From 53734255ec270b0814946350787393dfcaa2a5a9 Mon Sep 17 00:00:00 2001
From: Benoit Marty <benoit@matrix.org>
Date: Fri, 16 Feb 2024 11:49:30 +0100
Subject: [PATCH 1/4] Add a check on incoming intent.

---
 changelog.d/+check-intent.bugfix              |  1 +
 .../im/vector/app/features/MainActivity.kt    | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 changelog.d/+check-intent.bugfix

diff --git a/changelog.d/+check-intent.bugfix b/changelog.d/+check-intent.bugfix
new file mode 100644
index 0000000000..728ae13275
--- /dev/null
+++ b/changelog.d/+check-intent.bugfix
@@ -0,0 +1 @@
+Add a check on incoming intent.
diff --git a/vector/src/main/java/im/vector/app/features/MainActivity.kt b/vector/src/main/java/im/vector/app/features/MainActivity.kt
index c8aa108ccb..0f0ac83903 100644
--- a/vector/src/main/java/im/vector/app/features/MainActivity.kt
+++ b/vector/src/main/java/im/vector/app/features/MainActivity.kt
@@ -39,6 +39,9 @@ import im.vector.app.features.analytics.VectorAnalytics
 import im.vector.app.features.analytics.plan.ViewRoom
 import im.vector.app.features.home.HomeActivity
 import im.vector.app.features.home.ShortcutsHandler
+import im.vector.app.features.home.room.detail.RoomDetailActivity
+import im.vector.app.features.home.room.threads.ThreadsActivity
+import im.vector.app.features.location.live.map.LiveLocationMapViewActivity
 import im.vector.app.features.notifications.NotificationDrawerManager
 import im.vector.app.features.pin.UnlockedActivity
 import im.vector.app.features.pin.lockscreen.crypto.LockScreenKeyRepository
@@ -115,6 +118,14 @@ class MainActivity : VectorBaseActivity<ActivityMainBinding>(), UnlockedActivity
                 putExtra(EXTRA_ROOM_ID, roomId)
             }
         }
+
+        val allowList = listOf(
+                HomeActivity::class.java.name,
+                MainActivity::class.java.name,
+                RoomDetailActivity::class.java.name,
+                ThreadsActivity::class.java.name,
+                LiveLocationMapViewActivity::class.java.name,
+        )
     }
 
     private val startAppViewModel: StartAppViewModel by viewModel()
@@ -186,6 +197,7 @@ class MainActivity : VectorBaseActivity<ActivityMainBinding>(), UnlockedActivity
             // Start the next Activity
             startSyncing()
             val nextIntent = intent.getParcelableExtraCompat<Intent>(EXTRA_NEXT_INTENT)
+                    ?.takeIf { it.isValid() }
             startIntentAndFinish(nextIntent)
         } else if (intent.hasExtra(EXTRA_INIT_SESSION)) {
             startSyncing()
@@ -380,4 +392,11 @@ class MainActivity : VectorBaseActivity<ActivityMainBinding>(), UnlockedActivity
         intent?.let { startActivity(it) }
         finish()
     }
+
+    private fun Intent.isValid(): Boolean {
+        val componentName = resolveActivity(packageManager) ?: return false
+        val packageName = componentName.packageName
+        val className = componentName.className
+        return packageName == buildMeta.applicationId && className in allowList
+    }
 }

From 8f9695a9a8d944cb9b92568cbd76578c51d32e07 Mon Sep 17 00:00:00 2001
From: Benoit Marty <benoit@matrix.org>
Date: Fri, 16 Feb 2024 11:51:56 +0100
Subject: [PATCH 2/4] Store temporary files created for Camera in the media
 folder.

---
 changelog.d/+picker.bugfix                                    | 1 +
 .../java/im/vector/lib/multipicker/utils/MediaFileUtils.kt    | 2 +-
 .../src/main/res/xml/multipicker_provider_paths.xml           | 4 ++--
 3 files changed, 4 insertions(+), 3 deletions(-)
 create mode 100644 changelog.d/+picker.bugfix

diff --git a/changelog.d/+picker.bugfix b/changelog.d/+picker.bugfix
new file mode 100644
index 0000000000..724d9a7355
--- /dev/null
+++ b/changelog.d/+picker.bugfix
@@ -0,0 +1 @@
+Store temporary files created for Camera in the media folder.
diff --git a/library/multipicker/src/main/java/im/vector/lib/multipicker/utils/MediaFileUtils.kt b/library/multipicker/src/main/java/im/vector/lib/multipicker/utils/MediaFileUtils.kt
index a029d5e6b1..5b40c4a789 100644
--- a/library/multipicker/src/main/java/im/vector/lib/multipicker/utils/MediaFileUtils.kt
+++ b/library/multipicker/src/main/java/im/vector/lib/multipicker/utils/MediaFileUtils.kt
@@ -24,7 +24,7 @@ import java.util.Locale
 
 internal fun createTemporaryMediaFile(context: Context, mediaType: MediaType): File {
     val timeStamp: String = SimpleDateFormat("yyyyMMdd_HHmmss", Locale.getDefault()).format(Date())
-    val storageDir: File = context.filesDir.also { it.mkdirs() }
+    val storageDir: File = File(context.filesDir, "media").also { it.mkdirs() }
     val fileSuffix = when (mediaType) {
         MediaType.IMAGE -> ".jpg"
         MediaType.VIDEO -> ".mp4"
diff --git a/library/multipicker/src/main/res/xml/multipicker_provider_paths.xml b/library/multipicker/src/main/res/xml/multipicker_provider_paths.xml
index ff9b81ce98..fd5f866c2b 100644
--- a/library/multipicker/src/main/res/xml/multipicker_provider_paths.xml
+++ b/library/multipicker/src/main/res/xml/multipicker_provider_paths.xml
@@ -2,5 +2,5 @@
 <paths>
     <files-path
         name="external_files"
-        path="." />
-</paths>
\ No newline at end of file
+        path="media" />
+</paths>

