[Pkg-kde-commits] rev 369 - in trunk/packages/kdebase/debian: . patches

Adeodato Simó dato-guest@costa.debian.org
Mon, 03 Jan 2005 03:14:44 +0100


Author: dato-guest
Date: 2005-01-03 02:26:23 +0100 (Mon, 03 Jan 2005)
New Revision: 369

Added:
   trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff
   trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff
Modified:
   trunk/packages/kdebase/debian/changelog
Log:

  * High urgency upload to fix security vulnerability in sarge.

  * Include patch to fix CAN-2004-1158, "Konqueror Window Injection
    Vulnerability". (Closes: #286516)

  * Include small patch from Christoffer Sawicki to ignore /sys and /.dev and
    not report them as hard disks in Konqueror. (Closes: #287424)




Modified: trunk/packages/kdebase/debian/changelog
===================================================================
--- trunk/packages/kdebase/debian/changelog	2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/changelog	2005-01-03 01:26:23 UTC (rev 369)
@@ -1,3 +1,17 @@
+kdebase (4:3.3.1-4) unstable; urgency=high
+
+  +++ Changes by Adeodato Simó:
+
+  * High urgency upload to fix security vulnerability in sarge.
+
+  * Include patch to fix CAN-2004-1158, "Konqueror Window Injection
+    Vulnerability". (Closes: #286516)
+
+  * Include small patch from Christoffer Sawicki to ignore /sys and /.dev and
+    not report them as hard disks in Konqueror. (Closes: #287424)
+
+ -- Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>  Mon,  3 Jan 2005 01:18:23 +0100
+
 kdebase (4:3.3.1-3) unstable; urgency=medium
 
   * Include patch to fix CAN-2004-1171 ("plain text password exposure").

Added: trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff
===================================================================
--- trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff	2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/patches/11_CAN-2004-1158.diff	2005-01-03 01:26:23 UTC (rev 369)
@@ -0,0 +1,39 @@
+===================================================================
+RCS file: /home/kde/kdebase/konqueror/konq_mainwindow.cc,v
+retrieving revision 1.1342.2.14
+retrieving revision 1.1342.2.15
+diff -u -r1.1342.2.14 -r1.1342.2.15
+--- kdebase/konqueror/konq_mainwindow.cc	2004/11/24 18:29:51	1.1342.2.14
++++ kdebase/konqueror/konq_mainwindow.cc	2004/12/12 22:37:45	1.1342.2.15
+@@ -2252,6 +2252,17 @@
+     QString viewName = view->viewName();
+     kdDebug() << "       - viewName=" << viewName << "   "
+               << "frame names:" << view->frameNames().join( "," ) << endl;
++
++    // First look for a hostextension containing this frame name
++    KParts::BrowserHostExtension *ext = KParts::BrowserHostExtension::childObject( view->part() );
++    if ( ext )
++    {
++      ext = ext->findFrameParent(callingPart, name);
++      kdDebug() << "BrowserHostExtension found part " << ext << endl;
++      if (!ext)
++         continue; // Don't use this window
++    }
++
+     if ( !viewName.isEmpty() && viewName == name )
+     {
+       kdDebug() << "found existing view by name: " << view << endl;
+@@ -2262,13 +2273,6 @@
+       return view;
+     }
+ 
+-    // First look for a hostextension containing this frame name
+-    KParts::BrowserHostExtension *ext = KParts::BrowserHostExtension::childObject( view->part() );
+-    if ( ext )
+-    {
+-      ext = ext->findFrameParent(callingPart, name);
+-    }
+-
+ //    KParts::BrowserHostExtension* ext = KonqView::hostExtension( view->part(), name );
+ 
+     if ( ext )

Added: trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff
===================================================================
--- trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff	2004-12-30 15:39:39 UTC (rev 368)
+++ trunk/packages/kdebase/debian/patches/12_ignore-sys-and-.dev.diff	2005-01-03 01:26:23 UTC (rev 369)
@@ -0,0 +1,11 @@
+--- kdebase-orig/kioslave/devices/kdedmodule/disklist.cpp
++++ kdebase-patched/kioslave/devices/kdedmodule/disklist.cpp
+@@ -74,6 +74,8 @@
+	      && (disk->deviceName() != "tmpfs")
+	      && (disk->mountPoint() != "/dev/swap")
+	      && (disk->mountPoint() != "/dev/pts")
++	      && (disk->mountPoint() != "/sys")
++	      && (disk->mountPoint() != "/.dev")
+	      && (disk->mountPoint().find("/proc") != 0)
+	      && (disk->deviceName().find("shm") == -1  ))
+		ignore=false;