diff options
| author | rakuco <rakuco@FreeBSD.org> | 2014-07-17 04:13:17 +0800 |
|---|---|---|
| committer | rakuco <rakuco@FreeBSD.org> | 2014-07-17 04:13:17 +0800 |
| commit | 94aefa820499d21e8a3eeb07a566359ed7eaf375 (patch) | |
| tree | c921926e16d2980f52ace56db19d5b426121de88 /x11 | |
| parent | 05b6ec27790c6d680a247e5fa70da7321bdf20ac (diff) | |
| download | freebsd-ports-gnome-94aefa820499d21e8a3eeb07a566359ed7eaf375.tar.gz freebsd-ports-gnome-94aefa820499d21e8a3eeb07a566359ed7eaf375.tar.zst freebsd-ports-gnome-94aefa820499d21e8a3eeb07a566359ed7eaf375.zip | |
Add patch to fix a SSL MITM vulnerability in the POP3 ioslave.
MFH: 2014Q3
Security: 4a114331-0d24-11e4-8dd2-5453ed2e2b49
Diffstat (limited to 'x11')
| -rw-r--r-- | x11/kdelibs4/Makefile | 2 | ||||
| -rw-r--r-- | x11/kdelibs4/files/patch-CVE-2014-3494 | 56 |
2 files changed, 57 insertions, 1 deletions
diff --git a/x11/kdelibs4/Makefile b/x11/kdelibs4/Makefile index ea528049d457..87a7684180db 100644 --- a/x11/kdelibs4/Makefile +++ b/x11/kdelibs4/Makefile @@ -3,7 +3,7 @@ PORTNAME= kdelibs PORTVERSION= ${KDE4_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} diff --git a/x11/kdelibs4/files/patch-CVE-2014-3494 b/x11/kdelibs4/files/patch-CVE-2014-3494 new file mode 100644 index 000000000000..ec4f86be9797 --- /dev/null +++ b/x11/kdelibs4/files/patch-CVE-2014-3494 @@ -0,0 +1,56 @@ +From: David Faure <faure@kde.org> +Date: Wed, 18 Jun 2014 18:29:04 +0000 +Subject: Don't require a job to handle messageboxes. +X-Git-Tag: v4.13.3 +X-Git-Url: http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d +--- +Don't require a job to handle messageboxes. + +The POP3 ioslave doesn't have a job when it gets here. +--- + + +--- kio/kio/usernotificationhandler.cpp ++++ kio/kio/usernotificationhandler.cpp +@@ -19,7 +19,7 @@ + #include "usernotificationhandler_p.h" + + #include "slave.h" +-#include "job_p.h" ++#include "jobuidelegate.h" + + #include <kdebug.h> + +@@ -76,19 +76,18 @@ + + if (m_cachedResults.contains(key)) { + result = *(m_cachedResults[key]); +- } else if (r->slave->job()) { +- SimpleJobPrivate* jobPrivate = SimpleJobPrivate::get(r->slave->job()); +- if (jobPrivate) { +- result = jobPrivate->requestMessageBox(r->type, +- r->data.value(MSG_TEXT).toString(), +- r->data.value(MSG_CAPTION).toString(), +- r->data.value(MSG_YES_BUTTON_TEXT).toString(), +- r->data.value(MSG_NO_BUTTON_TEXT).toString(), +- r->data.value(MSG_YES_BUTTON_ICON).toString(), +- r->data.value(MSG_NO_BUTTON_ICON).toString(), +- r->data.value(MSG_DONT_ASK_AGAIN).toString(), +- r->data.value(MSG_META_DATA).toMap()); +- } ++ } else { ++ JobUiDelegate ui; ++ const JobUiDelegate::MessageBoxType type = static_cast<JobUiDelegate::MessageBoxType>(r->type); ++ result = ui.requestMessageBox(type, ++ r->data.value(MSG_TEXT).toString(), ++ r->data.value(MSG_CAPTION).toString(), ++ r->data.value(MSG_YES_BUTTON_TEXT).toString(), ++ r->data.value(MSG_NO_BUTTON_TEXT).toString(), ++ r->data.value(MSG_YES_BUTTON_ICON).toString(), ++ r->data.value(MSG_NO_BUTTON_ICON).toString(), ++ r->data.value(MSG_DONT_ASK_AGAIN).toString(), ++ r->data.value(MSG_META_DATA).toMap()); + m_cachedResults.insert(key, new int(result)); + } + } else { + |