[SCM] kcoreaddons packaging branch, master, updated. debian/5.37.0-2-101-ga15783a
Maximiliano Curia
maxy at moszumanska.debian.org
Tue Jan 2 18:34:28 UTC 2018
Gitweb-URL: http://git.debian.org/?p=pkg-kde/frameworks/kcoreaddons.git;a=commitdiff;h=f20dc64
The following commit has been merged in the master branch:
commit f20dc6453522319e46874f2b2b97d9d051bfe149
Author: Jonathan Riddell <jr at jriddell.org>
Date: Thu Oct 6 22:54:26 2016 +0100
add patch for kmail security issue https://www.kde.org/info/security/advisory-20161006-1.txt
---
debian/patches/kde_01_CVE-2016-7966.diff | 115 +++++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 116 insertions(+)
diff --git a/debian/patches/kde_01_CVE-2016-7966.diff b/debian/patches/kde_01_CVE-2016-7966.diff
new file mode 100644
index 0000000..c1f0443
--- /dev/null
+++ b/debian/patches/kde_01_CVE-2016-7966.diff
@@ -0,0 +1,115 @@
+From: Montel Laurent <montel at kde.org>
+Date: Fri, 30 Sep 2016 11:21:45 +0000
+Subject: Don't convert as url an url which has a "
+X-Git-Tag: v5.27.0-rc1
+X-Git-Url: http://quickgit.kde.org/?p=kcoreaddons.git&a=commitdiff&h=96e562d9138c100498da38e4c5b4091a226dde12
+---
+Don't convert as url an url which has a "
+---
+
+
+--- a/autotests/ktexttohtmltest.cpp
++++ b/autotests/ktexttohtmltest.cpp
+@@ -386,6 +386,12 @@
+ QTest::newRow("url-with-url") << "foo <http://www.kde.org/ <http://www.kde.org/>>"
+ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
+ << "foo <<a href=\"http://www.kde.org/ \">http://www.kde.org/ </a><<a href=\"http://www.kde.org/\">http://www.kde.org/</a>>>";
++
++ //Fix url exploit
++ QTest::newRow("url-exec-html") << "https://\"><!--"
++ << KTextToHTML::Options(KTextToHTML::PreserveSpaces)
++ << "https://\"><!--";
++
+ }
+
+
+
+--- a/src/lib/text/ktexttohtml.cpp
++++ b/src/lib/text/ktexttohtml.cpp
+@@ -156,7 +156,6 @@
+ (allowedSpecialChars.indexOf(mText[mPos - 1]) != -1))) {
+ return false;
+ }
+-
+ QChar ch = mText[mPos];
+ return
+ (ch == QLatin1Char('h') && (mText.mid(mPos, 7) == QLatin1String("http://") ||
+@@ -192,7 +191,7 @@
+ url == QLatin1String("news://");
+ }
+
+-QString KTextToHTMLHelper::getUrl()
++QString KTextToHTMLHelper::getUrl(bool *badurl)
+ {
+ QString url;
+ if (atUrl()) {
+@@ -229,6 +228,7 @@
+ url.reserve(mMaxUrlLen); // avoid allocs
+ int start = mPos;
+ bool previousCharIsSpace = false;
++ bool previousCharIsADoubleQuote = false;
+ while ((mPos < mText.length()) &&
+ (mText[mPos].isPrint() || mText[mPos].isSpace()) &&
+ ((afterUrl.isNull() && !mText[mPos].isSpace()) ||
+@@ -241,6 +241,18 @@
+ break;
+ }
+ previousCharIsSpace = false;
++ if (mText[mPos] == QLatin1Char('>') && previousCharIsADoubleQuote) {
++ //it's an invalid url
++ if (badurl) {
++ *badurl = true;
++ }
++ return QString();
++ }
++ if (mText[mPos] == QLatin1Char('"')) {
++ previousCharIsADoubleQuote = true;
++ } else {
++ previousCharIsADoubleQuote = false;
++ }
+ url.append(mText[mPos]);
+ if (url.length() > mMaxUrlLen) {
+ break;
+@@ -341,7 +353,6 @@
+ QChar ch;
+ int x;
+ bool startOfLine = true;
+- //qDebug()<<" plainText"<<plainText;
+
+ for (helper.mPos = 0, x = 0; helper.mPos < helper.mText.length();
+ ++helper.mPos, ++x) {
+@@ -409,8 +420,11 @@
+ } else {
+ const int start = helper.mPos;
+ if (!(flags & IgnoreUrls)) {
+- str = helper.getUrl();
+- //qDebug()<<" str"<<str;
++ bool badUrl = false;
++ str = helper.getUrl(&badUrl);
++ if (badUrl) {
++ return helper.mText;
++ }
+ if (!str.isEmpty()) {
+ QString hyperlink;
+ if (str.left(4) == QLatin1String("www.")) {
+@@ -464,7 +478,6 @@
+
+ result = helper.emoticonsInterface()->parseEmoticons(result, true, exclude);
+ }
+- //qDebug()<<" result "<<result;
+
+ return result;
+ }
+
+--- a/src/lib/text/ktexttohtml_p.h
++++ b/src/lib/text/ktexttohtml_p.h
+@@ -49,7 +49,7 @@
+ QString getEmailAddress();
+ bool atUrl();
+ bool isEmptyUrl(const QString &url);
+- QString getUrl();
++ QString getUrl(bool *badurl = Q_NULLPTR);
+ QString pngToDataUrl(const QString &pngPath);
+ QString highlightedText();
+
+
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..1dfe8cd 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+kde_01_CVE-2016-7966.diff
--
kcoreaddons packaging
More information about the pkg-kde-commits
mailing list