diff options
Diffstat (limited to 'libre/kdebase-runtime')
| -rw-r--r-- | libre/kdebase-runtime/CVE-2014-8600.patch | 20 | ||||
| -rw-r--r-- | libre/kdebase-runtime/PKGBUILD | 11 |
2 files changed, 28 insertions, 3 deletions
diff --git a/libre/kdebase-runtime/CVE-2014-8600.patch b/libre/kdebase-runtime/CVE-2014-8600.patch new file mode 100644 index 000000000..82a854c05 --- /dev/null +++ b/libre/kdebase-runtime/CVE-2014-8600.patch @@ -0,0 +1,20 @@ +--- a/kioslave/bookmarks/kio_bookmarks.cpp ++++ b/kioslave/bookmarks/kio_bookmarks.cpp +@@ -22,6 +22,7 @@ + #include <stdlib.h> + + #include <qregexp.h> ++#include <qtextdocument.h> + + #include <kapplication.h> + #include <kcmdlineargs.h> +@@ -197,7 +198,7 @@ + echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size")); + } else { + echoHead(); +- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>"); ++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>"); + } + finished(); + } + diff --git a/libre/kdebase-runtime/PKGBUILD b/libre/kdebase-runtime/PKGBUILD index 06b76008d..1b0cde183 100644 --- a/libre/kdebase-runtime/PKGBUILD +++ b/libre/kdebase-runtime/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 224764 2014-10-18 11:43:49Z andrea $ +# $Id: PKGBUILD 226406 2014-11-19 16:31:45Z fyan $ # Maintainer (Arch): Andrea Scarpino <andrea@archlinux.org> # Contributor (Arch): Pierre Schmitz <pierre@archlinux.de> # Maintainer: André Silva <emulatorman@parabola.nu> pkgname=kdebase-runtime -pkgver=4.14.2 +pkgver=4.14.3 pkgrel=1.parabola1 pkgdesc="Plugins and applications necessary for the running of KDE applications, without non-privacy search providers" arch=('i686' 'x86_64' 'mips64el') @@ -23,14 +23,19 @@ optdepends=('kdepimlibs: needed by DrKonqi to send crash reports to KDE.org' provides=('khelpcenter' 'notification-daemon') install="${pkgname}.install" source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz" + CVE-2014-8600.patch 'duckduckgo_html.desktop' 'duckduckgo_lite.desktop') -sha1sums=('150ad9b8484b0f519f5e9fcdb710ffe8944006a8' +sha1sums=('d25357bf7e5d3922ce0c9b60921fb2fd738b7251' + '63588c9843c68c9b59e5b5e24dbc62c690ce68ce' 'aa6f39f4b0ad3c110fd05cd6c41190afae9773dd' 'ac3bac94a2c4b1444642524bc5fb539c4c5dcc5b') prepare() { mkdir build + + cd kde-runtime-${pkgver} + patch -p1 -i ../CVE-2014-8600.patch } build() { |