Slackware 13.37slackware-13.37

Mon Apr 25 13:37:00 UTC 2011
Slackware 13.37 x86_64 stable is released!

Thanks to everyone who pitched in on this release: the Slackware team,
the folks producing upstream code, and linuxquestions.org for providing
a great forum for collaboration and testing.

The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a
dual-sided
32-bit/64-bit x86/x86_64 DVD.  Please consider supporting the Slackware
project by picking up a copy from store.slackware.com.  We're taking
pre-orders now, and offer a discount if you sign up for a subscription.

As always, thanks to the Slackware community for testing, suggestions,
and feedback.  :-)

Have fun!

1 files changed, 14 insertions, 0 deletions

diff --git a/source/kde/kdelibs/kdelibs.khtml.CVE-2011-1168.diff b/source/kde/kdelibs/kdelibs.khtml.CVE-2011-1168.diff
new file mode 100644
index 000000000..356f30a61
--- /dev/null
+++ b/source/kde/kdelibs/kdelibs.khtml.CVE-2011-1168.diff
@@ -0,0 +1,14 @@
+--- a/khtml/khtml_part.cpp
++++ b/khtml/khtml_part.cpp
+@@ -1803,7 +1803,10 @@ void KHTMLPart::htmlError( int errorCode
+   stream >> errorName >> techName >> description >> causes >> solutions;
+ 
+   QString url, protocol, datetime;
+-  url = Qt::escape( reqUrl.prettyUrl() );
++
++  // This is somewhat confusing, but we have to escape the externally-
++  // controlled URL twice: once for i18n, and once for HTML.
++  url = Qt::escape( Qt::escape( reqUrl.prettyUrl() ) );
+   protocol = reqUrl.protocol();
+   datetime = KGlobal::locale()->formatDateTime( QDateTime::currentDateTime(),
+                                                 KLocale::LongDate );