[gentoo-commits] repo/gentoo:master commit in: kde-misc/kdeconnect/

Sat, 26 Apr 2025 04:44:38 -0700 

commit:     d85a9e85489ebfc3449cca331e6d50ba75d2926f
Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Sat Apr 26 11:40:06 2025 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Apr 26 11:43:59 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d85a9e85

kde-misc/kdeconnect: Fix CVE-2025-32898, CVE-2025-32900 for 24.12.3

See also:
https://kde.org/info/security/advisory-20250418-2.txt
https://kde.org/info/security/advisory-20250418-3.txt
https://invent.kde.org/network/kdeconnect-kde/-/merge_requests/774
https://invent.kde.org/network/kdeconnect-kde/-/merge_requests/780

Regarding the Android App:
https://kde.org/info/security/advisory-20250418-1.txt
https://kde.org/info/security/advisory-20250418-4.txt

Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 kde-misc/kdeconnect/Manifest                     |   1 +
 kde-misc/kdeconnect/kdeconnect-24.12.3-r1.ebuild | 109 +++++++++++++++++++++++
 2 files changed, 110 insertions(+)

diff --git a/kde-misc/kdeconnect/Manifest b/kde-misc/kdeconnect/Manifest
index f51f43864627..d39bc872bba3 100644
--- a/kde-misc/kdeconnect/Manifest
+++ b/kde-misc/kdeconnect/Manifest
@@ -1,2 +1,3 @@
+DIST kdeconnect-24.12.3-patchset.tar.xz 7964 BLAKE2B 
d2a3b72959d1449a4f8105a31e338f71bdf1dc542624416d473e2e3315199c24b4f521c11c46e4c0bb89f54204b94a86bf1af35b7755db9e17f9e3d3d35e898f
 SHA512 
fe668dfe804a6659794a7013a9f39d6af599dfba332d992121a991115f80f76a057aa8b53938e737d9e557c761731a9200592f3b33332abe91d0c16761dd617a
 DIST kdeconnect-kde-24.12.3.tar.xz 716168 BLAKE2B 
57d77b5e28de08b7ebdaa8f62d75a269c790da05c79b9076bb497a0d9b4123005d1dd121606985a0c4b823345b309820b3d486bb6fc73ba850d2e91753ea8d61
 SHA512 
b4b98d161021a4886b3a034e3bf4c478f3ed4d45b92e3b88079e6439f4c5443abe8e7da4b2f0d961fc9e95e05bd99c9659960f9a71858fa8855c17d1148c2781
 DIST kdeconnect-kde-25.04.0.tar.xz 742472 BLAKE2B 
2bd1c8eb248b7dcd9e82971462868a39dd9671205bc4011c8ad957c733eb56eea678384e660f1917f9d3b80763e95961659c1c13a66e8f73f09e81157ab25258
 SHA512 
32787125fd403dd2edf45e870c491da0ff182c86e4915b3d6c9ac04a9618a40b8a36cf6f34ce3c50669841674026e316eb0d93f8e0376ca193344624112a9bd3

