jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #5107 from Hoshpak/CVE-2016-7966-2

Browse source 
kdepimlibs: add CVE-2016-7966_part2.patch
This commit is contained in:
Toyam Cox 2016-11-06 11:11:00 -05:00 committed by GitHub
commit e8086e3943
2 changed files with 30 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
srcpkgs/kdepimlibs/patches/CVE-2016-7966_part2.patch Normal file
View file

@ -0,0 +1,29 @@
--- kpimutils/linklocator.cpp
+++ kpimutils/linklocator.cpp
@@ -389,7 +389,23 @@
bool badUrl = false;
str = locator.getUrlAndCheckValidHref(&badUrl);
if (badUrl) {
- return locator.mText;
+ QString resultBadUrl;
+ const int helperTextSize(locator.mText.count());
+ for (int i = 0; i < helperTextSize; ++i) {
+ const QChar chBadUrl = locator.mText[i];
+ if (chBadUrl == QLatin1Char('&')) {
+ resultBadUrl += QLatin1String("&amp;");
+ } else if (chBadUrl == QLatin1Char('"')) {
+ resultBadUrl += QLatin1String("&quot;");
+ } else if (chBadUrl == QLatin1Char('<')) {
+ resultBadUrl += QLatin1String("&lt;");
+ } else if (chBadUrl == QLatin1Char('>')) {
+ resultBadUrl += QLatin1String("&gt;");
+ } else {
+ resultBadUrl += chBadUrl;
+ }
+ }
+ return resultBadUrl;
}
if ( !str.isEmpty() ) {

2
srcpkgs/kdepimlibs/template
View file

@ -1,7 +1,7 @@
# Template file for 'kdepimlibs'
pkgname=kdepimlibs
version=4.14.3
revision=4
revision=5
short_desc="KDE PIM Libraries"
maintainer="Juan RP <xtraeme@voidlinux.eu>"
license="GPL-2, LGPL-2.1, FDL"