summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'kde-frameworks/kcoreaddons')
-rw-r--r--kde-frameworks/kcoreaddons/Manifest1
-rw-r--r--kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch117
-rw-r--r--kde-frameworks/kcoreaddons/kcoreaddons-5.27.0-r1.ebuild33
3 files changed, 0 insertions, 151 deletions
diff --git a/kde-frameworks/kcoreaddons/Manifest b/kde-frameworks/kcoreaddons/Manifest
index ad8e0fc1e9d..0d53a65155c 100644
--- a/kde-frameworks/kcoreaddons/Manifest
+++ b/kde-frameworks/kcoreaddons/Manifest
@@ -1,3 +1,2 @@
DIST kcoreaddons-5.26.0.tar.xz 330764 SHA256 1fab3ca827cf74f0fdadd30d8b9b3fe53d4ba2d1afe7f23a90f3ff55f3c77982 SHA512 79b586a52e8a2ed5c804d25a2d97bd0ac5d4f8f60cd06496611fbef255d95ffe1a5a8c44d349e6bab7bee233481346b349f0ce5cf11942c43fffe32a54de7cc0 WHIRLPOOL 9e19dcc3335e956a8be2286a4ad3fbb2ffd74c3d6d8a1565f7ba5ac38eeb6e9f499ecf0612faebc4d7853d201936309c9e877fbcc3024d4e44ae14989b153e58
-DIST kcoreaddons-5.27.0.tar.xz 2733084 SHA256 dcbec0cd914e487f8a408d94e0a5ebd9ff6d71c09d6791e66a3310b0a5eaf767 SHA512 784fd339abce3297aeb22ddfea1d1d10f098021e5ce0bf4d2a59879d77c30d64f29d0e2eb0e561a0936ff2790a281dbf3435937ccdcf3ecf00e2ff191f6aaf54 WHIRLPOOL d1c0c43f7c6af03c4fdc3ff998de3754a1487dc69c47579610c67fbd0ee6112865127d9dfdea2c9745847188f54b1064ea897a25a38a5a70be60f7f156632360
DIST kcoreaddons-5.28.0.tar.xz 2734932 SHA256 cbc7b9a319823980af602a64c7ac4d3268bd349a3f90b3ea0c4f3315dad3a283 SHA512 6d298a465aa6a67b3c42b07c327be9c24c23db566fb33f9dfc63f99ba39ea346eda91cf2caa2f17638ba5580d6bd89dd2768b49a87c50be15532d481118b5160 WHIRLPOOL 42dd37696b38b96a85d597cdc25908006e14c2efb2fe0403334a041f6373830621b34ff21a6b231cd8c1553eeaecff03ab5f498243a1701d07d10af676b256dd
diff --git a/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch b/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch
deleted file mode 100644
index 4fbd5e39ace..00000000000
--- a/kde-frameworks/kcoreaddons/files/kcoreaddons-5.27.0-CVE-2016-7966.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From a06cef31cc4c908bc9b76bd9d103fe9c60e0953f Mon Sep 17 00:00:00 2001
-From: Montel Laurent <montel@kde.org>
-Date: Tue, 11 Oct 2016 11:11:08 +0200
-Subject: [PATCH] Add more autotests
-
----
- autotests/ktexttohtmltest.cpp | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
-index c5690e8..0179a00 100644
---- a/autotests/ktexttohtmltest.cpp
-+++ b/autotests/ktexttohtmltest.cpp
-@@ -392,6 +392,21 @@ void KTextToHTMLTest::testHtmlConvert_data()
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
- << "https://\"><!--";
-
-+ QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://192.168.1.1:\"><!--";
-+
-+ QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://<IP>:\"><!--";
-+
-+ QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://<IP>:/\"><!--";
-+
-+ QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://<IP>:/\"><script>alert(1);</script><!--";
- }
-
-
---
-2.7.3
-
-From 5e13d2439dbf540fdc840f0b0ab5b3ebf6642c6a Mon Sep 17 00:00:00 2001
-From: Montel Laurent <montel@kde.org>
-Date: Tue, 11 Oct 2016 11:40:10 +0200
-Subject: [PATCH] Display bad url
-
----
- autotests/ktexttohtmltest.cpp | 14 +++++++++-----
- src/lib/text/ktexttohtml.cpp | 18 +++++++++++++++++-
- 2 files changed, 26 insertions(+), 6 deletions(-)
-
-diff --git a/autotests/ktexttohtmltest.cpp b/autotests/ktexttohtmltest.cpp
-index 0179a00..ccac29a 100644
