From 290362d91d840ad6feed5b59191a058f5e998d3c Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Mon, 22 Dec 2014 14:56:40 +0100 Subject: KDE 4.6.5 for Slackware 13.37 (07jul2011) --- kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch (limited to 'kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch') diff --git a/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch b/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch new file mode 100644 index 0000000..d05e44b --- /dev/null +++ b/kde/kdelibs/kdelibs.kssl.CVE-2011-3365.patch @@ -0,0 +1,24 @@ +commit 9ca2b26fc67c3f921e1943c1725fca623e395854 +Author: David Faure +Date: Thu Jun 30 23:43:45 2011 +0200 + + Security fix: don't interpret html tags + + Credits to Tim Brown for the find. + (cherry picked from commit bd70d4e589711fda9ab07738c46e37eee8376214) + +diff --git a/kio/kssl/ksslcertificatebox.cpp b/kio/kssl/ksslcertificatebox.cpp +index 4ffc613..094787a 100644 +--- a/kio/kssl/ksslcertificatebox.cpp ++++ b/kio/kssl/ksslcertificatebox.cpp +@@ -36,6 +36,10 @@ KSslCertificateBox::KSslCertificateBox(QWidget *parent) + d(new KSslCertificateBoxPrivate()) + { + d->ui.setupUi(this); ++ // No fooling us with html tags ++ Q_FOREACH(QLabel* label, qFindChildren(this)) { ++ label->setTextFormat(Qt::PlainText); ++ } + } + + -- cgit v1.2.3-65-gdbad