diff options
Diffstat (limited to 'kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch')
-rw-r--r-- | kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch b/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch new file mode 100644 index 0000000..d05e44b --- /dev/null +++ b/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch @@ -0,0 +1,24 @@ +commit 9ca2b26fc67c3f921e1943c1725fca623e395854 +Author: David Faure <faure@kde.org> +Date: Thu Jun 30 23:43:45 2011 +0200 + + Security fix: don't interpret html tags + + Credits to Tim Brown for the find. + (cherry picked from commit bd70d4e589711fda9ab07738c46e37eee8376214) + +diff --git a/kio/kssl/ksslcertificatebox.cpp b/kio/kssl/ksslcertificatebox.cpp +index 4ffc613..094787a 100644 +--- a/kio/kssl/ksslcertificatebox.cpp ++++ b/kio/kssl/ksslcertificatebox.cpp +@@ -36,6 +36,10 @@ KSslCertificateBox::KSslCertificateBox(QWidget *parent) + d(new KSslCertificateBoxPrivate()) + { + d->ui.setupUi(this); ++ // No fooling us with html tags ++ Q_FOREACH(QLabel* label, qFindChildren<QLabel *>(this)) { ++ label->setTextFormat(Qt::PlainText); ++ } + } + + |