[SCM] KDE Utilities module packaging branch, master, updated. debian/4.7.2-1-3-ga61fe78
Eshat Cakar
eshat-guest at alioth.debian.org
Wed Dec 7 14:29:41 UTC 2011
The following commit has been merged in the master branch:
commit 0562d41c8d2db6b414a7cd451cfe5a7f913bc896
Author: Eshat Cakar <info at eshat.de>
Date: Wed Dec 7 15:26:27 2011 +0100
remove CVE-2011-2725_4.6.diff (applied upstream)
---
debian/changelog | 1 +
debian/patches/CVE-2011-2725_4.6.diff | 22 ----------------------
debian/patches/series | 1 -
3 files changed, 1 insertions(+), 23 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 0623feb..88c1cd7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ kdeutils (4:4.7.4-0r0) UNRELEASED; urgency=low
[ Eshat Cakar ]
* Bump kde-sc-dev-latest build dependency to 4:4.7.4.
+ * Remove CVE-2011-2725_4.6.diff (applied upstream).
-- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Wed, 07 Dec 2011 14:50:11 +0100
diff --git a/debian/patches/CVE-2011-2725_4.6.diff b/debian/patches/CVE-2011-2725_4.6.diff
deleted file mode 100644
index 4be5819..0000000
--- a/debian/patches/CVE-2011-2725_4.6.diff
+++ /dev/null
@@ -1,22 +0,0 @@
-Index: kdeutils/ark/part/part.cpp
-===================================================================
---- kdeutils/ark/part/part.cpp (revision 1259333)
-+++ kdeutils/ark/part/part.cpp (revision 1259334)
-@@ -558,8 +558,15 @@
- if (!job->error()) {
- const ArchiveEntry& entry =
- m_model->entryForIndex(m_view->selectionModel()->currentIndex());
-- const QString fullName =
-- m_previewDir->name() + QLatin1Char( '/' ) + entry[ FileName ].toString();
-+
-+ QString fullName =
-+ m_previewDir->name() + QLatin1Char('/') + entry[ FileName ].toString();
-+
-+ // Make sure a maliciously crafted archive with parent folders named ".." do
-+ // not cause the previewed file path to be located outside the temporary
-+ // directory, resulting in a directory traversal issue.
-+ fullName.remove(QLatin1String("../"));
-+
- ArkViewer::view(fullName, widget());
- } else {
- KMessageBox::error(widget(), job->errorString());
diff --git a/debian/patches/series b/debian/patches/series
index 46d744c..6ead876 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1 @@
remove_workspace.patch
-CVE-2011-2725_4.6.diff
--
KDE Utilities module packaging
More information about the pkg-kde-commits
mailing list