[SCM] ktp-text-ui packaging branch, master, updated. debian/15.12.1-1-1918-gdf4b0ec

Sat May 28 00:23:22 UTC 2016

Gitweb-URL: http://git.debian.org/?p=pkg-kde/applications/ktp-text-ui.git;a=commitdiff;h=b25277f

The following commit has been merged in the master branch:
commit b25277f59080a06167a06707f2f482d15f31d98d
Author: Lasath Fernando <kde at lasath.org>
Date:   Tue Feb 26 14:15:28 2013 -0500

    Catch one more security flaw in Youtube Filter
    
    It now completly ignores youtube id's that don't match the regex
    exactly.
    
    REVIEW: 109158
---
 filters/youtube/youtube-filter.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/filters/youtube/youtube-filter.cpp b/filters/youtube/youtube-filter.cpp
index 74729a3..0dec5c6 100644
--- a/filters/youtube/youtube-filter.cpp
+++ b/filters/youtube/youtube-filter.cpp
@@ -55,7 +55,7 @@ void YoutubeFilter::filterMessage(KTp::Message &message, const KTp::MessageConte
             QString v = url.queryItemValue(QLatin1String("v"));
             kDebug() << "v =" << v;
 
-            if (v.contains(validId)){
+            if (validId.exactMatch(v)){
                 message.appendMessagePart(html.arg(url.queryItemValue(QLatin1String("v"))));
             }
         }

-- 
ktp-text-ui packaging

