diff options
| author | salo <salo@pkgsrc.org> | 2005-05-12 14:15:08 +0000 |
|---|---|---|
| committer | salo <salo@pkgsrc.org> | 2005-05-12 14:15:08 +0000 |
| commit | a8efa5b04497915a99b89393379dbbb70cdea5f5 (patch) | |
| tree | 8d8ab71745d3671f3c90fd0af8f5feb32742047f | |
| parent | f38ef6430c7ce10f2761ea14db36a542b228479a (diff) | |
| download | pkgsrc-a8efa5b04497915a99b89393379dbbb70cdea5f5.tar.gz | |
Pullup ticket 481 - requested by Mark Davies
security fix for kdewebdev3
Patch provided by the submitter.
Module Name: pkgsrc
Committed By: markd
Date: Wed May 4 13:49:50 UTC 2005
Modified Files:
pkgsrc/www/kdewebdev3: Makefile distinfo
pkgsrc/www/kdewebdev3/patches: patch-ab
Log Message:
The previous Kommander patch was incorrect and still allowed execution
of files served from /tmp.
From http://www.kde.org/info/security/advisory-20050504-1.txt
Bump PKGREVISION.
| -rw-r--r-- | www/kdewebdev3/Makefile | 4 | ||||
| -rw-r--r-- | www/kdewebdev3/distinfo | 4 | ||||
| -rw-r--r-- | www/kdewebdev3/patches/patch-ab | 4 |
3 files changed, 6 insertions, 6 deletions
diff --git a/www/kdewebdev3/Makefile b/www/kdewebdev3/Makefile index f7580247693..78c70aeb4d3 100644 --- a/www/kdewebdev3/Makefile +++ b/www/kdewebdev3/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.4.4.1 2005/05/01 17:36:58 salo Exp $ +# $NetBSD: Makefile,v 1.4.4.2 2005/05/12 14:15:08 salo Exp $ DISTNAME= kdewebdev-${_KDE_VERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www COMMENT= HTML editor and tools suitable for experienced web developers diff --git a/www/kdewebdev3/distinfo b/www/kdewebdev3/distinfo index 90082306cb2..1a603395884 100644 --- a/www/kdewebdev3/distinfo +++ b/www/kdewebdev3/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.4.2.1 2005/05/01 17:36:58 salo Exp $ +$NetBSD: distinfo,v 1.4.2.2 2005/05/12 14:15:08 salo Exp $ SHA1 (kdewebdev-3.3.2.tar.bz2) = 9046409534d1ebd9bd692a02cc1b5a5c259cfe63 RMD160 (kdewebdev-3.3.2.tar.bz2) = 2187fce40c3d31f49f88906a447f218c1b322259 Size (kdewebdev-3.3.2.tar.bz2) = 4797649 bytes SHA1 (patch-aa) = 9268bdb93739a1b4b9dc7cb2d03acd860c05788f -SHA1 (patch-ab) = 35c20f0769da688f0ba7e0d104783854701fd0bd +SHA1 (patch-ab) = 5da488f18219d8303f6a58e97ef573d2492cd876 diff --git a/www/kdewebdev3/patches/patch-ab b/www/kdewebdev3/patches/patch-ab index 67dfbcbea33..b38b77c05d8 100644 --- a/www/kdewebdev3/patches/patch-ab +++ b/www/kdewebdev3/patches/patch-ab @@ -1,4 +1,4 @@ -$NetBSD: patch-ab,v 1.1.2.1 2005/05/01 17:36:58 salo Exp $ +$NetBSD: patch-ab,v 1.1.2.2 2005/05/12 14:15:08 salo Exp $ --- kommander/executor/instance.cpp.orig 2004-08-05 21:28:57.000000000 +0200 +++ kommander/executor/instance.cpp 2005-05-01 07:14:52.000000000 +0200 @@ -22,7 +22,7 @@ $NetBSD: patch-ab,v 1.1.2.1 2005/05/01 17:36:58 salo Exp $ + + bool inTemp = false; + for (QStringList::ConstIterator I = tmpDirs.begin(); I != tmpDirs.end(); ++I) -+ if (m_uiFileName.directory().startsWith(*I)) ++ if (m_uiFileName.directory(false).startsWith(*I)) + inTemp = true; + + if (inTemp) |