gnu: evolution: Fix CVE-2020-11879.

* gnu/packages/patches/evolution-CVE-2020-11879.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/gnome.scm (evolution): Apply it.
2021-03-11 01:18:35 +01:00 · 2021-03-11 01:18:35 +01:00 · a2943e36c7
commit a2943e36c7
parent c35f87bb1a
3 changed files with 125 additions and 1 deletions
--- a/gnu/local.mk
+++ b/gnu/local.mk
@ -973,6 +973,7 @@ dist_patch_DATA =						\
  %D%/packages/patches/erlang-man-path.patch			\
  %D%/packages/patches/eudev-rules-directory.patch		\
  %D%/packages/patches/evilwm-lost-focus-bug.patch		\
  %D%/packages/patches/evolution-CVE-2020-11879.patch		\
  %D%/packages/patches/evolution-data-server-CVE-2020-14928.patch	\
  %D%/packages/patches/evolution-data-server-CVE-2020-16117.patch	\
  %D%/packages/patches/evolution-data-server-locales.patch	\
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@ -10711,7 +10711,8 @@ generic enough to work for everyone.")
                                  "evolution-" version ".tar.xz"))
              (sha256
               (base32
-                "164vy8h432pjglafn8y2ms4gsvk3kbgc63h5qp0mk5dv4smsp29c"))))
+                "164vy8h432pjglafn8y2ms4gsvk3kbgc63h5qp0mk5dv4smsp29c"))
              (patches (search-patches "evolution-CVE-2020-11879.patch"))))
    (build-system cmake-build-system)
    (arguments
     `(#:imported-modules (,@%cmake-build-system-modules
--- a/gnu/packages/patches/evolution-CVE-2020-11879.patch
+++ b/gnu/packages/patches/evolution-CVE-2020-11879.patch
@ -0,0 +1,122 @@
 From 6489f20d6905cc797e2b2581c415e558c457caa7 Mon Sep 17 00:00:00 2001
 From: Milan Crha <mcrha@redhat.com>
 Date: Wed, 12 Feb 2020 18:59:52 +0100
 Subject: [PATCH] I#784 - Warn about and limit what can be attached using
 mailto: URI
 Closes https://gitlab.gnome.org/GNOME/evolution/issues/784
 ---
 src/composer/e-msg-composer.c | 58 +++++++++++++++++++++++++++++------
 src/e-util/e-system.error.xml |  7 ++++-
 2 files changed, 54 insertions(+), 11 deletions(-)
 diff --git a/src/composer/e-msg-composer.c b/src/composer/e-msg-composer.c
 index e4c9ac095e..cd3168d882 100644
 --- a/src/composer/e-msg-composer.c
 +++ b/src/composer/e-msg-composer.c
@@ -4761,7 +4761,8 @@ handle_mailto (EMsgComposer *composer,
 	gchar *header, *content, *buf;
 	gsize nread, nwritten;
 	const gchar *p;
 -	gint len, clen;
 +	gint len, clen, has_attachments = 0;
 +	gboolean has_blacklisted_attachment = FALSE;
 	table = e_msg_composer_get_header_table (composer);
 	view = e_msg_composer_get_attachment_view (composer);
@@ -4844,22 +4845,36 @@ handle_mailto (EMsgComposer *composer,
 			} else if (!g_ascii_strcasecmp (header, "attach") ||
 				   !g_ascii_strcasecmp (header, "attachment")) {
 				EAttachment *attachment;
 +				GFile *file;
 				camel_url_decode (content);
 -				if (file_is_blacklisted (content))
 -					e_alert_submit (
 -						E_ALERT_SINK (e_msg_composer_get_editor (composer)),
 -						"mail:blacklisted-file",
 -						content, NULL);
 				if (g_ascii_strncasecmp (content, "file:", 5) == 0)
 					attachment = e_attachment_new_for_uri (content);
 				else
 					attachment = e_attachment_new_for_path (content);
 -				e_attachment_store_add_attachment (store, attachment);
 -				e_attachment_load_async (
 -					attachment, (GAsyncReadyCallback)
 -					e_attachment_load_handle_error, composer);
 +				file = e_attachment_ref_file (attachment);
 +				if (!file || !g_file_peek_path (file) ||
 +				    !g_file_test (g_file_peek_path (file), G_FILE_TEST_EXISTS) ||
 +				    g_file_test (g_file_peek_path (file), G_FILE_TEST_IS_DIR)) {
 +					/* Do nothing, simply ignore the attachment request */
 +				} else {
 +					has_attachments++;
 +
 +					if (file_is_blacklisted (content)) {
 +						has_blacklisted_attachment = TRUE;
 +						e_alert_submit (
 +							E_ALERT_SINK (e_msg_composer_get_editor (composer)),
 +							"mail:blacklisted-file",
 +							content, NULL);
 +					}
 +
 +					e_attachment_store_add_attachment (store, attachment);
 +					e_attachment_load_async (
 +						attachment, (GAsyncReadyCallback)
 +						e_attachment_load_handle_error, composer);
 +				}
 				g_object_unref (attachment);
 +				g_clear_object (&file);
 			} else if (!g_ascii_strcasecmp (header, "from")) {
 				/* Ignore */
 			} else if (!g_ascii_strcasecmp (header, "reply-to")) {
@@ -4883,6 +4898,29 @@ handle_mailto (EMsgComposer *composer,
 	g_free (buf);
 +	if (has_attachments && !has_blacklisted_attachment) {
 +		const gchar *primary;
 +		gchar *secondary;
 +
 +		primary = g_dngettext (GETTEXT_PACKAGE,
 +			"Review attachment before sending.",
 +			"Review attachments before sending.",
 +			has_attachments);
 +
 +		secondary = g_strdup_printf (g_dngettext (GETTEXT_PACKAGE,
 +			"There had been added %d attachment. Make sure it does not contain any sensitive information before sending the message.",
 +			"There had been added %d attachments. Make sure they do not contain any sensitive information before sending the message.",
 +			has_attachments),
 +			has_attachments);
 +
 +		e_alert_submit (
 +			E_ALERT_SINK (e_msg_composer_get_editor (composer)),
 +			"system:generic-warning",
 +			primary, secondary, NULL);
 +
 +		g_free (secondary);
 +	}
 +
 	merge_always_cc_and_bcc (table, to, &cc, &bcc);
 	tov = destination_list_to_vector (to);
 diff --git a/src/e-util/e-system.error.xml b/src/e-util/e-system.error.xml
 index ddcf989fda..02facb7d26 100644
 --- a/src/e-util/e-system.error.xml
 +++ b/src/e-util/e-system.error.xml
@@ -1,6 +1,11 @@
 <?xml version="1.0"?>
 <error-list domain="system">
 -  <error type="error" id="generic-error">
 +  <error id="generic-error" type="error">
 +    <primary>{0}</primary>
 +    <secondary>{1}</secondary>
 +  </error>
 +
 +  <error id="generic-warning" type="warning">
     <primary>{0}</primary>
     <secondary>{1}</secondary>
   </error>
 -- 
 GitLab