summaryrefslogtreecommitdiff
path: root/libre/kdebase-runtime
diff options
context:
space:
mode:
Diffstat (limited to 'libre/kdebase-runtime')
-rw-r--r--libre/kdebase-runtime/CVE-2014-8600.patch20
-rw-r--r--libre/kdebase-runtime/PKGBUILD11
2 files changed, 28 insertions, 3 deletions
diff --git a/libre/kdebase-runtime/CVE-2014-8600.patch b/libre/kdebase-runtime/CVE-2014-8600.patch
new file mode 100644
index 000000000..82a854c05
--- /dev/null
+++ b/libre/kdebase-runtime/CVE-2014-8600.patch
@@ -0,0 +1,20 @@
+--- a/kioslave/bookmarks/kio_bookmarks.cpp
++++ b/kioslave/bookmarks/kio_bookmarks.cpp
+@@ -22,6 +22,7 @@
+ #include <stdlib.h>
+
+ #include <qregexp.h>
++#include <qtextdocument.h>
+
+ #include <kapplication.h>
+ #include <kcmdlineargs.h>
+@@ -197,7 +198,7 @@
+ echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size"));
+ } else {
+ echoHead();
+- echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>");
++ echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>");
+ }
+ finished();
+ }
+
diff --git a/libre/kdebase-runtime/PKGBUILD b/libre/kdebase-runtime/PKGBUILD
index 06b76008d..1b0cde183 100644
--- a/libre/kdebase-runtime/PKGBUILD
+++ b/libre/kdebase-runtime/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 224764 2014-10-18 11:43:49Z andrea $
+# $Id: PKGBUILD 226406 2014-11-19 16:31:45Z fyan $
# Maintainer (Arch): Andrea Scarpino <andrea@archlinux.org>
# Contributor (Arch): Pierre Schmitz <pierre@archlinux.de>
# Maintainer: André Silva <emulatorman@parabola.nu>
pkgname=kdebase-runtime
-pkgver=4.14.2
+pkgver=4.14.3
pkgrel=1.parabola1
pkgdesc="Plugins and applications necessary for the running of KDE applications, without non-privacy search providers"
arch=('i686' 'x86_64' 'mips64el')
@@ -23,14 +23,19 @@ optdepends=('kdepimlibs: needed by DrKonqi to send crash reports to KDE.org'
provides=('khelpcenter' 'notification-daemon')
install="${pkgname}.install"
source=("http://download.kde.org/stable/${pkgver}/src/kde-runtime-${pkgver}.tar.xz"
+ CVE-2014-8600.patch
'duckduckgo_html.desktop'
'duckduckgo_lite.desktop')
-sha1sums=('150ad9b8484b0f519f5e9fcdb710ffe8944006a8'
+sha1sums=('d25357bf7e5d3922ce0c9b60921fb2fd738b7251'
+ '63588c9843c68c9b59e5b5e24dbc62c690ce68ce'
'aa6f39f4b0ad3c110fd05cd6c41190afae9773dd'
'ac3bac94a2c4b1444642524bc5fb539c4c5dcc5b')
prepare() {
mkdir build
+
+ cd kde-runtime-${pkgver}
+ patch -p1 -i ../CVE-2014-8600.patch
}
build() {