aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlofi <lofi@FreeBSD.org>2007-02-07 01:49:02 +0800
committerlofi <lofi@FreeBSD.org>2007-02-07 01:49:02 +0800
commitd016f9875ba996038870a3677ef3554b6eeaea02 (patch)
tree95866dc7ac7860e88006753914e9e7271dd2c491
parent2b6b72a0944568d8b301b3e0c7a7bb0885e1b5f9 (diff)
downloadfreebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.tar.gz
freebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.tar.zst
freebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.zip
Fix khtml/konqueror title XSS vulnerability.
Security: CVE-2007-0537
-rw-r--r--x11/kdelibs3/Makefile7
-rw-r--r--x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff20
-rw-r--r--x11/kdelibs4/Makefile7
-rw-r--r--x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff20
4 files changed, 48 insertions, 6 deletions
diff --git a/x11/kdelibs3/Makefile b/x11/kdelibs3/Makefile
index 9bed0607508a..8f824dac35cf 100644
--- a/x11/kdelibs3/Makefile
+++ b/x11/kdelibs3/Makefile
@@ -8,8 +8,8 @@
PORTNAME= kdelibs
PORTVERSION= ${KDE_VERSION}
-PORTREVISION= 1
-CATEGORIES= x11 kde
+PORTREVISION= 2
+CATEGORIES= x11 kde ipv6
MASTER_SITES= ${MASTER_SITE_KDE}
MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src
PKGNAMESUFFIX?= # empty
@@ -18,6 +18,7 @@ DIST_SUBDIR= KDE
MAINTAINER= kde@FreeBSD.org
COMMENT= Base set of libraries needed by KDE programs
+DEPENDS= ${PORTSDIR}/misc/kdehier
BUILD_DEPENDS= mkfontdir:${X_CLIENTS_PORT}
LIB_DEPENDS= IlmImf:${PORTSDIR}/graphics/OpenEXR \
art_lgpl_2.5:${PORTSDIR}/graphics/libart_lgpl \
@@ -56,7 +57,7 @@ USE_OPENSSL= yes
USE_QT_VER= 3
PREFIX= ${KDE_PREFIX}
-INSTALLS_SHLIB= yes
+USE_LDCONFIG= yes
LDCONFIG_DIRS+= %%PREFIX%%/lib %%PREFIX%%/lib/kde3
USE_AUTOTOOLS= libtool:15
diff --git a/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff b/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff
new file mode 100644
index 000000000000..5b44a47ef7a5
--- /dev/null
+++ b/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff
@@ -0,0 +1,20 @@
+--- khtml/html/htmltokenizer.cpp
++++ khtml/html/htmltokenizer.cpp
+@@ -316,7 +316,7 @@ void HTMLTokenizer::parseSpecial(Tokeniz
+ while ( !src.isEmpty() ) {
+ checkScriptBuffer();
+ unsigned char ch = src->latin1();
+- if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && !title && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
++ if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
+ comment = true;
+ scriptCode[ scriptCodeSize++ ] = ch;
+ ++src;
+@@ -495,7 +495,7 @@ void HTMLTokenizer::parseComment(Tokeniz
+
+ if (canClose || handleBrokenComments || scriptEnd ){
+ ++src;
+- if ( !( script || xmp || textarea || style) ) {
++ if ( !( title || script || xmp || textarea || style) ) {
+ #ifdef COMMENTS_IN_DOM
+ checkScriptBuffer();
+ scriptCode[ scriptCodeSize ] = 0;
diff --git a/x11/kdelibs4/Makefile b/x11/kdelibs4/Makefile
index 9bed0607508a..8f824dac35cf 100644
--- a/x11/kdelibs4/Makefile
+++ b/x11/kdelibs4/Makefile
@@ -8,8 +8,8 @@
PORTNAME= kdelibs
PORTVERSION= ${KDE_VERSION}
-PORTREVISION= 1
-CATEGORIES= x11 kde
+PORTREVISION= 2
+CATEGORIES= x11 kde ipv6
MASTER_SITES= ${MASTER_SITE_KDE}
MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src
PKGNAMESUFFIX?= # empty
@@ -18,6 +18,7 @@ DIST_SUBDIR= KDE
MAINTAINER= kde@FreeBSD.org
COMMENT= Base set of libraries needed by KDE programs
+DEPENDS= ${PORTSDIR}/misc/kdehier
BUILD_DEPENDS= mkfontdir:${X_CLIENTS_PORT}
LIB_DEPENDS= IlmImf:${PORTSDIR}/graphics/OpenEXR \
art_lgpl_2.5:${PORTSDIR}/graphics/libart_lgpl \
@@ -56,7 +57,7 @@ USE_OPENSSL= yes
USE_QT_VER= 3
PREFIX= ${KDE_PREFIX}
-INSTALLS_SHLIB= yes
+USE_LDCONFIG= yes
LDCONFIG_DIRS+= %%PREFIX%%/lib %%PREFIX%%/lib/kde3
USE_AUTOTOOLS= libtool:15
diff --git a/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff b/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff
new file mode 100644
index 000000000000..5b44a47ef7a5
--- /dev/null
+++ b/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff
@@ -0,0 +1,20 @@
+--- khtml/html/htmltokenizer.cpp
++++ khtml/html/htmltokenizer.cpp
+@@ -316,7 +316,7 @@ void HTMLTokenizer::parseSpecial(Tokeniz
+ while ( !src.isEmpty() ) {
+ checkScriptBuffer();
+ unsigned char ch = src->latin1();
+- if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && !title && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
++ if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) {
+ comment = true;
+ scriptCode[ scriptCodeSize++ ] = ch;
+ ++src;
+@@ -495,7 +495,7 @@ void HTMLTokenizer::parseComment(Tokeniz
+
+ if (canClose || handleBrokenComments || scriptEnd ){
+ ++src;
+- if ( !( script || xmp || textarea || style) ) {
++ if ( !( title || script || xmp || textarea || style) ) {
+ #ifdef COMMENTS_IN_DOM
+ checkScriptBuffer();
+ scriptCode[ scriptCodeSize ] = 0;