aboutsummaryrefslogtreecommitdiffstats
path: root/x11/kde4-runtime
diff options
context:
space:
mode:
authorrakuco <rakuco@FreeBSD.org>2014-11-21 05:31:54 +0800
committerrakuco <rakuco@FreeBSD.org>2014-11-21 05:31:54 +0800
commit24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f (patch)
tree0c48d003c2ade5b580e4e222349ed3f3c7cad023 /x11/kde4-runtime
parentac16a0641f6481c766c4bd605d9e042824bd313d (diff)
downloadfreebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.tar.gz
freebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.tar.zst
freebsd-ports-gnome-24c4e53f1f645b93f51fd229d3f0d6f3fed1cb4f.zip
Add upstream patch for CVE-2014-8600 (insufficient input validation).
MFH: 2014Q4 Security: 890b6b22-70fa-11e4-91ae-5453ed2e2b49
Diffstat (limited to 'x11/kde4-runtime')
-rw-r--r--x11/kde4-runtime/Makefile2
-rw-r--r--x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp25
2 files changed, 26 insertions, 1 deletions
diff --git a/x11/kde4-runtime/Makefile b/x11/kde4-runtime/Makefile
index 0801c0f24d69..f6273cd1046a 100644
--- a/x11/kde4-runtime/Makefile
+++ b/x11/kde4-runtime/Makefile
@@ -2,7 +2,7 @@
PORTNAME= kde-runtime
PORTVERSION= ${KDE4_VERSION}
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= x11 kde
MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src
DIST_SUBDIR= KDE/${PORTVERSION}
diff --git a/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp b/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp
new file mode 100644
index 000000000000..7fb7b14a6130
--- /dev/null
+++ b/x11/kde4-runtime/files/patch-kioslave__bookmarks__kio_bookmarks.cpp
@@ -0,0 +1,25 @@
+commit d68703900edc8416fbcd2550cd336cbbb76decb9
+Author: Martin Sandsmark <martin.sandsmark@kde.org>
+Date: Thu Nov 13 13:29:01 2014 +0100
+
+ Sanitize path
+
+--- kioslave/bookmarks/kio_bookmarks.cpp
++++ kioslave/bookmarks/kio_bookmarks.cpp
+@@ -22,6 +22,7 @@
+ #include <stdlib.h>
+
+ #include <qregexp.h>
++#include <qtextdocument.h>
+
+ #include <kapplication.h>
+ #include <kcmdlineargs.h>
+@@ -197,7 +198,7 @@ void BookmarksProtocol::get( const KUrl& url )
+ echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size"));
+ } else {
+ echoHead();
+- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>");
++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>");
+ }
+ finished();
+ }