From bd124e12c2f23039829d3d97b53ff03866e11abb Mon Sep 17 00:00:00 2001
From: Benoit Marty <benoit@matrix.org>
Date: Fri, 16 Feb 2024 11:55:38 +0100
Subject: [PATCH 3/4] Changelog for version 1.6.12

---
 CHANGES.md                                     | 17 +++++++++++++++++
 changelog.d/+check-intent.bugfix               |  1 -
 changelog.d/+picker.bugfix                     |  1 -
 changelog.d/+update-login-splash-screen.bugfix |  1 -
 changelog.d/8744.bugfix                        |  1 -
 changelog.d/8749.bugfix                        |  1 -
 6 files changed, 17 insertions(+), 5 deletions(-)
 delete mode 100644 changelog.d/+check-intent.bugfix
 delete mode 100644 changelog.d/+picker.bugfix
 delete mode 100644 changelog.d/+update-login-splash-screen.bugfix
 delete mode 100644 changelog.d/8744.bugfix
 delete mode 100644 changelog.d/8749.bugfix

diff --git a/CHANGES.md b/CHANGES.md
index 5a0988d7cc..df477df4d4 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,20 @@
+Changes in Element v1.6.12 (2024-02-16)
+=======================================
+
+This update provides important security fixes, please update now.
+
+Security fixes 🔐
+-----------------
+ - Add a check on incoming intent. ([#1506 internal](https://github.com/matrix-org/internal-config/issues/1506))
+ - Store temporary files created for Camera in the media folder. ([#1505 internal](https://github.com/matrix-org/internal-config/issues/1505))
+
+Bugfixes 🐛
+----------
+ - Switch the position and styles of the 'already have an account' and 'create account' buttons in the login splash screen. Also changes the 'already have an account one' to just say 'sign in'. ([#+update-login-splash-screen](https://github.com/element-hq/element-android/issues/+update-login-splash-screen))
+ - Improve `Event.getClearContent()` and fix assignment issue that may help to decrypt last Event in the room list. ([#8744](https://github.com/element-hq/element-android/issues/8744))
+ - Fix issues about location Event avatar rendering. ([#8749](https://github.com/element-hq/element-android/issues/8749))
+
+
 Changes in Element v1.6.10 (2024-01-09)
 =======================================
 
diff --git a/changelog.d/+check-intent.bugfix b/changelog.d/+check-intent.bugfix
deleted file mode 100644
index 728ae13275..0000000000
--- a/changelog.d/+check-intent.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Add a check on incoming intent.
diff --git a/changelog.d/+picker.bugfix b/changelog.d/+picker.bugfix
deleted file mode 100644
index 724d9a7355..0000000000
--- a/changelog.d/+picker.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Store temporary files created for Camera in the media folder.
diff --git a/changelog.d/+update-login-splash-screen.bugfix b/changelog.d/+update-login-splash-screen.bugfix
deleted file mode 100644
index 1ea90a7eab..0000000000
--- a/changelog.d/+update-login-splash-screen.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Switch the position and styles of the 'already have an account' and 'create account' buttons in the login splash screen. Also changes the 'already have an account one' to just say 'sign in'.
diff --git a/changelog.d/8744.bugfix b/changelog.d/8744.bugfix
deleted file mode 100644
index 3ce7637059..0000000000
--- a/changelog.d/8744.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Improve `Event.getClearContent()` and fix assignment issue that may help to decrypt last Event in the room list.
diff --git a/changelog.d/8749.bugfix b/changelog.d/8749.bugfix
deleted file mode 100644
index d9166791bd..0000000000
--- a/changelog.d/8749.bugfix
+++ /dev/null
@@ -1 +0,0 @@
-Fix issues about location Event avatar rendering.

From 2831efd6e743d89a3686177014f646ea1615d236 Mon Sep 17 00:00:00 2001
From: Benoit Marty <benoit@matrix.org>
Date: Fri, 16 Feb 2024 11:56:24 +0100
Subject: [PATCH 4/4] Adding fastlane file for version 1.6.12

---
 fastlane/metadata/android/en-US/changelogs/40106120.txt | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 fastlane/metadata/android/en-US/changelogs/40106120.txt

diff --git a/fastlane/metadata/android/en-US/changelogs/40106120.txt b/fastlane/metadata/android/en-US/changelogs/40106120.txt
new file mode 100644
index 0000000000..4b10f5fdc0
--- /dev/null
+++ b/fastlane/metadata/android/en-US/changelogs/40106120.txt
@@ -0,0 +1,2 @@
+Main changes in this version: Security release.
+Full changelog: https://github.com/element-hq/element-android/releases