diff options
| author | Martin Wilke <miwi@FreeBSD.org> | 2009-11-03 09:45:47 +0000 |
|---|---|---|
| committer | Martin Wilke <miwi@FreeBSD.org> | 2009-11-03 09:45:47 +0000 |
| commit | 5cc7f243b6cbad4431f92d78c83098f78370a702 (patch) | |
| tree | 337a148e32bf8b682fc3266f74c4165a0e727ae4 /x11/kde4-runtime | |
| parent | cf9f01aab4d9f64db1fb7a40213a3d2e3a3b8461 (diff) | |
| download | ports-5cc7f243b6cbad4431f92d78c83098f78370a702.tar.gz ports-5cc7f243b6cbad4431f92d78c83098f78370a702.zip | |
Notes
Diffstat (limited to 'x11/kde4-runtime')
| -rw-r--r-- | x11/kde4-runtime/Makefile | 2 | ||||
| -rw-r--r-- | x11/kde4-runtime/files/patch-ocert-2009-015-kioslave | 16 |
2 files changed, 17 insertions, 1 deletions
diff --git a/x11/kde4-runtime/Makefile b/x11/kde4-runtime/Makefile index fd89157e1731..1a7c749095dc 100644 --- a/x11/kde4-runtime/Makefile +++ b/x11/kde4-runtime/Makefile @@ -8,7 +8,7 @@ PORTNAME= kdebase-runtime PORTVERSION= ${KDE4_VERSION} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11 kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= ${KDE4_BRANCH}/${PORTVERSION}/src diff --git a/x11/kde4-runtime/files/patch-ocert-2009-015-kioslave b/x11/kde4-runtime/files/patch-ocert-2009-015-kioslave new file mode 100644 index 000000000000..0024b941e34d --- /dev/null +++ b/x11/kde4-runtime/files/patch-ocert-2009-015-kioslave @@ -0,0 +1,16 @@ +--- ./kioslave/info/info.cc 2009/10/02 15:51:26 1030578 ++++ ./kioslave/info/info.cc 2009/10/02 15:53:30 1030579 +@@ -89,6 +89,13 @@ + return; + } + ++ // '<' in the path looks suspicious, someone is trying info:/dir/<script>alert('xss')</script> ++ if (url.path().contains('<')) ++ { ++ error(KIO::ERR_DOES_NOT_EXIST, url.url()); ++ return; ++ } ++ + mimeType("text/html"); + // extract the path and node from url + decodeURL( url ); |