.cpp 2019-09-30 07:28:13.299460412 +0200 -@@ -60,13 +60,8 @@ +diff --git a/kate/main.cpp b/kate/main.cpp +index cea01d6..37d418f 100644 +--- a/kate/main.cpp ++++ b/kate/main.cpp +@@ -48,19 +48,8 @@ int main(int argc, char **argv) #ifndef Q_OS_WIN // Prohibit using sudo or kdesu (but allow using the root user directly) if (getuid() == 0) { - if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { -- std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities." << std::endl; +- std::cout << "Executing Kate with sudo is not possible due to unfixable security vulnerabilities. " +- "It is also not necessary; simply use Kate normally, and you will be prompted for " +- "elevated privileges when saving documents if needed." +- << std::endl; - return EXIT_FAILURE; - } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { -- std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; +- std::cout << "Executing Kate with kdesu is not possible due to unfixable security vulnerabilities. " +- "It is also not necessary; simply use Kate normally, and you will be prompted for " +- "elevated privileges when saving documents if needed." +- << std::endl; +- return EXIT_FAILURE; +- } ++ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; ++ std::cout << "SUDO_EDITOR=kate sudoedit " << std::endl; + } + #endif + /** +diff --git a/kwrite/main.cpp b/kwrite/main.cpp +index 87cac6f..4f0bad2 100644 +--- a/kwrite/main.cpp ++++ b/kwrite/main.cpp +@@ -40,19 +40,8 @@ extern "C" Q_DECL_EXPORT int main(int argc, char **argv) + #ifndef Q_OS_WIN + // Prohibit using sudo or kdesu (but allow using the root user directly) + if (getuid() == 0) { +- if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { +- std::cout << "Executing KWrite with sudo is not possible due to unfixable security vulnerabilities. " +- "It is also not necessary; simply use KWrite normally, and you will be prompted for " +- "elevated privileges when saving documents if needed." +- << std::endl; +- return EXIT_FAILURE; +- } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { +- std::cout << "Executing KWrite with kdesu is not possible due to unfixable security vulnerabilities. " +- "It is also not necessary; simply use KWrite normally, and you will be prompted for " +- "elevated privileges when saving documents if needed." +- << std::endl; - return EXIT_FAILURE; - } + std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; + std::cout << "SUDO_EDITOR=kwrite sudoedit " << std::endl; } #endif - /** -Index: kate-19.03.60git.20190930T050110~1d9a68423/kwrite/main.cpp -=================================================================== ---- kate-19.03.60git.20190930T050110~1d9a68423.orig/kwrite/main.cpp 2019-09-30 05:01:10.000000000 +0200 -+++ kate-19.03.60git.20190930T050110~1d9a68423/kwrite/main.cpp 2019-09-30 07:28:13.299460412 +0200 -@@ -54,13 +54,8 @@ - #ifndef Q_OS_WIN - // Prohibit using sudo or kdesu (but allow using the root user directly) - if (getuid() == 0) { -- if (!qEnvironmentVariableIsEmpty("SUDO_USER")) { -- std::cout << "Executing KWrite with sudo is not possible due to unfixable security vulnerabilities." << std::endl; -- return EXIT_FAILURE; -- } else if (!qEnvironmentVariableIsEmpty("KDESU_USER")) { -- std::cout << "Executing KWrite with kdesu is not possible due to unfixable security vulnerabilities." << std::endl; -- return EXIT_FAILURE; -- } -+ std::cout << "THIS IS POTENTIALLY INSECURE!\nTo edit files as root please use:" << std::endl; -+ std::cout << "SUDO_EDITOR=kwrite sudoedit " << std::endl; - } - #endif +-- +2.30.2 + diff --git a/kate-20.12.3.tar.xz b/kate-20.12.3.tar.xz deleted file mode 100644 index 57b3656..0000000 --- a/kate-20.12.3.