Date: Thu, 20 Nov 2014 21:31:55 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r372966 - in head/x11/kde4-runtime: . files Message-ID: <201411202131.sAKLVtlv099958@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Thu Nov 20 21:31:54 2014 New Revision: 372966 URL: https://svnweb.freebsd.org/changeset/ports/372966 QAT: https://qat.redports.org/buildarchive/r372966/ Log: Add upstream patch for CVE-2014-8600 (insufficient input validation). MFH: 2014Q4 Security: 890b6b22-70fa-11e4-91ae-5453ed2e2b49 Added: head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp (contents, props changed) Modified: head/x11/kde4-runtime/Makefile Modified: head/x11/kde4-runtime/Makefile ============================================================================== --- head/x11/kde4-runtime/Makefile Thu Nov 20 21:31:17 2014 (r372965) +++ head/x11/kde4-runtime/Makefile Thu Nov 20 21:31:54 2014 (r372966) @@ -2,7 +2,7 @@ PORTNAME= kde-runtime PORTVERSION= ${KDE4_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} Added: head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp Thu Nov 20 21:31:54 2014 (r372966) @@ -0,0 +1,25 @@ +commit d68703900edc8416fbcd2550cd336cbbb76decb9 +Author: Martin Sandsmark <martin.sandsmark@kde.org> +Date: Thu Nov 13 13:29:01 2014 +0100 + + Sanitize path + +--- kioslave/bookmarks/kio_bookmarks.cpp ++++ kioslave/bookmarks/kio_bookmarks.cpp +@@ -22,6 +22,7 @@ + #include <stdlib.h> + + #include <qregexp.h> ++#include <qtextdocument.h> + + #include <kapplication.h> + #include <kcmdlineargs.h> +@@ -197,7 +198,7 @@ void BookmarksProtocol::get( const KUrl& url ) + echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size")); + } else { + echoHead(); +- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>"); ++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>"); + } + finished(); + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411202131.sAKLVtlv099958>