SOURCES: kde4-kdepim-url.patch (NEW) - Clicking on a link inside a mail in ...
shadzik
shadzik at pld-linux.org
Wed Feb 18 22:45:24 CET 2009
Author: shadzik Date: Wed Feb 18 21:45:24 2009 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- Clicking on a link inside a mail in
KMail can potentially execute code without asking the user, if the link points
to a desktop file or a .exe that is associated with Wine, or similar.
This problem happens in all KMail versions.
---- Files affected:
SOURCES:
kde4-kdepim-url.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/kde4-kdepim-url.patch
diff -u /dev/null SOURCES/kde4-kdepim-url.patch:1.1
--- /dev/null Wed Feb 18 22:45:24 2009
+++ SOURCES/kde4-kdepim-url.patch Wed Feb 18 22:45:18 2009
@@ -0,0 +1,15 @@
+--- kmail/kmcommands.cpp 2009/02/16 19:10:32 927080
++++ kmail/kmcommands.cpp 2009/02/16 19:12:30 927081
+@@ -2320,8 +2320,10 @@
+ mUrl.pathOrUrl() ), QString(), KGuiItem(i18n("Execute")), KStandardGuiItem::cancel() ) != KMessageBox::Yes)
+ return Canceled;
+ }
+- if ( !KMail::Util::handleUrlOnMac( mUrl.pathOrUrl() ) )
+- (void) new KRun( mUrl, mMainWidget );
++ if ( !KMail::Util::handleUrlOnMac( mUrl.pathOrUrl() ) ) {
++ KRun *runner = new KRun( mUrl, mMainWidget ); // will delete itself
++ runner->setRunExecutables( false );
++ }
+ }
+ else
+ return Failed;
================================================================
More information about the pld-cvs-commit
mailing list