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:81bc2d8afe1958186feec8b1b275da5d6eb52bd8b4fa154896d19830d628d4fd -size 5949012 diff --git a/kate-20.12.3.tar.xz.sig b/kate-20.12.3.tar.xz.sig deleted file mode 100644 index f1385f3..0000000 --- a/kate-20.12.3.tar.xz.sig +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEE2BwMs463Je9mkcOFu0YzUNbvMe8FAmA9kEAACgkQu0YzUNbv -Me9oaBAAjxGkF7nTW79SR/NIRcVg1EY+TJBb3gru34e5dP5PDxBCCPda2khVX3N+ -2Xuxl/9NIB7w4Upv3Z8aOXaHqhgfOxfRnBuGdfew3cmOzwcys+DXdJPsWcnImE6m -907R2yiTFzaDAa3YlHD6M+60SQO98Hc4W8FhRKT8UAta00x8Vx4FZgSNgJTyyZ0C -qCxw8dxoR3z7DAKigWE4X2IdT1Oez1tkNSWbHK7+SUXDgz8eYthrFL7OAPpzKvaH -oMbbysrSi6vfK2Fm3lHDTQ+gja2Ll3CjkrvKYpr44vd6YFqr2Cieaav4/B75oH+C -TPNvTQeHq1rckqQDH6UYE4cU+omjRu8hHitbqjok6Bjo/w+nYnhnPT/TyKCUQxVK -gXzZvEiuHzgfPI7KzRB14efVG7zRHWzxWhgbXCQKENuzBajH730DKXIakv+MgjqZ -TuSl/7MyOWhDMfq9g2qSeH1cMYHBZQUpt9+irRG2viYZConIdAPSIG3MnzOZE+Mm -+9APe+IIDIkhTKal5f57j2wKH/ON6W1Fe95TUkW2l+gJTqfzx9tutYV4hdaGRmuK -ox0i9TRom3p1P+q+FawHnuevkdXC1UbP9f7ibLmeK/AEmO9pdgcS4LlXbntGc+sj -0kk/mT5xBGxKlxy5ued4uUO5pzbIvswdMywaPF7kNjeT3umSmWk= -=6H86 ------END PGP SIGNATURE----- diff --git a/kate-21.03.80.tar.xz b/kate-21.03.80.tar.xz new file mode 100644 index 0000000..6dfb6f7 --- /dev/null +++ b/kate-21.03.80.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5ce7a843c7a7a457d16164116d7e64c885c6338d12575e4ca9666fa5a73edeb1 +size 6926048 diff --git a/kate-21.03.80.tar.xz.sig b/kate-21.03.80.tar.xz.sig new file mode 100644 index 0000000..cb4c265 --- /dev/null +++ b/kate-21.03.80.tar.xz.sig @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEyiYsbIPeTS+yijMqOmpNuDnqptcFAmBXHssACgkQOmpNuDnq +ptfOKA//bFYUS9J0RRhqCwk6w15k7yWRiOOjwrpdN/bquiA3DvQmPHtdCtSnIMGs +e3SoOMKIjYNyB8AsLVNI51I7bxXbY6N3E7EQ10BF2qbhLXb/44/G0m+tVvj2EJck +DGm1/u1qYxNRX9yubsvdul3kJqJ4s+iJUw63/ALqHDwRC/CuIBaLo5vllNCksipy +XgOqSL+TEhqjkSZbVfo3ZFoue7hqrVrWJufEycDBYRvwiISrFBKPXjy32gvecTRV +JXbc8paXrMjk1dChwliEZLdESXJJ2kL84zadr2UtXc3W61rO6hS8UQmAkOD98GlJ +vQ791wHMnTSny7SAlW4k5jsfSBnZR1+9vv63f/OiMIlNehMhSpg86xN0TY0Lp6lM +TYLZw16eXkSTUlxSEw83D7nMJ+/WQ7BFEBup1puDcaMHkvQBljNIc/vthvUNKmXY +ponWvTjiBGoRTVdyBXvZ9PiCSCeqhPNdYdWhpnxDBnXk24E9LSHGbZSK2xuA8TBx +zPP8BK3tgJygGXDFJlAGwCtExOy5g3yLyh9M7jatxpS+MQ08B3+xSr/h6WI7JFYj +LxXhhU7qaiW0Z52eE91SU6gBCfBz0f7Maj84TyR0JFULNNP+K4esMdImaV5Zn3b8 +806t/deMbe7zYNf+JlpONWIQHWNtQooPBPJBdJFuvKCVMAHZa3k= +=4mdC +-----END PGP SIGNATURE----- diff --git a/kate.changes b/kate.changes index 42c8507..b7c6fb8 100644 --- a/kate.changes +++ b/kate.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Sun Mar 21 13:27:34 UTC 2021 - Christophe Giboudeaux + +- Update to 21.03.80 + * New feature release +- Too many changes to list here. +- Rebase 0001-Defuse-root-block.patch + ------------------------------------------------------------------- Thu Mar 4 06:09:53 UTC 2021 - Luca Beltrame diff --git a/kate.spec b/kate.spec index 6f4bff1..9ebdc19 100644 --- a/kate.spec +++ b/kate.spec @@ -1,7 +1,7 @@ # # spec file for package kate # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,13 +22,13 @@ %{!?_kapp_version: %define _kapp_version %(echo %{version}| awk -F. '{print $1"."$2}')} %bcond_without lang Name: kate -Version: 20.12.3 +Version: 21.03.80 Release: 0 Summary: Advanced Text Editor License: GPL-3.0-or-later Group: Productivity/Text/Editors URL: https://www.kde.org -Source: https://download.kde.org/stable/release-service/%{version}/src/%{name}-%{version}.tar.xz +Source: https://download.kde.org/unstable/release-service/%{version}/src/%{name}-%{version}.tar.xz # PATCH-FIX-OPENSUSE Patch0: 0001-Defuse-root-block.patch BuildRequires: libgit2-devel @@ -54,18 +54,18 @@ BuildRequires: cmake(KF5Wallet) BuildRequires: cmake(KF5WindowSystem) BuildRequires: cmake(KF5XmlGui) BuildRequires: cmake(KUserFeedback) -BuildRequires: cmake(Qt5Core) >= 5.10.0 -BuildRequires: cmake(Qt5DBus) >= 5.10.0 -BuildRequires: cmake(Qt5Script) >= 5.10.0 -BuildRequires: cmake(Qt5Sql) >= 5.10.0 -BuildRequires: cmake(Qt5Test) >= 5.10.0 -BuildRequires: cmake(Qt5Widgets) >= 5.10.0 +BuildRequires: cmake(Qt5Core) +BuildRequires: cmake(Qt5DBus) +BuildRequires: cmake(Qt5Script) +BuildRequires: cmake(Qt5Sql) +BuildRequires: cmake(Qt5Test) +BuildRequires: cmake(Qt5Widgets) Requires: %{name}-plugins = %{version} Recommends: %{name}-lang Obsoletes: %{name}5 < %{version} Provides: %{name}5 = %{version} %if %{with lang} -Source1: https://download.kde.org/stable/release-service/%{version}/src/%{name}-%{version}.tar.xz.sig +Source1: https://download.kde.org/unstable/release-service/%{version}/src/%{name}-%{version}.tar.xz.sig Source2: applications.keyring %endif