[Pkg-kde-commits] rev 298 - in trunk/packages/kdebase/debian: . patches

Adeodato Sim?? dato-guest@haydn.debian.org
Sat, 11 Dec 2004 20:22:59 -0700 

Author: dato-guest
Date: 2004-12-11 20:22:21 -0700 (Sat, 11 Dec 2004)
New Revision: 298

Added:
   trunk/packages/kdebase/debian/patches/post-3.3.1-kdebase-smb.diff
Modified:
   trunk/packages/kdebase/debian/changelog
   trunk/packages/kdebase/debian/control
Log:
Commited kdebase 3.3.1-3 packaging.


Modified: trunk/packages/kdebase/debian/changelog
===================================================================
--- trunk/packages/kdebase/debian/changelog	2004-12-11 17:59:30 UTC (rev 297)
+++ trunk/packages/kdebase/debian/changelog	2004-12-12 03:22:21 UTC (rev 298)
@@ -1,3 +1,10 @@
+kdebase (4:3.3.1-3) unstable; urgency=medium
+
+  * Include patch to fix CAN-2004-1171 ("plain text password exposure").
+    Closes half of #285126.
+
+ -- Adeodato Simó <asp16@alu.ua.es>  Fri, 10 Dec 2004 22:28:25 +0100
+
 kdebase (4:3.3.1-2) unstable; urgency=low
 
   * Forgot then in ksmserver.preinst.

Modified: trunk/packages/kdebase/debian/control
===================================================================
--- trunk/packages/kdebase/debian/control	2004-12-11 17:59:30 UTC (rev 297)
+++ trunk/packages/kdebase/debian/control	2004-12-12 03:22:21 UTC (rev 298)
@@ -2,10 +2,10 @@
 Section: kde
 Priority: optional
 Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
-Uploaders: Christopher L Cheney <ccheney@debian.org>
+Uploaders: Christopher L Cheney <ccheney@debian.org>, Adeodato Simó <asp16@alu.ua.es>
 Build-Depends: automake1.9, debhelper (>= 4.2.0), gawk, gettext, kdelibs4-dev (>> 4:3.3.1), lesstif-dev, libbz2-dev, libcdparanoia0-dev, libdb4.2-dev, libfontconfig1-dev, libldap2-dev, libncurses5-dev, libpam0g-dev, libraw1394-dev, libsasl2-dev, libsensors-dev, libsmbclient-dev, libssl-dev, libtiff4-dev, libxtst-dev, sharutils, texinfo, xlibs-static-pic, xutils
 Build-Depends-Indep: doxygen, qt3-doc
-Standards-Version: 3.6.1.0
+Standards-Version: 3.6.1
 
 Package: kdebase
 Section: kde

Added: trunk/packages/kdebase/debian/patches/post-3.3.1-kdebase-smb.diff
===================================================================
--- trunk/packages/kdebase/debian/patches/post-3.3.1-kdebase-smb.diff	2004-12-11 17:59:30 UTC (rev 297)
+++ trunk/packages/kdebase/debian/patches/post-3.3.1-kdebase-smb.diff	2004-12-12 03:22:21 UTC (rev 298)
@@ -0,0 +1,17 @@
+diff -b -p -u -r1.27 -r1.28
+--- kdebase/kioslave/smb/kio_smb_auth.cpp	24 Jun 2004 19:27:36 -0000	1.27
++++ kdebase/kioslave/smb/kio_smb_auth.cpp	22 Nov 2004 11:20:21 -0000	1.28
+@@ -137,13 +137,11 @@ bool SMBSlave::checkPassword(SMBUrl &url
+                       .arg( share );
+ 
+     info.username = url.user();
+-    info.password = url.pass();
+     kdDebug(KIO_SMB) << "call openPassDlg for " << info.url << endl;
+ 
+     if ( openPassDlg(info) ) {
+         kdDebug(KIO_SMB) << "openPassDlg returned " << info.username << endl;
+         url.setUser(info.username);
+-        url.setPass(info.password);
+         return true;
+     }
+     kdDebug(KIO_SMB) << "no value from openPassDlg\n";