Date: Mon, 26 Apr 2010 03:26:50 +0200 From: Oliver Pinter <oliver.pntr@gmail.com> To: freebsd-ports@freebsd.org Cc: stable@freebsd.org Subject: Fwd: kdebase3 - CVE-2010-0436 Message-ID: <s2q6101e8c41004251826l6e33ced8h28631d26a8e31040@mail.gmail.com> In-Reply-To: <p2q6101e8c41004241531i4cad7050y90827f7d1547fecd@mail.gmail.com> References: <p2q6101e8c41004241531i4cad7050y90827f7d1547fecd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--000325556c92d57558048519ab6a Content-Type: text/plain; charset=ISO-8859-1 this errata is fixed in kde4 and not yet in kde3 @ports... ---------- Forwarded message ---------- From: Oliver Pinter <oliver.pntr@gmail.com> Date: Sun, 25 Apr 2010 00:31:03 +0200 Subject: kdebase3 - CVE-2010-0436 To: kde@freebsd.org hi all! some RH patches for cve-2010-0436: final: https://bugzilla.redhat.com/attachment.cgi?id=400244&action=diff (I think this for kde4, it depend on cmake) v1/1: https://bugzilla.redhat.com/attachment.cgi?id=401213&action=diff v1/2: https://bugzilla.redhat.com/attachment.cgi?id=401214&action=diff and attached patch for kdm-kde3 from Red Hat kdebase3 source --000325556c92d57558048519ab6a Content-Type: text/x-diff; charset=US-ASCII; name="kdebase-3.5.4-kdm-CVE-2010-0436.patch" Content-Disposition: attachment; filename="kdebase-3.5.4-kdm-CVE-2010-0436.patch" Content-Transfer-Encoding: base64 X-Attachment-Id: file0 ZGlmZiAtdXAga2RlYmFzZS0zLjUuNC9rZG0vYmFja2VuZC9jdHJsLmMudGhhbiBrZGViYXNlLTMu NS40L2tkbS9iYWNrZW5kL2N0cmwuYwotLS0ga2RlYmFzZS0zLjUuNC9rZG0vYmFja2VuZC9jdHJs LmMudGhhbgkyMDEwLTAzLTE5IDEyOjQyOjUyLjAwMDAwMDAwMCArMDEwMAorKysga2RlYmFzZS0z LjUuNC9rZG0vYmFja2VuZC9jdHJsLmMJMjAxMC0wMy0xOSAxMjo1MDozMC4wMDAwMDAwMDAgKzAx MDAKQEAgLTE0MCwyMiArMTQwLDI0IEBAIG9wZW5DdHJsKCBzdHJ1Y3QgZGlzcGxheSAqZCApCiAJ CQkJaWYgKHN0cmxlbiggY3ItPnBhdGggKSA+PSBzaXplb2Yoc2Euc3VuX3BhdGgpKQogCQkJCQlM b2dFcnJvciggInBhdGggJVwicyB0b28gbG9uZzsgbm8gY29udHJvbCBzb2NrZXRzIHdpbGwgYmUg YXZhaWxhYmxlXG4iLAogCQkJCQkgICAgICAgICAgY3ItPnBhdGggKTsKLQkJCQllbHNlIGlmICht a2Rpciggc29ja2RpciwgMDc1NSApICYmIGVycm5vICE9IEVFWElTVCkKKwkJCQllbHNlIGlmICht a2Rpciggc29ja2RpciwgMDcwMCApICYmIGVycm5vICE9IEVFWElTVCkKIAkJCQkJTG9nRXJyb3Io ICJta2RpciAlXCJzIGZhaWxlZDsgbm8gY29udHJvbCBzb2NrZXRzIHdpbGwgYmUgYXZhaWxhYmxl XG4iLAogCQkJCQkgICAgICAgICAgc29ja2RpciApOworCQkJCWVsc2UgaWYgKHVubGluayggY3It PnBhdGggKSAmJiBlcnJubyAhPSBFTk9FTlQpCisJCQkJCUxvZ0Vycm9yKCAidW5saW5rICVcInMg ZmFpbGVkOiAlbTsgY29udHJvbCBzb2NrZXQgd2lsbCBub3QgYmUgYXZhaWxhYmxlXG4iLAorCQkJ CQkgICAgICAgICAgY3ItPnBhdGggKTsKIAkJCQllbHNlIHsKLQkJCQkJaWYgKCFkKQotCQkJCQkJ Y2hvd24oIHNvY2tkaXIsIC0xLCBmaWZvR3JvdXAgKTsKLQkJCQkJY2htb2QoIHNvY2tkaXIsIDA3 NTAgKTsKIAkJCQkJaWYgKChjci0+ZmQgPSBzb2NrZXQoIFBGX1VOSVgsIFNPQ0tfU1RSRUFNLCAw ICkpIDwgMCkKIAkJCQkJCUxvZ0Vycm9yKCAiQ2Fubm90IGNyZWF0ZSBjb250cm9sIHNvY2tldFxu IiApOwogCQkJCQllbHNlIHsKLQkJCQkJCXVubGluayggY3ItPnBhdGggKTsKIAkJCQkJCXNhLnN1 bl9mYW1pbHkgPSBBRl9VTklYOwogCQkJCQkJc3RyY3B5KCBzYS5zdW5fcGF0aCwgY3ItPnBhdGgg KTsKIAkJCQkJCWlmICghYmluZCggY3ItPmZkLCAoc3RydWN0IHNvY2thZGRyICopJnNhLCBzaXpl b2Yoc2EpICkpIHsKIAkJCQkJCQlpZiAoIWxpc3RlbiggY3ItPmZkLCA1ICkpIHsKLQkJCQkJCQkJ Y2htb2QoIGNyLT5wYXRoLCAwNjY2ICk7CisJCQkJCQkJCWNobW9kKCBjci0+cGF0aCwgMDY2MCAp OworCQkJCQkJCQlpZiAoIWQpCisJCQkJCQkJCSAgIGNob3duKCBjci0+cGF0aCwgLTEsIGZpZm9H cm91cCApOworCQkJCQkJCQljaG1vZCggc29ja2RpciwgMDc1NSApOwogCQkJCQkJCQlSZWdpc3Rl ckNsb3NlT25Gb3JrKCBjci0+ZmQgKTsKIAkJCQkJCQkJUmVnaXN0ZXJJbnB1dCggY3ItPmZkICk7 CiAJCQkJCQkJCWZyZWUoIHNvY2tkaXIgKTsKQEAgLTIxOCwxMiArMjIwLDggQEAgY2hvd25DdHJs KCBDdHJsUmVjICpjciwgaW50IHVpZCApCiB7CiAJaWYgKGNyLT5mcGF0aCkKIAkJY2hvd24oIGNy LT5mcGF0aCwgdWlkLCAtMSApOwotCWlmIChjci0+cGF0aCkgewotCQljaGFyICpwdHIgPSBzdHJy Y2hyKCBjci0+cGF0aCwgJy8nICk7Ci0JCSpwdHIgPSAwOworCWlmIChjci0+cGF0aCkKIAkJY2hv d24oIGNyLT5wYXRoLCB1aWQsIC0xICk7Ci0JCSpwdHIgPSAnLyc7Ci0JfQogfQogCiB2b2lkCg== --000325556c92d57558048519ab6a--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?s2q6101e8c41004251826l6e33ced8h28631d26a8e31040>