diff options
author | lofi <lofi@FreeBSD.org> | 2007-02-07 01:49:02 +0800 |
---|---|---|
committer | lofi <lofi@FreeBSD.org> | 2007-02-07 01:49:02 +0800 |
commit | d016f9875ba996038870a3677ef3554b6eeaea02 (patch) | |
tree | 95866dc7ac7860e88006753914e9e7271dd2c491 | |
parent | 2b6b72a0944568d8b301b3e0c7a7bb0885e1b5f9 (diff) | |
download | freebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.tar.gz freebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.tar.zst freebsd-ports-gnome-d016f9875ba996038870a3677ef3554b6eeaea02.zip |
Fix khtml/konqueror title XSS vulnerability.
Security: CVE-2007-0537
-rw-r--r-- | x11/kdelibs3/Makefile | 7 | ||||
-rw-r--r-- | x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff | 20 | ||||
-rw-r--r-- | x11/kdelibs4/Makefile | 7 | ||||
-rw-r--r-- | x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff | 20 |
4 files changed, 48 insertions, 6 deletions
diff --git a/x11/kdelibs3/Makefile b/x11/kdelibs3/Makefile index 9bed0607508a..8f824dac35cf 100644 --- a/x11/kdelibs3/Makefile +++ b/x11/kdelibs3/Makefile @@ -8,8 +8,8 @@ PORTNAME= kdelibs PORTVERSION= ${KDE_VERSION} -PORTREVISION= 1 -CATEGORIES= x11 kde +PORTREVISION= 2 +CATEGORIES= x11 kde ipv6 MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src PKGNAMESUFFIX?= # empty @@ -18,6 +18,7 @@ DIST_SUBDIR= KDE MAINTAINER= kde@FreeBSD.org COMMENT= Base set of libraries needed by KDE programs +DEPENDS= ${PORTSDIR}/misc/kdehier BUILD_DEPENDS= mkfontdir:${X_CLIENTS_PORT} LIB_DEPENDS= IlmImf:${PORTSDIR}/graphics/OpenEXR \ art_lgpl_2.5:${PORTSDIR}/graphics/libart_lgpl \ @@ -56,7 +57,7 @@ USE_OPENSSL= yes USE_QT_VER= 3 PREFIX= ${KDE_PREFIX} -INSTALLS_SHLIB= yes +USE_LDCONFIG= yes LDCONFIG_DIRS+= %%PREFIX%%/lib %%PREFIX%%/lib/kde3 USE_AUTOTOOLS= libtool:15 diff --git a/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff b/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff new file mode 100644 index 000000000000..5b44a47ef7a5 --- /dev/null +++ b/x11/kdelibs3/files/patch-post-3.5.6-kdelibs.diff @@ -0,0 +1,20 @@ +--- khtml/html/htmltokenizer.cpp ++++ khtml/html/htmltokenizer.cpp +@@ -316,7 +316,7 @@ void HTMLTokenizer::parseSpecial(Tokeniz + while ( !src.isEmpty() ) { + checkScriptBuffer(); + unsigned char ch = src->latin1(); +- if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && !title && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) { ++ if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) { + comment = true; + scriptCode[ scriptCodeSize++ ] = ch; + ++src; +@@ -495,7 +495,7 @@ void HTMLTokenizer::parseComment(Tokeniz + + if (canClose || handleBrokenComments || scriptEnd ){ + ++src; +- if ( !( script || xmp || textarea || style) ) { ++ if ( !( title || script || xmp || textarea || style) ) { + #ifdef COMMENTS_IN_DOM + checkScriptBuffer(); + scriptCode[ scriptCodeSize ] = 0; diff --git a/x11/kdelibs4/Makefile b/x11/kdelibs4/Makefile index 9bed0607508a..8f824dac35cf 100644 --- a/x11/kdelibs4/Makefile +++ b/x11/kdelibs4/Makefile @@ -8,8 +8,8 @@ PORTNAME= kdelibs PORTVERSION= ${KDE_VERSION} -PORTREVISION= 1 -CATEGORIES= x11 kde +PORTREVISION= 2 +CATEGORIES= x11 kde ipv6 MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src PKGNAMESUFFIX?= # empty @@ -18,6 +18,7 @@ DIST_SUBDIR= KDE MAINTAINER= kde@FreeBSD.org COMMENT= Base set of libraries needed by KDE programs +DEPENDS= ${PORTSDIR}/misc/kdehier BUILD_DEPENDS= mkfontdir:${X_CLIENTS_PORT} LIB_DEPENDS= IlmImf:${PORTSDIR}/graphics/OpenEXR \ art_lgpl_2.5:${PORTSDIR}/graphics/libart_lgpl \ @@ -56,7 +57,7 @@ USE_OPENSSL= yes USE_QT_VER= 3 PREFIX= ${KDE_PREFIX} -INSTALLS_SHLIB= yes +USE_LDCONFIG= yes LDCONFIG_DIRS+= %%PREFIX%%/lib %%PREFIX%%/lib/kde3 USE_AUTOTOOLS= libtool:15 diff --git a/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff b/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff new file mode 100644 index 000000000000..5b44a47ef7a5 --- /dev/null +++ b/x11/kdelibs4/files/patch-post-3.5.6-kdelibs.diff @@ -0,0 +1,20 @@ +--- khtml/html/htmltokenizer.cpp ++++ khtml/html/htmltokenizer.cpp +@@ -316,7 +316,7 @@ void HTMLTokenizer::parseSpecial(Tokeniz + while ( !src.isEmpty() ) { + checkScriptBuffer(); + unsigned char ch = src->latin1(); +- if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && !title && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) { ++ if ( !scriptCodeResync && !brokenComments && !textarea && !xmp && ch == '-' && scriptCodeSize >= 3 && !src.escaped() && QConstString( scriptCode+scriptCodeSize-3, 3 ).string() == "<!-" ) { + comment = true; + scriptCode[ scriptCodeSize++ ] = ch; + ++src; +@@ -495,7 +495,7 @@ void HTMLTokenizer::parseComment(Tokeniz + + if (canClose || handleBrokenComments || scriptEnd ){ + ++src; +- if ( !( script || xmp || textarea || style) ) { ++ if ( !( title || script || xmp || textarea || style) ) { + #ifdef COMMENTS_IN_DOM + checkScriptBuffer(); + scriptCode[ scriptCodeSize ] = 0; |