[arch-commits] Commit in kdebase-runtime/trunk (CVE-2014-8600.patch PKGBUILD)
Felix Yan
fyan at archlinux.org
Wed Nov 19 16:31:46 UTC 2014
Date: Wednesday, November 19, 2014 @ 17:31:45
Author: fyan
Revision: 226406
upgpkg: kdebase-runtime 4.14.3-1
- upstream new release
- add patch for CVE-2014-8600 (FS#42777)
Added:
kdebase-runtime/trunk/CVE-2014-8600.patch
Modified:
kdebase-runtime/trunk/PKGBUILD
---------------------+
CVE-2014-8600.patch | 20 ++++++++++++++++++++
PKGBUILD | 11 ++++++++---
2 files changed, 28 insertions(+), 3 deletions(-)
Added: CVE-2014-8600.patch
===================================================================
--- CVE-2014-8600.patch (rev 0)
+++ CVE-2014-8600.patch 2014-11-19 16:31:45 UTC (rev 226406)
@@ -0,0 +1,20 @@
+--- a/kioslave/bookmarks/kio_bookmarks.cpp
++++ b/kioslave/bookmarks/kio_bookmarks.cpp
+@@ -22,6 +22,7 @@
+ #include <stdlib.h>
+
+ #include <qregexp.h>
++#include <qtextdocument.h>
+
+ #include <kapplication.h>
+ #include <kcmdlineargs.h>
+@@ -197,7 +198,7 @@
+ echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size"));
+ } else {
+ echoHead();
+- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>");
++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>");
+ }
+ finished();
+ }
+
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-11-19 16:29:50 UTC (rev 226405)
+++ PKGBUILD 2014-11-19 16:31:45 UTC (rev 226406)
@@ -3,7 +3,7 @@
# Contributor: Pierre Schmitz <pierre at archlinux.de>
pkgname=kdebase-runtime
-pkgver=4.14.2
+pkgver=4.14.3
pkgrel=1
pkgdesc="Plugins and applications necessary for the running of KDE applications"
arch=('i686' 'x86_64')
@@ -19,11 +19,16 @@
'rarian: needed by KHelpCenter')
provides=('khelpcenter' 'notification-daemon')
install="${pkgname}.install"
-source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz")
-sha1sums=('150ad9b8484b0f519f5e9fcdb710ffe8944006a8')
+source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz"
+ CVE-2014-8600.patch)
+sha1sums=('d25357bf7e5d3922ce0c9b60921fb2fd738b7251'
+ '63588c9843c68c9b59e5b5e24dbc62c690ce68ce')
prepare() {
mkdir build
+
+ cd kde-runtime-${pkgver}
+ patch -p1 -i ../CVE-2014-8600.patch
}
build() {
More information about the arch-commits
mailing list