From owner-svn-ports-all@FreeBSD.ORG Fri Nov 21 08:24:47 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1320DEF7; Fri, 21 Nov 2014 08:24:47 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D9635B8E; Fri, 21 Nov 2014 08:24:46 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sAL8OkiW055500; Fri, 21 Nov 2014 08:24:46 GMT (envelope-from rakuco@FreeBSD.org) Received: (from rakuco@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sAL8OkGF055496; Fri, 21 Nov 2014 08:24:46 GMT (envelope-from rakuco@FreeBSD.org) Message-Id: <201411210824.sAL8OkGF055496@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: rakuco set sender to rakuco@FreeBSD.org using -f From: Raphael Kubo da Costa Date: Fri, 21 Nov 2014 08:24:46 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r372983 - in branches/2014Q4/x11/kde4-runtime: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Nov 2014 08:24:47 -0000 Author: rakuco Date: Fri Nov 21 08:24:45 2014 New Revision: 372983 URL: https://svnweb.freebsd.org/changeset/ports/372983 QAT: https://qat.redports.org/buildarchive/r372983/ Log: MFH: r372966 Add upstream patch for CVE-2014-8600 (insufficient input validation). Security: 890b6b22-70fa-11e4-91ae-5453ed2e2b49 Approved by: ports-secteam (rea) Added: branches/2014Q4/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp - copied unchanged from r372966, head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp Modified: branches/2014Q4/x11/kde4-runtime/Makefile Directory Properties: branches/2014Q4/ (props changed) Modified: branches/2014Q4/x11/kde4-runtime/Makefile ============================================================================== --- branches/2014Q4/x11/kde4-runtime/Makefile Fri Nov 21 08:20:01 2014 (r372982) +++ branches/2014Q4/x11/kde4-runtime/Makefile Fri Nov 21 08:24:45 2014 (r372983) @@ -2,7 +2,7 @@ PORTNAME= kde-runtime PORTVERSION= ${KDE4_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} Copied: branches/2014Q4/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp (from r372966, head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q4/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp Fri Nov 21 08:24:45 2014 (r372983, copy of r372966, head/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp) @@ -0,0 +1,25 @@ +commit d68703900edc8416fbcd2550cd336cbbb76decb9 +Author: Martin Sandsmark +Date: Thu Nov 13 13:29:01 2014 +0100 + + Sanitize path + +--- kioslave/bookmarks/kio_bookmarks.cpp ++++ kioslave/bookmarks/kio_bookmarks.cpp +@@ -22,6 +22,7 @@ + #include + + #include ++#include + + #include + #include +@@ -197,7 +198,7 @@ void BookmarksProtocol::get( const KUrl& url ) + echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size")); + } else { + echoHead(); +- echo("

" + i18n("Wrong request: %1",path) + "

"); ++ echo("

" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "

"); + } + finished(); + }