[rekonq/f13/master] added patch to fix CVE-2010-2536

Tue Aug 3 20:11:13 UTC 2010

commit b1a1a41d379d7f888ee681d0bb5c88fdc5303a7d
Author: Thomas Janssen <thomasj at fedoraproject.org>
Date:   Tue Aug 3 22:11:07 2010 +0200

    added patch to fix CVE-2010-2536

 rekonq.spec                    |    9 ++++++++-
 rekonq_fix_CVE-2010-2536.patch |   13 +++++++++++++
 2 files changed, 21 insertions(+), 1 deletions(-)
---

diff --git a/rekonq.spec b/rekonq.spec
index 545b9c7..d4c23fb 100644
--- a/rekonq.spec
+++ b/rekonq.spec
@@ -1,6 +1,6 @@
 Name:		rekonq
 Version:	0.5.0
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	KDE browser based on QtWebkit
 
 Group:		Applications/Internet
@@ -9,6 +9,8 @@ URL:		http://rekonq.sourceforge.net/
 Source0:	http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2
 BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
+Patch10:	rekonq_fix_CVE-2010-2536.patch
+
 BuildRequires:	kdebase-workspace-devel >= 4.4.0
 BuildRequires:	qt-devel >= 4.6.0
 BuildRequires:	gettext
@@ -25,6 +27,7 @@ KDE technologies to have a full-featured KDE web browser.
 
 %prep
 %setup -q
+%patch10 -p0
 
 %build
 mkdir -p %{_target_platform}
@@ -67,6 +70,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_kde4_appsdir}/%{name}/*
 
 %changelog
+* Tue Aug 03 2010 Thomas Janssen <thomasj at fedoraproject.org> 0.5.0-2
+- added patch to fix CVE-2010-2536 (patch by Eelko)
+- fixes #620897
+
 * Tue Jul 13 2010 Eelko Berkenpies <fedora at berkenpi.es> 0.5.0-1
 - rekonq 0.5.0
 
diff --git a/rekonq_fix_CVE-2010-2536.patch b/rekonq_fix_CVE-2010-2536.patch
new file mode 100644
index 0000000..1f2dd77
--- /dev/null
+++ b/rekonq_fix_CVE-2010-2536.patch
@@ -0,0 +1,13 @@
+--- src/webpage.cpp	2010-07-05 23:13:01.000000000 +0200
++++ src/webpage.cpp.old	2010-08-03 21:31:06.000000000 +0200
+@@ -577,8 +577,8 @@
+         return QString("Couldn't open the rekonqinfo.html file");
+     }
+ 
+-    QString title = i18n("Error loading: %1", reply->url().toString());
+-    QString urlString = reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery);
++    QString title = i18n("There was a problem while loading the page");
++    QString urlString = reply->url().toString(QUrl::RemoveUserInfo | QUrl::RemoveQuery | QUrl::RemovePath);
+ 
+     QString iconPath = QString("file://") + KIconLoader::global()->iconPath("dialog-warning" , KIconLoader::Small);
+     iconPath.replace(QL1S("16"), QL1S("128"));
