[packages/kde4-kdelibs] - rel 2; fixes CVE-2014-3494
arekm
arekm at pld-linux.org
Thu Jun 19 12:11:10 CEST 2014
commit 7ab4b26aad9f475c8c99a868016adb744d301613
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Thu Jun 19 12:11:07 2014 +0200
- rel 2; fixes CVE-2014-3494
kde4-kdelibs-ssl.patch | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++
kde4-kdelibs.spec | 4 +++-
2 files changed, 58 insertions(+), 1 deletion(-)
---
diff --git a/kde4-kdelibs.spec b/kde4-kdelibs.spec
index b30e036..5857397 100644
--- a/kde4-kdelibs.spec
+++ b/kde4-kdelibs.spec
@@ -17,7 +17,7 @@ Summary(ru.UTF-8): K Desktop Environment - Библиотеки
Summary(uk.UTF-8): K Desktop Environment - Бібліотеки
Name: kde4-kdelibs
Version: 4.13.2
-Release: 1
+Release: 2
License: LGPL
Group: X11/Libraries
Source0: ftp://ftp.kde.org/pub/kde/%{_state}/%{version}/src/%{orgname}-%{version}.tar.xz
@@ -31,6 +31,7 @@ Patch3: %{name}-aboutPLD.patch
Patch4: %{name}-devicemanager_remove.patch
Patch5: kde4-kdelibs-sync.patch
Patch6: kde4-kdelibs-pld-flags.patch
+Patch7: %{name}-ssl.patch
URL: http://www.kde.org/
BuildRequires: OpenEXR-devel >= 1.2.2
BuildRequires: Qt3Support-devel >= %{qtver}
@@ -244,6 +245,7 @@ KDE.
%patch4 -p1
%patch5 -p1
%patch6 -p1
+%patch7 -p1
%if "%{pld_release}" == "ti"
sed -i -e 's#PLDLINUX_VERSION#PLD/Titanium#g' kio/kio/kprotocolmanager.cpp
diff --git a/kde4-kdelibs-ssl.patch b/kde4-kdelibs-ssl.patch
new file mode 100644
index 0000000..648d4fd
--- /dev/null
+++ b/kde4-kdelibs-ssl.patch
@@ -0,0 +1,55 @@
+From: David Faure <faure at kde.org>
+Date: Wed, 18 Jun 2014 18:29:04 +0000
+Subject: Don't require a job to handle messageboxes.
+X-Git-Url: http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d
+---
+Don't require a job to handle messageboxes.
+
+The POP3 ioslave doesn't have a job when it gets here.
+---
+
+
+--- a/kio/kio/usernotificationhandler.cpp
++++ b/kio/kio/usernotificationhandler.cpp
+@@ -19,7 +19,7 @@
+ #include "usernotificationhandler_p.h"
+
+ #include "slave.h"
+-#include "job_p.h"
++#include "jobuidelegate.h"
+
+ #include <kdebug.h>
+
+@@ -76,19 +76,18 @@
+
+ if (m_cachedResults.contains(key)) {
+ result = *(m_cachedResults[key]);
+- } else if (r->slave->job()) {
+- SimpleJobPrivate* jobPrivate = SimpleJobPrivate::get(r->slave->job());
+- if (jobPrivate) {
+- result = jobPrivate->requestMessageBox(r->type,
+- r->data.value(MSG_TEXT).toString(),
+- r->data.value(MSG_CAPTION).toString(),
+- r->data.value(MSG_YES_BUTTON_TEXT).toString(),
+- r->data.value(MSG_NO_BUTTON_TEXT).toString(),
+- r->data.value(MSG_YES_BUTTON_ICON).toString(),
+- r->data.value(MSG_NO_BUTTON_ICON).toString(),
+- r->data.value(MSG_DONT_ASK_AGAIN).toString(),
+- r->data.value(MSG_META_DATA).toMap());
+- }
++ } else {
++ JobUiDelegate ui;
++ const JobUiDelegate::MessageBoxType type = static_cast<JobUiDelegate::MessageBoxType>(r->type);
++ result = ui.requestMessageBox(type,
++ r->data.value(MSG_TEXT).toString(),
++ r->data.value(MSG_CAPTION).toString(),
++ r->data.value(MSG_YES_BUTTON_TEXT).toString(),
++ r->data.value(MSG_NO_BUTTON_TEXT).toString(),
++ r->data.value(MSG_YES_BUTTON_ICON).toString(),
++ r->data.value(MSG_NO_BUTTON_ICON).toString(),
++ r->data.value(MSG_DONT_ASK_AGAIN).toString(),
++ r->data.value(MSG_META_DATA).toMap());
+ m_cachedResults.insert(key, new int(result));
+ }
+ } else {
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/kde4-kdelibs.git/commitdiff/7ab4b26aad9f475c8c99a868016adb744d301613
More information about the pld-cvs-commit
mailing list