[Pkg-kde-commits] rev 369 - in trunk/packages/kdebase/debian: . patches
Adeodato Simó
dato-guest@costa.debian.org
Mon, 03 Jan 2005 03:14:44 +0100
Author: dato-guest
Date: 2005-01-03 02:26:23 +0100 (Mon, 03 Jan 2005)
New Revision: 369
Added:
trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff
trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff
Modified:
trunk/packages/kdebase/debian/changelog
Log:
* High urgency upload to fix security vulnerability in sarge.
* Include patch to fix CAN-2004-1158, "Konqueror Window Injection
Vulnerability". (Closes: #286516)
* Include small patch from Christoffer Sawicki to ignore /sys and /.dev and
not report them as hard disks in Konqueror. (Closes: #287424)
Modified: trunk/packages/kdebase/debian/changelog
===================================================================
--- trunk/packages/kdebase/debian/changelog 2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/changelog 2005-01-03 01:26:23 UTC (rev 369)
@@ -1,3 +1,17 @@
+kdebase (4:3.3.1-4) unstable; urgency=high
+
+ +++ Changes by Adeodato Simó:
+
+ * High urgency upload to fix security vulnerability in sarge.
+
+ * Include patch to fix CAN-2004-1158, "Konqueror Window Injection
+ Vulnerability". (Closes: #286516)
+
+ * Include small patch from Christoffer Sawicki to ignore /sys and /.dev and
+ not report them as hard disks in Konqueror. (Closes: #287424)
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org> Mon, 3 Jan 2005 01:18:23 +0100
+
kdebase (4:3.3.1-3) unstable; urgency=medium
* Include patch to fix CAN-2004-1171 ("plain text password exposure").
Added: trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff
===================================================================
--- trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff 2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff 2005-01-03 01:26:23 UTC (rev 369)
@@ -0,0 +1,39 @@
+===================================================================
+RCS file: /home/kde/kdebase/konqueror/konq_mainwindow.cc,v
+retrieving revision 1.1342.2.14
+retrieving revision 1.1342.2.15
+diff -u -r1.1342.2.14 -r1.1342.2.15
+--- kdebase/konqueror/konq_mainwindow.cc 2004/11/24 18:29:51 1.1342.2.14
++++ kdebase/konqueror/konq_mainwindow.cc 2004/12/12 22:37:45 1.1342.2.15
+@@ -2252,6 +2252,17 @@
+ QString viewName = view->viewName();
+ kdDebug() << " - viewName=" << viewName << " "
+ << "frame names:" << view->frameNames().join( "," ) << endl;
++
++ // First look for a hostextension containing this frame name
++ KParts::BrowserHostExtension *ext = KParts::BrowserHostExtension::childObject( view->part() );
++ if ( ext )
++ {
++ ext = ext->findFrameParent(callingPart, name);
++ kdDebug() << "BrowserHostExtension found part " << ext << endl;
++ if (!ext)
++ continue; // Don't use this window
++ }
++
+ if ( !viewName.isEmpty() && viewName == name )
+ {
+ kdDebug() << "found existing view by name: " << view << endl;
+@@ -2262,13 +2273,6 @@
+ return view;
+ }
+
+- // First look for a hostextension containing this frame name
+- KParts::BrowserHostExtension *ext = KParts::BrowserHostExtension::childObject( view->part() );
+- if ( ext )
+- {
+- ext = ext->findFrameParent(callingPart, name);
+- }
+-
+ // KParts::BrowserHostExtension* ext = KonqView::hostExtension( view->part(), name );
+
+ if ( ext )
Added: trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff
===================================================================
--- trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff 2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff 2005-01-03 01:26:23 UTC (rev 369)
@@ -0,0 +1,11 @@
+--- kdebase-orig/kioslave/devices/kdedmodule/disklist.cpp
++++ kdebase-patched/kioslave/devices/kdedmodule/disklist.cpp
+@@ -74,6 +74,8 @@
+ && (disk->deviceName() != "tmpfs")
+ && (disk->mountPoint() != "/dev/swap")
+ && (disk->mountPoint() != "/dev/pts")
++ && (disk->mountPoint() != "/sys")
++ && (disk->mountPoint() != "/.dev")
+ && (disk->mountPoint().find("/proc") != 0)
+ && (disk->deviceName().find("shm") == -1 ))
+ ignore=false;