jreznik pushed to kdelibs3 (epel7). "Resolves: bz#743074, CVE-2011-3365, input validation failure in KSSL"
notifications at fedoraproject.org
notifications at fedoraproject.org
Thu Apr 2 15:37:10 UTC 2015
>From 21065e34b68fd2038a269f57007a86b100b3b130 Mon Sep 17 00:00:00 2001
From: Than Ngo <than at redhat.com>
Date: Thu, 13 Oct 2011 13:58:18 +0200
Subject: Resolves: bz#743074, CVE-2011-3365, input validation failure in KSSL
diff --git a/kdelibs-3.5.x-CVE-2011-3365.patch b/kdelibs-3.5.x-CVE-2011-3365.patch
new file mode 100644
index 0000000..15c72c4
--- /dev/null
+++ b/kdelibs-3.5.x-CVE-2011-3365.patch
@@ -0,0 +1,111 @@
+--- kdelibs-3.5.10/kio/kssl/ksslinfodlg.cc 2007-05-14 09:52:36.000000000 +0200
++++ kdelibs-3.5.10/kio/kssl/ksslinfodlg.cc 2011-10-07 20:38:30.000000000 +0200
+@@ -253,6 +253,14 @@
+ layout->addWidget(new QLabel(i18n("%1 bits used of a %2 bit cipher").arg(usedbits).arg(bits), this), 10, 1);
+ d->m_layout->addMultiCell(layout, 2, 2, 0, 2);
+
++ ipl->setTextFormat(Qt::PlainText);
++ urlLabel->setTextFormat(Qt::PlainText);
++ d->_serialNum->setTextFormat(Qt::PlainText);
++ d->_csl->setTextFormat(Qt::PlainText);
++ d->_validFrom->setTextFormat(Qt::PlainText);
++ d->_validUntil->setTextFormat(Qt::PlainText);
++ d->_digest->setTextFormat(Qt::PlainText);
++
+ displayCert(cert);
+ }
+
+@@ -400,32 +408,32 @@
+ if (!(tmp = cert.getValue("O")).isEmpty()) {
+ label = new QLabel(i18n("Organization:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("OU")).isEmpty()) {
+ label = new QLabel(i18n("Organizational unit:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("L")).isEmpty()) {
+ label = new QLabel(i18n("Locality:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("ST")).isEmpty()) {
+ label = new QLabel(i18n("Federal State","State:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("C")).isEmpty()) {
+ label = new QLabel(i18n("Country:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("CN")).isEmpty()) {
+ label = new QLabel(i18n("Common name:"), _frame);
+ label->setAlignment(Qt::AlignLeft | Qt::AlignTop);
+- new QLabel(tmp, _frame);
++ (new QLabel(tmp, _frame))->setTextFormat(Qt::PlainText);
+ }
+ if (!(tmp = cert.getValue("Email")).isEmpty()) {
+ label = new QLabel(i18n("Email:"), _frame);
+@@ -435,6 +443,7 @@
+ connect(mail, SIGNAL(leftClickedURL(const QString &)), mailCatcher, SLOT(mailClicked(const QString &)));
+ } else {
+ label = new QLabel(tmp, _frame);
++ label->setTextFormat(Qt::PlainText);
+ }
+ }
+ if (label && viewport()) {
+--- kdelibs-3.5.10/kioslave/http/http.cc 2008-02-13 10:41:06.000000000 +0100
++++ kdelibs-3.5.10-kio_http-qlabel/kioslave/http/http.cc 2011-10-07 21:09:39.000000000 +0200
+@@ -183,6 +183,26 @@
+ return sanitizedHeaders.stripWhiteSpace();
+ }
+
++static QString htmlEscape(const QString &plain)
++{
++ QString rich;
++ rich.reserve(uint(plain.length() * 1.1));
++ for (uint i = 0; i < plain.length(); ++i) {
++ if (plain.at(i) == '<')
++ rich += "<";
++ else if (plain.at(i) == '>')
++ rich += ">";
++ else if (plain.at(i) == '&')
++ rich += "&";
++ else if (plain.at(i) == '"')
++ rich += """;
++ else
++ rich += plain.at(i);
++ }
++ rich.squeeze();
++ return rich;
++}
++
+
+ #define NO_SIZE ((KIO::filesize_t) -1)
+
+@@ -5173,7 +5193,7 @@
+ info.verifyPath = false;
+ info.digestInfo = m_strAuthorization;
+ info.commentLabel = i18n( "Site:" );
+- info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strRealm ).arg( m_request.hostname );
++ info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strRealm) ).arg( m_request.hostname );
+ }
+ }
+ else if ( m_responseCode == 407 )
+@@ -5190,7 +5210,7 @@
+ info.verifyPath = false;
+ info.digestInfo = m_strProxyAuthorization;
+ info.commentLabel = i18n( "Proxy:" );
+- info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( m_strProxyRealm ).arg( m_proxyURL.host() );
++ info.comment = i18n("<b>%1</b> at <b>%2</b>").arg( htmlEscape(m_strProxyRealm) ).arg( m_proxyURL.host() );
+ }
+ }
+ }
diff --git a/kdelibs3.spec b/kdelibs3.spec
index 70cc605..dfcbc90 100644
--- a/kdelibs3.spec
+++ b/kdelibs3.spec
@@ -28,7 +28,7 @@
Summary: KDE 3 Libraries
Name: kdelibs3
Version: 3.5.10
-Release: 30%{?dist}
+Release: 31%{?dist}
License: LGPLv2
Url: http://www.kde.org/
@@ -107,6 +107,8 @@ Patch205: kdelibs-3.5.10-CVE-2009-2702.patch
Patch206: kdelibs-3.5.10-oCERT-2009-015-xmlhttprequest.patch
# CVE-2009-3736, libltdl may load and execute code from a library in the current directory
Patch207: libltdl-CVE-2009-3736.patch
+# CVE-2011-3365, input validation failure in KSSL
+Patch208: kdelibs-3.5.x-CVE-2011-3365.patch
Requires: hicolor-icon-theme
%if %{kde_settings}
@@ -263,6 +265,7 @@ format for easy browsing
%patch205 -p1 -b .cve-2009-2702
%patch206 -p0 -b .oCERT-2009-015-xmlhttprequest
%patch207 -p1 -b .CVE-2009-3736
+%patch208 -p1 -b .CVE-2011-3365
sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h
@@ -586,6 +589,9 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
%changelog
+* Thu Oct 13 2011 Than Ngo <than at redhat.com> - 3.5.10-31
+- Resolves: bz#743074, CVE-2011-3365, input validation failure in KSSL
+
* Fri Jun 17 2011 Kevin Kofler <Kevin at tigcc.ticalc.org> - 3.5.10-30
- fix FTBFS (cups-util.c must include stdio.h, #714133)
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/kdelibs3.git/commit/?h=epel7&id=21065e34b68fd2038a269f57007a86b100b3b130
More information about the scm-commits
mailing list