diff options
author | rakuco <rakuco@FreeBSD.org> | 2014-11-21 05:31:54 +0800 |
---|---|---|
committer | rakuco <rakuco@FreeBSD.org> | 2014-11-21 05:31:54 +0800 |
commit | 24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f (patch) | |
tree | 0c48d003c2ade5b580e4e222349ed3f3c7cad023 /x11/kde4-runtime | |
parent | ac16a0641f6481c766c4bd605d9e042824bd313d (diff) | |
download | freebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.tar.gz freebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.tar.zst freebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.zip |
Add upstream patch for CVE-2014-8600 (insufficient input validation).
MFH: 2014Q4
Security: 890b6b22-70fa-11e4-91ae-5453ed2e2b49
Diffstat (limited to 'x11/kde4-runtime')
-rw-r--r-- | x11/kde4-runtime/Makefile | 2 | ||||
-rw-r--r-- | x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp | 25 |
2 files changed, 26 insertions, 1 deletions
diff --git a/x11/kde4-runtime/Makefile b/x11/kde4-runtime/Makefile index 0801c0f24d69..f6273cd1046a 100644 --- a/x11/kde4-runtime/Makefile +++ b/x11/kde4-runtime/Makefile @@ -2,7 +2,7 @@ PORTNAME= kde-runtime PORTVERSION= ${KDE4_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} diff --git a/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp b/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp new file mode 100644 index 000000000000..7fb7b14a6130 --- /dev/null +++ b/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp @@ -0,0 +1,25 @@ +commit d68703900edc8416fbcd2550cd336cbbb76decb9 +Author: Martin Sandsmark <martin.sandsmark@kde.org> +Date: Thu Nov 13 13:29:01 2014 +0100 + + Sanitize path + +--- kioslave/bookmarks/kio_bookmarks.cpp ++++ kioslave/bookmarks/kio_bookmarks.cpp +@@ -22,6 +22,7 @@ + #include <stdlib.h> + + #include <qregexp.h> ++#include <qtextdocument.h> + + #include <kapplication.h> + #include <kcmdlineargs.h> +@@ -197,7 +198,7 @@ void BookmarksProtocol::get( const KUrl& url ) + echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size")); + } else { + echoHead(); +- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>"); ++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>"); + } + finished(); + } |