Resolves: CVE-2012-4514

kdelibs-4.9.x-CVE-2012-4514.patch

@@ -0,0 +1,27 @@
+commit 65464349951e0df9b5d80c2eb3cc7458d54923ae
+Author: David Faure <faure@kde.org>
+Date:   Fri Oct 19 11:33:41 2012 +0200
+
+    Fix crash when trying to reuse a frame with a null part.
+    
+    BUG: 271528
+    FIXED-IN: 4.9.3
+
+diff --git a/khtml/khtml_part.cpp b/khtml/khtml_part.cpp
+index ad00ea5..6165710 100644
+--- a/khtml/khtml_part.cpp
++++ b/khtml/khtml_part.cpp
+@@ -5242,8 +5242,12 @@ KHTMLPart* KHTMLPartPrivate::top()
+ 
+ bool KHTMLPartPrivate::canNavigate(KParts::ReadOnlyPart* bCand)
+ {
++    if (!bCand) // No part here (e.g. invalid url), reuse that frame
++        return true;
++
+     KHTMLPart* b = qobject_cast<KHTMLPart*>(bCand);
+-    assert(b);
++    if (!b) // Another kind of part? Not sure what to do...
++        return false;
+ 
+     // HTML5 gives conditions for this (a) being able to navigate b
+     

kdelibs.spec

@@ -25,7 +25,7 @@
 
 Summary: KDE Libraries
 Version: 4.9.2
-Release: 10%{?dist}
+Release: 11%{?dist}
 
 Name: kdelibs
 Epoch: 6
@@ -166,6 +166,7 @@ Patch100: kdelibs-4.9.2-cache-solid-device-in-kfileplaces.patch
 # Not Upstreamed? why not ? -- Rex
 Patch200: kdelibs-4.3.1-CVE-2009-2702.patch
 Patch201: kdelibs-4.9.x-CVE-2012-4515.patch
+Patch202: kdelibs-4.9.x-CVE-2012-4514.patch
 
 # rhel patches
 Patch300: kdelibs-4.8.3-webkit.patch
@@ -340,6 +341,7 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
 # security fixes
 %patch200 -p1 -b .CVE-2009-2702
 %patch201 -p1 -b .CVE-2012-4515
+%patch202 -p1 -b .CVE-2012-4514
 
 # rhel patches
 %if 0%{?rhel}
@@ -595,6 +597,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Wed Oct 31 2012 Than Ngo <than@redhat.com> - 6:4.9.2-11
+- Resolves: CVE-2012-4514
+
 * Wed Oct 31 2012 Than Ngo <than@redhat.com> - 6:4.9.2-10
 - Resolves: bz#871541, CVE-2012-4515