From 0e5bdb623b0f3ca4d71eba56b54915905acbc7d9 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Wed, 5 Apr 2023 08:38:48 +0100 Subject: xdg-utils: Fix CVE number In the previous commit I somehow mixed up and used an incorrect CVE number. Use the correct one. (From OE-Core rev: b3e2729f686ff6e16e11590bcd701c057ae5f1e2) Signed-off-by: Richard Purdie --- .../xdg-utils/xdg-utils/CVE-2020-27748.patch | 145 --------------------- .../xdg-utils/xdg-utils/CVE-2022-4055.patch | 145 +++++++++++++++++++++ meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb | 2 +- 3 files changed, 146 insertions(+), 146 deletions(-) delete mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch (limited to 'meta/recipes-extended/xdg-utils') diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch deleted file mode 100644 index ec3605e158..0000000000 --- a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2020-27748.patch +++ /dev/null @@ -1,145 +0,0 @@ -xdg-email does not parse mailto uris properly for thunderbird - -When using thunderbird as mailto handler xdg-email translates mailto uris into an 'thunderbird -compose' argument. While to, cc and bcc values are properly enclosed in single quotes this is not the case for subject or body. This breaks functionality and allows to use all thunderbird -compose arguments within a mailto uri, e.g. - -xdg-email 'mailto:test@example.com?subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt' - -translates into - -thunderbird -compose to='test@example.com,',subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt - -with working attachment and message. (And, yes, ~ expands to the home directory.) - -Upstream-Status: Submitted [https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205] - -Signed-off-by: Richard Purdie - -CVE: CVE-2020-27748 - - -Index: xdg-utils-1.1.3/scripts/xdg-email.in -=================================================================== ---- xdg-utils-1.1.3.orig/scripts/xdg-email.in -+++ xdg-utils-1.1.3/scripts/xdg-email.in -@@ -30,53 +30,6 @@ _USAGE - - #@xdg-utils-common@ - --run_thunderbird() --{ -- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY -- THUNDERBIRD="$1" -- MAILTO=$(echo "$2" | sed 's/^mailto://') -- echo "$MAILTO" | grep -qs "^?" -- if [ "$?" = "0" ] ; then -- MAILTO=$(echo "$MAILTO" | sed 's/^?//') -- else -- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/') -- fi -- -- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g') -- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) -- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) -- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) -- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) -- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) -- -- if [ -z "$TO" ] ; then -- NEWMAILTO= -- else -- NEWMAILTO="to='$TO'" -- fi -- if [ -n "$CC" ] ; then -- NEWMAILTO="${NEWMAILTO},cc='$CC'" -- fi -- if [ -n "$BCC" ] ; then -- NEWMAILTO="${NEWMAILTO},bcc='$BCC'" -- fi -- if [ -n "$SUBJECT" ] ; then -- NEWMAILTO="${NEWMAILTO},$SUBJECT" -- fi -- if [ -n "$BODY" ] ; then -- NEWMAILTO="${NEWMAILTO},$BODY" -- fi -- -- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') -- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" -- "$THUNDERBIRD" -compose "$NEWMAILTO" -- if [ $? -eq 0 ]; then -- exit_success -- else -- exit_failure_operation_failed -- fi --} -- - open_kde() - { - if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then -@@ -130,15 +83,6 @@ open_kde() - - open_gnome3() - { -- local client -- local desktop -- desktop=`xdg-mime query default "x-scheme-handler/mailto"` -- client=`desktop_file_to_binary "$desktop"` -- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 -- if [ $? -eq 0 ] ; then -- run_thunderbird "$client" "$1" -- fi -- - if gio help open 2>/dev/null 1>&2; then - DEBUG 1 "Running gio open \"$1\"" - gio open "$1" -@@ -159,13 +103,6 @@ open_gnome3() - - open_gnome() - { -- local client -- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || "" -- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 -- if [ $? -eq 0 ] ; then -- run_thunderbird "$client" "$1" -- fi -- - if gio help open 2>/dev/null 1>&2; then - DEBUG 1 "Running gio open \"$1\"" - gio open "$1" -@@ -231,15 +168,6 @@ open_flatpak() - - open_generic() - { -- local client -- local desktop -- desktop=`xdg-mime query default "x-scheme-handler/mailto"` -- client=`desktop_file_to_binary "$desktop"` -- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 -- if [ $? -eq 0 ] ; then -- run_thunderbird "$client" "$1" -- fi -- - xdg-open "$1" - local ret=$? - -@@ -364,21 +292,6 @@ while [ $# -gt 0 ] ; do - shift - ;; - -- --attach) -- if [ -z "$1" ] ; then -- exit_failure_syntax "file argument missing for --attach option" -- fi -- check_input_file "$1" -- file=`readlink -f "$1"` # Normalize path -- if [ -z "$file" ] || [ ! -f "$file" ] ; then -- exit_failure_file_missing "file '$1' does not exist" -- fi -- -- url_encode "$file" -- options="${options}attach=${result}&" -- shift -- ;; -- - -*) - exit_failure_syntax "unexpected option '$parm'" - ;; diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch new file mode 100644 index 0000000000..b236030108 --- /dev/null +++ b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch @@ -0,0 +1,145 @@ +xdg-email does not parse mailto uris properly for thunderbird + +When using thunderbird as mailto handler xdg-email translates mailto uris into an 'thunderbird -compose' argument. While to, cc and bcc values are properly enclosed in single quotes this is not the case for subject or body. This breaks functionality and allows to use all thunderbird -compose arguments within a mailto uri, e.g. + +xdg-email 'mailto:test@example.com?subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt' + +translates into + +thunderbird -compose to='test@example.com,',subject=Test,attachment=~/.thunderbird/profiles.ini,message=/home/test/test.txt + +with working attachment and message. (And, yes, ~ expands to the home directory.) + +Upstream-Status: Submitted [https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205] + +Signed-off-by: Richard Purdie + +CVE: CVE-2022-4055 + + +Index: xdg-utils-1.1.3/scripts/xdg-email.in +=================================================================== +--- xdg-utils-1.1.3.orig/scripts/xdg-email.in ++++ xdg-utils-1.1.3/scripts/xdg-email.in +@@ -30,53 +30,6 @@ _USAGE + + #@xdg-utils-common@ + +-run_thunderbird() +-{ +- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY +- THUNDERBIRD="$1" +- MAILTO=$(echo "$2" | sed 's/^mailto://') +- echo "$MAILTO" | grep -qs "^?" +- if [ "$?" = "0" ] ; then +- MAILTO=$(echo "$MAILTO" | sed 's/^?//') +- else +- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/') +- fi +- +- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g') +- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) +- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) +- +- if [ -z "$TO" ] ; then +- NEWMAILTO= +- else +- NEWMAILTO="to='$TO'" +- fi +- if [ -n "$CC" ] ; then +- NEWMAILTO="${NEWMAILTO},cc='$CC'" +- fi +- if [ -n "$BCC" ] ; then +- NEWMAILTO="${NEWMAILTO},bcc='$BCC'" +- fi +- if [ -n "$SUBJECT" ] ; then +- NEWMAILTO="${NEWMAILTO},$SUBJECT" +- fi +- if [ -n "$BODY" ] ; then +- NEWMAILTO="${NEWMAILTO},$BODY" +- fi +- +- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') +- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" +- "$THUNDERBIRD" -compose "$NEWMAILTO" +- if [ $? -eq 0 ]; then +- exit_success +- else +- exit_failure_operation_failed +- fi +-} +- + open_kde() + { + if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then +@@ -130,15 +83,6 @@ open_kde() + + open_gnome3() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -159,13 +103,6 @@ open_gnome3() + + open_gnome() + { +- local client +- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || "" +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -231,15 +168,6 @@ open_flatpak() + + open_generic() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + xdg-open "$1" + local ret=$? + +@@ -364,21 +292,6 @@ while [ $# -gt 0 ] ; do + shift + ;; + +- --attach) +- if [ -z "$1" ] ; then +- exit_failure_syntax "file argument missing for --attach option" +- fi +- check_input_file "$1" +- file=`readlink -f "$1"` # Normalize path +- if [ -z "$file" ] || [ ! -f "$file" ] ; then +- exit_failure_file_missing "file '$1' does not exist" +- fi +- +- url_encode "$file" +- options="${options}attach=${result}&" +- shift +- ;; +- + -*) + exit_failure_syntax "unexpected option '$parm'" + ;; diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index d95bcccd2a..4d93180535 100644 --- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -21,7 +21,7 @@ SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \ file://0001-Reinstate-xdg-terminal.patch \ file://0001-Don-t-build-the-in-script-manual.patch \ file://1f199813e0eb0246f63b54e9e154970e609575af.patch \ - file://CVE-2020-27748.patch \ + file://CVE-2022-4055.patch \ " SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff" -- cgit v1.2.3-54-g00ecf