[arch-commits] Commit in kdelibs/repos/extra-i686 (CVE-2009-1725.patch PKGBUILD)
Pierre Schmitz
pierre at archlinux.org
Wed Jul 29 07:51:26 UTC 2009
Date: Wednesday, July 29, 2009 @ 03:51:25
Author: pierre
Revision: 47896
backport fix for FS#15706
Added:
kdelibs/repos/extra-i686/CVE-2009-1725.patch
Modified:
kdelibs/repos/extra-i686/PKGBUILD
---------------------+
CVE-2009-1725.patch | 11 +++++++++++
PKGBUILD | 10 +++++++---
2 files changed, 18 insertions(+), 3 deletions(-)
Added: CVE-2009-1725.patch
===================================================================
--- CVE-2009-1725.patch (rev 0)
+++ CVE-2009-1725.patch 2009-07-29 07:51:25 UTC (rev 47896)
@@ -0,0 +1,11 @@
+--- khtml/html/htmltokenizer.cpp 2007/01/24 16:15:54 626791
++++ khtml/html/htmltokenizer.cpp 2009/07/25 09:11:27 1002164
+@@ -736,7 +736,7 @@
+ #ifdef TOKEN_DEBUG
+ kdDebug( 6036 ) << "unknown entity!" << endl;
+ #endif
+- checkBuffer(10);
++ checkBuffer(11);
+ // ignore the sequence, add it to the buffer as plaintext
+ *dest++ = '&';
+ for(unsigned int i = 0; i < cBufferPos; i++)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2009-07-29 05:55:51 UTC (rev 47895)
+++ PKGBUILD 2009-07-29 07:51:25 UTC (rev 47896)
@@ -3,7 +3,7 @@
pkgname=kdelibs
pkgver=4.2.4
-pkgrel=4
+pkgrel=5
pkgdesc="KDE Core Libraries"
arch=('i686' 'x86_64')
url='http://www.kde.org'
@@ -17,11 +17,13 @@
options=('docs')
install='kdelibs.install'
source=("http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.bz2"
- 'kde-applications-menu.patch' 'archlinux-menu.patch' 'libjpeg-7.patch')
+ 'kde-applications-menu.patch' 'archlinux-menu.patch' 'libjpeg-7.patch'
+ 'CVE-2009-1725.patch')
md5sums=('9ed29086c33bc73256a7fa5268df560b'
'e94450ba5430ea9c1e33bad9ae38ca2d'
'0ad42200df2d2b8aab01d2ef4b21e02f'
- 'f1578c3987049ed0610732e6cd5263d9')
+ 'f1578c3987049ed0610732e6cd5263d9'
+ '7a6609225d996bdec640fd833bc4169c')
build() {
cd $srcdir/${pkgname}-${pkgver}
@@ -33,6 +35,8 @@
# fix compatibility with libjpeg-7; see https://bugs.kde.org/show_bug.cgi?id=198779
# will be in 4.3.0
patch -p0 -i $srcdir/libjpeg-7.patch
+ # see http://bugs.archlinux.org/task/15706
+ patch -p0 -i $srcdir/CVE-2009-1725.patch || return 1
cd ..
mkdir build
cd build
More information about the arch-commits
mailing list