From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-805788-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 5C9CF138CD8
	for <garchives@archives.gentoo.org>; Thu,  4 Jun 2015 18:48:40 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 9F5F2E09A6;
	Thu,  4 Jun 2015 18:45:06 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id F206FE0978
	for <gentoo-commits@lists.gentoo.org>; Thu,  4 Jun 2015 18:44:54 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id DDF5A340EC9
	for <gentoo-commits@lists.gentoo.org>; Thu,  4 Jun 2015 18:44:51 +0000 (UTC)
Received: by oystercatcher.gentoo.org (Postfix, from userid 2323)
	id 171F5A4C; Thu,  4 Jun 2015 18:44:45 +0000 (UTC)
From: "Michael Palimaka (kensington)" <kensington@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Reply-To: gentoo-dev@lists.gentoo.org, kensington@gentoo.org
Subject: [gentoo-commits] gentoo-x86 commit in kde-apps/kdebase-kioslaves/files: kdebase-kioslaves-CVE-2014-8600.patch
X-VCS-Repository: gentoo-x86
X-VCS-Files: kdebase-kioslaves-CVE-2014-8600.patch
X-VCS-Directories: kde-apps/kdebase-kioslaves/files
X-VCS-Committer: kensington
X-VCS-Committer-Name: Michael Palimaka
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
Message-Id: <20150604184445.171F5A4C@oystercatcher.gentoo.org>
Date: Thu,  4 Jun 2015 18:44:45 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 975b28fa-b737-4a43-9dad-c0d3c3e4f480
X-Archives-Hash: 7a5c29d4ecda91a1ced22525dedd7501

kensington    15/06/04 18:44:45

  Added:                kdebase-kioslaves-CVE-2014-8600.patch
  Log:
  Moved package from kde-base to kde-apps.
  
  (Portage version: 2.2.20/cvs/Linux x86_64, signed Manifest commit with key 0x06B1F38DCA45A1EC!)

Revision  Changes    Path
1.1                  kde-apps/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-apps/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-apps/kdebase-kioslaves/files/kdebase-kioslaves-CVE-2014-8600.patch?rev=1.1&content-type=text/plain

Index: kdebase-kioslaves-CVE-2014-8600.patch
===================================================================
From: Martin Sandsmark <martin.sandsmark@kde.org>
Date: Thu, 13 Nov 2014 12:29:01 +0000
Subject: Sanitize path
X-Git-Url: http://quickgit.kde.org/?p=kde-runtime.git&a=commitdiff&h=d68703900edc8416fbcd2550cd336cbbb76decb9
---
Sanitize path
---


--- a/kioslave/bookmarks/kio_bookmarks.cpp
+++ b/kioslave/bookmarks/kio_bookmarks.cpp
@@ -22,6 +22,7 @@
 #include <stdlib.h>
 
 #include <qregexp.h>
+#include <qtextdocument.h>
 
 #include <kapplication.h>
 #include <kcmdlineargs.h>
@@ -197,7 +198,7 @@
     echoImage(regexp.cap(1), regexp.cap(2), url.queryItem("size"));
   } else {
     echoHead();
-    echo("<p class=\"message\">" + i18n("Wrong request: %1",path) + "</p>");
+    echo("<p class=\"message\">" + i18n("Bad request: %1", Qt::escape(Qt::escape(url.prettyUrl()))) + "</p>");
   }
   finished();
 }