diff --git a/kde-misc/kdeconnect/kdeconnect-24.12.3-r1.ebuild 
b/kde-misc/kdeconnect/kdeconnect-24.12.3-r1.ebuild
new file mode 100644
index 000000000000..46cc3fc4e44f
--- /dev/null
+++ b/kde-misc/kdeconnect/kdeconnect-24.12.3-r1.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+ECM_HANDBOOK="forceoptional"
+ECM_TEST="true"
+KDE_ORG_NAME="${PN}-kde"
+KDE_SELINUX_MODULE="${PN}"
+KFMIN=6.7.0
+QTMIN=6.7.2
+inherit ecm flag-o-matic gear.kde.org
+
+DESCRIPTION="Adds communication between KDE Plasma and your smartphone"
+HOMEPAGE="https://kdeconnect.kde.org/ https://apps.kde.org/kdeconnect/";
+SRC_URI+=" https://dev.gentoo.org/~asturm/distfiles/${P}-patchset.tar.xz";
+
+LICENSE="GPL-2+"
+SLOT="6"
+KEYWORDS="~amd64 ~arm64 ~ppc64 ~x86"
+IUSE="bluetooth pulseaudio telephony zeroconf X"
+
+RESTRICT="test"
+
+# slot op: Uses Qt6::GuiPrivate for qtx11extras_p.h
+# TODO: make conditional on X upstream
+COMMON_DEPEND="
+       dev-libs/openssl:=
+       >=dev-libs/wayland-1.15.0
+       >=dev-qt/qtbase-${QTMIN}:6=[dbus,gui,network,widgets]
+       >=dev-qt/qtdeclarative-${QTMIN}:6[widgets]
+       >=dev-qt/qtmultimedia-${QTMIN}:6
+       >=dev-qt/qtwayland-${QTMIN}:6
+       >=kde-frameworks/kcmutils-${KFMIN}:6
+       >=kde-frameworks/kconfig-${KFMIN}:6[qml]
+       >=kde-frameworks/kconfigwidgets-${KFMIN}:6
+       >=kde-frameworks/kcoreaddons-${KFMIN}:6
+       >=kde-frameworks/kcrash-${KFMIN}:6
+       >=kde-frameworks/kdbusaddons-${KFMIN}:6
+       >=kde-frameworks/kguiaddons-${KFMIN}:6
+       >=kde-frameworks/ki18n-${KFMIN}:6
+       >=kde-frameworks/kiconthemes-${KFMIN}:6
+       >=kde-frameworks/kio-${KFMIN}:6
+       >=kde-frameworks/kirigami-${KFMIN}:6
+       >=kde-frameworks/knotifications-${KFMIN}:6
+       >=kde-frameworks/kpeople-${KFMIN}:6
+       >=kde-frameworks/kservice-${KFMIN}:6
+       >=kde-frameworks/kstatusnotifieritem-${KFMIN}:6
+       >=kde-frameworks/kwidgetsaddons-${KFMIN}:6
+       >=kde-frameworks/kwindowsystem-${KFMIN}:6
+       >=kde-frameworks/qqc2-desktop-style-${KFMIN}:6
+       >=kde-frameworks/solid-${KFMIN}:6
+       sys-apps/dbus
+       x11-libs/libxkbcommon
+       bluetooth? ( >=dev-qt/qtconnectivity-${QTMIN}:6[bluetooth] )
+       pulseaudio? ( >=media-libs/pulseaudio-qt-1.4:= )
+       telephony? ( >=kde-frameworks/modemmanager-qt-${KFMIN}:6 )
+       zeroconf? ( >=kde-frameworks/kdnssd-${KFMIN}:6 )
+       X? (
+               x11-libs/libfakekey
+               x11-libs/libX11
+               x11-libs/libXtst
+       )
+"
+DEPEND="${COMMON_DEPEND}
+       dev-libs/wayland-protocols
+"
+RDEPEND="${COMMON_DEPEND}
+       dev-libs/kirigami-addons:6
+       >=dev-qt/qt5compat-${QTMIN}:6[qml]
+       >=dev-qt/qtmultimedia-${QTMIN}:6[qml]
+       >=dev-qt/qttools-${QTMIN}:6[qdbus]
+       >=kde-frameworks/kdeclarative-${KFMIN}:6
+       kde-plasma/libplasma:6
+       net-fs/sshfs
+"
+BDEPEND="
+       >=dev-qt/qtwayland-${QTMIN}:6
+       dev-util/wayland-scanner
+       virtual/pkgconfig
+"
+
+# CVE-2025-32898, CVE-2025-32900; bug 953443
+PATCHES=( "${WORKDIR}/${P}-patchset" )
+
+src_configure() {
+       # -Werror=lto-type-mismatch
+       # https://bugs.gentoo.org/921648
+       # https://bugs.kde.org/show_bug.cgi?id=480522
+       filter-lto
+
+       local mycmakeargs=(
+               -DMDNS_ENABLED=$(usex zeroconf)
+               -DBLUETOOTH_ENABLED=$(usex bluetooth)
+               -DWITH_PULSEAUDIO=$(usex pulseaudio)
+               $(cmake_use_find_package telephony KF6ModemManagerQt)
+               -DWITH_X11=$(usex X)
+       )
+       ecm_src_configure
+}
+
+pkg_postinst() {
+       ecm_pkg_postinst
+
+       elog "The Android .apk file is available via"
+       elog 
"https://play.google.com/store/apps/details?id=org.kde.kdeconnect_tp";
+       elog "or via"
+       elog "https://f-droid.org/packages/org.kde.kdeconnect_tp/";
+}

Reply via email to