[SCM] KDE Development Platform Libraries module packaging branch, wheezy, updated. debian/4.8.4-4-10-g03f4641
Maximiliano Curia
maxy at alioth.debian.org
Mon May 27 17:37:44 UTC 2013
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-sc/kde4libs.git;a=commitdiff;h=03f4641
The following commit has been merged in the wheezy branch:
commit 03f4641ba6bda233af15d41fcb3d7929f36b4c59
Author: Maximiliano Curia <maxy at debian.org>
Date: Thu May 16 14:58:26 2013 +0200
Update CVE-2013-2074 patch, add 898135a59d91184692ed1bcee8bb4c6d80d6f7b9 (#707776)
---
...ream_cve-2013-2074-do-not-print-passwords.patch | 39 ++++++++++++++------
1 files changed, 28 insertions(+), 11 deletions(-)
diff --git a/debian/patches/upstream_cve-2013-2074-do-not-print-passwords.patch b/debian/patches/upstream_cve-2013-2074-do-not-print-passwords.patch
index 3d98a47..47c9219 100644
--- a/debian/patches/upstream_cve-2013-2074-do-not-print-passwords.patch
+++ b/debian/patches/upstream_cve-2013-2074-do-not-print-passwords.patch
@@ -1,15 +1,23 @@
-commit 65d736dab592bced4410ccfa4699de89f78c96ca
Author: Grégory Oestreicher <greg at kamago.net>
-Date: Wed May 8 23:16:00 2013 +0200
+Bug-KDE: 319428
+Last-Update: 2013-05-15
+Origin: backport, commit:65d736dab592bced4410ccfa4699de89f78c96ca, commit:898135a59d91184692ed1bcee8bb4c6d80d6f7b9
+Description: Don't show passwords contained in HTTP URLs in error messages
- Don't show passwords contained in HTTP URLs in error messages
- BUG: 319428
-
-diff --git a/kioslave/http/http.cpp b/kioslave/http/http.cpp
-index 2d139a9..129fc7b 100644
---- a/kioslave/http/http.cpp
-+++ b/kioslave/http/http.cpp
-@@ -3056,7 +3056,7 @@ try_again:
+Index: kde4libs/kioslave/http/http.cpp
+===================================================================
+--- kde4libs.orig/kioslave/http/http.cpp 2013-05-16 14:44:40.568379183 +0200
++++ kde4libs/kioslave/http/http.cpp 2013-05-16 14:45:08.927225672 +0200
+@@ -1585,7 +1585,7 @@
+
+ QString url = _url;
+ if ( !url.isNull() )
+- url = m_request.url.url();
++ url = m_request.url.prettyUrl();
+
+ QString action, errorString;
+ int errorCode = ERR_SLAVE_DEFINED;
+@@ -3060,7 +3060,7 @@
; // Ignore error
} else {
if (!sendErrorPageNotification()) {
@@ -18,7 +26,7 @@ index 2d139a9..129fc7b 100644
return false;
}
}
-@@ -3072,9 +3072,9 @@ try_again:
+@@ -3076,9 +3076,9 @@
// Tell that we will only get an error page here.
if (!sendErrorPageNotification()) {
if (m_request.responseCode == 403)
@@ -30,3 +38,12 @@ index 2d139a9..129fc7b 100644
return false;
}
} else if (m_request.responseCode >= 301 && m_request.responseCode<= 303) {
+@@ -3459,7 +3459,7 @@
+ KUrl u(m_request.url, locationStr);
+ if(!u.isValid())
+ {
+- error(ERR_MALFORMED_URL, u.url());
++ error(ERR_MALFORMED_URL, u.prettyUrl());
+ return false;
+ }
+
--
KDE Development Platform Libraries module packaging
More information about the pkg-kde-commits
mailing list