[arch-commits] Commit in kdelibs/trunk (PKGBUILD security-fix.patch)
Andrea Scarpino
andrea at nymeria.archlinux.org
Thu May 9 07:57:09 UTC 2013
Date: Thursday, May 9, 2013 @ 09:57:09
Author: andrea
Revision: 184819
upgpkg: kdelibs 4.10.3-1
Don't show passwords contained in HTTP URLs in error messages
Added:
kdelibs/trunk/security-fix.patch
Modified:
kdelibs/trunk/PKGBUILD
--------------------+
PKGBUILD | 10 ++++++++--
security-fix.patch | 32 ++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+), 2 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-05-09 07:44:41 UTC (rev 184818)
+++ PKGBUILD 2013-05-09 07:57:09 UTC (rev 184819)
@@ -17,11 +17,13 @@
makedepends=('cmake' 'automoc4' 'avahi' 'libgl' 'hspell' 'mesa')
install=${pkgname}.install
source=("http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.xz"
- 'kde-applications-menu.patch' 'archlinux-menu.patch' 'qt4.patch')
+ 'kde-applications-menu.patch' 'archlinux-menu.patch' 'qt4.patch'
+ 'security-fix.patch')
sha1sums=('aa154998e227121be82f5b04442e908e7dece01b'
'86ee8c8660f19de8141ac99cd6943964d97a1ed7'
'63a850ab4196b9d06934f2b4a13acd9f7739bc67'
- 'ed1f57ee661e5c7440efcaba7e51d2554709701c')
+ 'ed1f57ee661e5c7440efcaba7e51d2554709701c'
+ '506562009a667f18481be0d2c5035b181fce38bb')
build() {
cd ${pkgname}-${pkgver}
@@ -31,6 +33,10 @@
patch -p1 -i "${srcdir}"/archlinux-menu.patch
# qmake refers to Qt5
patch -p1 -i "${srcdir}"/qt4.patch
+
+ # KDEBUG#319428
+ patch -p1 -i "${srcdir}"/security-fix.patch
+
cd ../
mkdir build
Added: security-fix.patch
===================================================================
--- security-fix.patch (rev 0)
+++ security-fix.patch 2013-05-09 07:57:09 UTC (rev 184819)
@@ -0,0 +1,32 @@
+commit 65d736dab592bced4410ccfa4699de89f78c96ca
+Author: Grégory Oestreicher <greg at kamago.net>
+Date: Wed May 8 23:16:00 2013 +0200
+
+ Don't show passwords contained in HTTP URLs in error messages
+ BUG: 319428
+
+diff --git a/kioslave/http/http.cpp b/kioslave/http/http.cpp
+index 2d139a9..129fc7b 100644
+--- a/kioslave/http/http.cpp
++++ b/kioslave/http/http.cpp
+@@ -3056,7 +3056,7 @@ try_again:
+ ; // Ignore error
+ } else {
+ if (!sendErrorPageNotification()) {
+- error(ERR_INTERNAL_SERVER, m_request.url.url());
++ error(ERR_INTERNAL_SERVER, m_request.url.prettyUrl());
+ return false;
+ }
+ }
+@@ -3072,9 +3072,9 @@ try_again:
+ // Tell that we will only get an error page here.
+ if (!sendErrorPageNotification()) {
+ if (m_request.responseCode == 403)
+- error(ERR_ACCESS_DENIED, m_request.url.url());
++ error(ERR_ACCESS_DENIED, m_request.url.prettyUrl());
+ else
+- error(ERR_DOES_NOT_EXIST, m_request.url.url());
++ error(ERR_DOES_NOT_EXIST, m_request.url.prettyUrl());
+ return false;
+ }
+ } else if (m_request.responseCode >= 301 && m_request.responseCode<= 303) {
More information about the arch-commits
mailing list