---- a/autotests/ktexttohtmltest.cpp
-+++ b/autotests/ktexttohtmltest.cpp
-@@ -390,23 +390,27 @@ void KTextToHTMLTest::testHtmlConvert_data()
- //Fix url exploit
- QTest::newRow("url-exec-html") << "https://\"><!--"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-- << "https://\"><!--";
-+ << "https://&quot;&gt;&lt;!--";
-
- QTest::newRow("url-exec-html-2") << "https://192.168.1.1:\"><!--"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-- << "https://192.168.1.1:\"><!--";
-+ << "https://192.168.1.1:&quot;&gt;&lt;!--";
-
- QTest::newRow("url-exec-html-3") << "https://<IP>:\"><!--"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-- << "https://<IP>:\"><!--";
-+ << "https://&lt;IP&gt;:&quot;&gt;&lt;!--";
-
- QTest::newRow("url-exec-html-4") << "https://<IP>:/\"><!--"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-- << "https://<IP>:/\"><!--";
-+ << "https://&lt;IP&gt;:/&quot;&gt;&lt;!--";
-
- QTest::newRow("url-exec-html-5") << "https://<IP>:/\"><script>alert(1);</script><!--"
- << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-- << "https://<IP>:/\"><script>alert(1);</script><!--";
-+ << "https://&lt;IP&gt;:/&quot;&gt;&lt;script&gt;alert(1);&lt;/script&gt;&lt;!--";
-+
-+ QTest::newRow("url-exec-html-6") << "https://<IP>:/\"><script>alert(1);</script><!--\nTest2"
-+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
-+ << "https://&lt;IP&gt;:/&quot;&gt;&lt;script&gt;alert(1);&lt;/script&gt;&lt;!--\nTest2";
- }
-
-
-diff --git a/src/lib/text/ktexttohtml.cpp b/src/lib/text/ktexttohtml.cpp
-index 97c5eab..30e0b5d 100644
---- a/src/lib/text/ktexttohtml.cpp
-+++ b/src/lib/text/ktexttohtml.cpp
-@@ -423,7 +423,23 @@ QString KTextToHTML::convertToHtml(const QString &plainText, const KTextToHTML::
- bool badUrl = false;
- str = helper.getUrl(&badUrl);
- if (badUrl) {
-- return helper.mText;
-+ QString resultBadUrl;
-+ const int helperTextSize(helper.mText.count());
-+ for (int i = 0; i < helperTextSize; ++i) {
-+ const QChar chBadUrl = helper.mText[i];
-+ if (chBadUrl == QLatin1Char('&')) {
-+ resultBadUrl += QLatin1String("&amp;");
-+ } else if (chBadUrl == QLatin1Char('"')) {
-+ resultBadUrl += QLatin1String("&quot;");
-+ } else if (chBadUrl == QLatin1Char('<')) {
-+ resultBadUrl += QLatin1String("&lt;");
-+ } else if (chBadUrl == QLatin1Char('>')) {
-+ resultBadUrl += QLatin1String("&gt;");
-+ } else {
-+ resultBadUrl += chBadUrl;
-+ }
-+ }
-+ return resultBadUrl;
- }
- if (!str.isEmpty()) {
- QString hyperlink;
---
-2.7.3
-
diff --git a/kde-frameworks/kcoreaddons/kcoreaddons-5.27.0-r1.ebuild b/kde-frameworks/kcoreaddons/kcoreaddons-5.27.0-r1.ebuild
deleted file mode 100644
index ebb5cd8d7bf..00000000000
--- a/kde-frameworks/kcoreaddons/kcoreaddons-5.27.0-r1.ebuild
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=6
-
-inherit kde5
-
-DESCRIPTION="Framework for solving common problems such as caching, randomisation, and more"
-LICENSE="LGPL-2+"
-KEYWORDS="~amd64 ~arm ~x86"
-IUSE="fam nls"
-
-RDEPEND="
- $(add_qt_dep qtcore 'icu')
- fam? ( virtual/fam )
- !<kde-frameworks/kservice-5.2.0:5
-"
-DEPEND="${RDEPEND}
- x11-misc/shared-mime-info
- nls? ( $(add_qt_dep linguist-tools) )
-"
-
-PATCHES=( "${FILESDIR}/${P}-CVE-2016-7966.patch" )
-
-src_configure() {
- local mycmakeargs=(
- -D_KDE4_DEFAULT_HOME_POSTFIX=4
- $(cmake-utils_use_find_package fam FAM)
- )
-
- kde5_src_configure
-}