[arch-commits] Commit in kcoreaddons/trunk (CVE-2016-7966.patch PKGBUILD)
Felix Yan
felixonmars at archlinux.org
Sun Oct 9 17:12:05 UTC 2016
Date: Sunday, October 9, 2016 @ 17:12:05
Author: felixonmars
Revision: 277983
upgpkg: kcoreaddons 5.27.0-1
Upstream release
Modified:
kcoreaddons/trunk/PKGBUILD
Deleted:
kcoreaddons/trunk/CVE-2016-7966.patch
---------------------+
CVE-2016-7966.patch | 71 --------------------------------------------------
PKGBUILD | 12 ++------
2 files changed, 4 insertions(+), 79 deletions(-)
Deleted: CVE-2016-7966.patch
===================================================================
--- CVE-2016-7966.patch 2016-10-09 17:11:58 UTC (rev 277982)
+++ CVE-2016-7966.patch 2016-10-09 17:12:05 UTC (rev 277983)
@@ -1,71 +0,0 @@
-diff --git a/autotests/kjobtest.cpp b/autotests/kjobtest.cpp
-index 88be4ac..139b9be 100644
---- a/autotests/kjobtest.cpp
-+++ b/autotests/kjobtest.cpp
-@@ -276,6 +276,7 @@ void KJobTest::testDelegateUsage()
- TestJob *job1 = new TestJob;
- TestJob *job2 = new TestJob;
- TestJobUiDelegate *delegate = new TestJobUiDelegate;
-+ QPointer<TestJobUiDelegate> guard(delegate);
-
- QVERIFY(job1->uiDelegate() == 0);
- job1->setUiDelegate(delegate);
-@@ -284,6 +285,10 @@ void KJobTest::testDelegateUsage()
- QVERIFY(job2->uiDelegate() == 0);
- job2->setUiDelegate(delegate);
- QVERIFY(job2->uiDelegate() == 0);
-+
-+ delete job1;
-+ delete job2;
-+ QVERIFY(guard.isNull()); // deleted by job1
- }
-
- void KJobTest::testNestedExec()
-diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
-index 474f0ca..c5690e8 100644
---- a/autotests/ktexttohtmltest.cpp
-+++ b/autotests/ktexttohtmltest.cpp
-@@ -30,6 +30,15 @@ QTEST_MAIN(KTextToHTMLTest)
-
- Q_DECLARE_METATYPE(KTextToHTML::Options)
-
-+#ifndef Q_OS_WIN
-+void initLocale()
-+{
-+ setenv("LC_ALL", "en_US.utf-8", 1);
-+}
-+Q_CONSTRUCTOR_FUNCTION(initLocale)
-+#endif
-+
-+
- void KTextToHTMLTest::testGetEmailAddress()
- {
- // empty input
-@@ -372,6 +381,17 @@ void KTextToHTMLTest::testHtmlConvert_data()
- QTest::newRow("url-in-parenthesis-3") << "bla (http://www.kde.org - section 5.2)"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
- << "bla (<a href=\"http://www.kde.org\">http://www.kde.org</a> - section 5.2)";
-+
-+ // Fix url as foo <<url> <url>> when we concatened them.
-+ QTest::newRow("url-with-url") << "foo <http://www.kde.org/ <http://www.kde.org/>>"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "foo <<a href=\"http://www.kde.org/ \">http://www.kde.org/ </a><<a href=\"http://www.kde.org/\">http://www.kde.org/</a>>>";
-+
-+ //Fix url exploit
-+ QTest::newRow("url-exec-html") << "https://\"><!--"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://\"><!--";
-+
- }
-
-
-diff --git a/autotests/kurlmimedatatest.cpp b/autotests/kurlmimedatatest.cpp
-index 5e55d9e..264879f 100644
---- a/autotests/kurlmimedatatest.cpp
-+++ b/autotests/kurlmimedatatest.cpp
-@@ -135,4 +135,5 @@ void KUrlMimeDataTest::testMostLocalUrlList()
- QCOMPARE(qurls[i], static_cast<QUrl>(localUrls[i]));
- }
-
-+ delete mimeData;
- }
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-10-09 17:11:58 UTC (rev 277982)
+++ PKGBUILD 2016-10-09 17:12:05 UTC (rev 277983)
@@ -3,8 +3,8 @@
# Contributor: Andrea Scarpino <andrea at archlinux.org>
pkgname=kcoreaddons
-pkgver=5.26.0
-pkgrel=2
+pkgver=5.27.0
+pkgrel=1
pkgdesc='Addons to QtCore'
arch=('i686' 'x86_64')
url='https://community.kde.org/Frameworks'
@@ -12,15 +12,11 @@
depends=('qt5-base' 'shared-mime-info')
makedepends=('extra-cmake-modules' 'qt5-tools')
groups=('kf5')
-source=("http://download.kde.org/stable/frameworks/${pkgver%.*}/${pkgname}-${pkgver}.tar.xz" CVE-2016-7966.patch)
-md5sums=('263530a26fd0b80238827d2d97225e7b'
- '2078f5ef9f761df6f7701ba96c046125')
+source=("http://download.kde.org/stable/frameworks/${pkgver%.*}/${pkgname}-${pkgver}.tar.xz")
+md5sums=('3dc2ded3c06cbf5d0dcf41a96e9a03bb')
prepare() {
mkdir -p build
-
- cd $pkgname-$pkgver
- patch -p1 -i ../CVE-2016-7966.patch # https://www.kde.org/info/security/advisory-20161006-1.txt
}
build() {
More information about the arch-commits
mailing list