alexxy 14/11/16 12:21:26 Added: kdebase-kioslaves-CVE-2014-8600.patch Log: [kde-base] Add KDE SC 4.14.3 (Portage version: 2.2.14/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key F82F92E6)
Revision Changes Path 1.1 kde-base/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch?rev=1.1&content-type=text/plain Index: kdebase-kioslaves-CVE-2014-8600.patch =================================================================== From: Martin Sandsmark <[email protected]> Date: Thu, 13 Nov 2014 12:29:01 +0000 Subject: Sanitize path X-Git-Url: http://quickgit.kde.org/?p=kde-runtime.git&a=commitdiff&h=d68703900edc8416fbcd2550cd336cbbb76decb9 --- Sanitize path --- --- a/kioslave/bookmarks/kio_bookmarks.cpp +++ b/kioslave/bookmarks/kio_bookmarks.cpp @@ -22,6 +22,7 @@ #include <stdlib.h> #include <qregexp.h> +#include <qtextdocument.h> #include <kapplication.h> #include <kcmdlineargs.h> @@ -197,7 +198,7 @@ echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size")); } else { echoHead(); - echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>"); + echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>"); } finished(); }
