Compare commits
23 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
980668d168 | ||
|
2a663895f5 | ||
|
af4915e1d2 | ||
|
890085c09a | ||
|
a498646018 | ||
|
b59828603b | ||
|
9c68dd72d1 | ||
|
76df1a0265 | ||
|
8e30ea3629 | ||
|
d595b76fa8 | ||
|
379763bd17 | ||
|
efcabf6ef9 | ||
|
1367bf1087 | ||
|
fdd41f6c9b | ||
|
399e027e1e | ||
|
63f78f53cb | ||
|
72ab421514 | ||
|
23ceb8083b | ||
|
8ffb074c9f | ||
|
532963568a | ||
|
df1ac53552 | ||
|
f8e80152e5 | ||
|
bbfaf15b8e |
27
kdelibs-4.9.x-CVE-2012-4514.patch
Normal file
27
kdelibs-4.9.x-CVE-2012-4514.patch
Normal file
@ -0,0 +1,27 @@
|
||||
commit 65464349951e0df9b5d80c2eb3cc7458d54923ae
|
||||
Author: David Faure <faure@kde.org>
|
||||
Date: Fri Oct 19 11:33:41 2012 +0200
|
||||
|
||||
Fix crash when trying to reuse a frame with a null part.
|
||||
|
||||
BUG: 271528
|
||||
FIXED-IN: 4.9.3
|
||||
|
||||
diff --git a/khtml/khtml_part.cpp b/khtml/khtml_part.cpp
|
||||
index ad00ea5..6165710 100644
|
||||
--- a/khtml/khtml_part.cpp
|
||||
+++ b/khtml/khtml_part.cpp
|
||||
@@ -5242,8 +5242,12 @@ KHTMLPart* KHTMLPartPrivate::top()
|
||||
|
||||
bool KHTMLPartPrivate::canNavigate(KParts::ReadOnlyPart* bCand)
|
||||
{
|
||||
+ if (!bCand) // No part here (e.g. invalid url), reuse that frame
|
||||
+ return true;
|
||||
+
|
||||
KHTMLPart* b = qobject_cast<KHTMLPart*>(bCand);
|
||||
- assert(b);
|
||||
+ if (!b) // Another kind of part? Not sure what to do...
|
||||
+ return false;
|
||||
|
||||
// HTML5 gives conditions for this (a) being able to navigate b
|
||||
|
50
kdelibs-4.9.x-CVE-2012-4515.patch
Normal file
50
kdelibs-4.9.x-CVE-2012-4515.patch
Normal file
@ -0,0 +1,50 @@
|
||||
commit 4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8
|
||||
Author: David Faure <faure@kde.org>
|
||||
Date: Wed Oct 24 20:04:31 2012 +0200
|
||||
|
||||
Fix crash when a redirect happens in an iframe while the context menu is shown
|
||||
|
||||
diff --git a/khtml/rendering/render_replaced.cpp b/khtml/rendering/render_replaced.cpp
|
||||
index 195dcba..6bc5caa 100644
|
||||
--- a/khtml/rendering/render_replaced.cpp
|
||||
+++ b/khtml/rendering/render_replaced.cpp
|
||||
@@ -1030,7 +1030,7 @@ bool RenderWidget::handleEvent(const DOM::EventImpl& ev)
|
||||
p.setY(qMin(qMax(0,p.y()),m_widget->height()));
|
||||
}
|
||||
|
||||
- QWidget* target = 0;
|
||||
+ QPointer<QWidget> target;
|
||||
target = m_widget->childAt(p);
|
||||
|
||||
if (target) {
|
||||
@@ -1103,16 +1103,18 @@ bool RenderWidget::handleEvent(const DOM::EventImpl& ev)
|
||||
}
|
||||
}
|
||||
|
||||
- QEvent *e = isMouseWheel ?
|
||||
+ QScopedPointer<QEvent> e(isMouseWheel ?
|
||||
static_cast<QEvent*>(new QWheelEvent(p, -me.detail()*40, buttons, state, orient)) :
|
||||
- static_cast<QEvent*>(new QMouseEvent(type, p, button, buttons, state));
|
||||
+ static_cast<QEvent*>(new QMouseEvent(type, p, button, buttons, state)));
|
||||
|
||||
|
||||
- ret = bubblingSend(target, e, m_widget);
|
||||
+ ret = bubblingSend(target, e.data(), m_widget);
|
||||
|
||||
+ if (!target)
|
||||
+ break;
|
||||
if (needContextMenuEvent) {
|
||||
QContextMenuEvent cme(QContextMenuEvent::Mouse, p);
|
||||
- static_cast<EventPropagator *>(target)->sendEvent(&cme);
|
||||
+ static_cast<EventPropagator *>(target.data())->sendEvent(&cme);
|
||||
} else if (type == QEvent::MouseMove && target->testAttribute(Qt::WA_Hover)) {
|
||||
QHoverEvent he( QEvent::HoverMove, p, p );
|
||||
QApplication::sendEvent(target, &he);
|
||||
@@ -1120,7 +1122,6 @@ bool RenderWidget::handleEvent(const DOM::EventImpl& ev)
|
||||
if (ev.id() == EventImpl::MOUSEUP_EVENT) {
|
||||
view()->setMouseEventsTarget( 0 );
|
||||
}
|
||||
- delete e;
|
||||
break;
|
||||
}
|
||||
case EventImpl::KEYDOWN_EVENT:
|
@ -25,7 +25,7 @@
|
||||
|
||||
Summary: KDE Libraries
|
||||
Version: 4.8.5
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
|
||||
Name: kdelibs
|
||||
Epoch: 6
|
||||
@ -152,6 +152,8 @@ Patch100: kdelibs-4.8.3-kdeclarative-install-location.patch
|
||||
## security fix
|
||||
# Not Upstreamed? why not ? -- Rex
|
||||
Patch200: kdelibs-4.3.1-CVE-2009-2702.patch
|
||||
Patch201: kdelibs-4.9.x-CVE-2012-4515.patch
|
||||
Patch202: kdelibs-4.9.x-CVE-2012-4514.patch
|
||||
|
||||
# rhel patches
|
||||
Patch300: kdelibs-4.8.3-webkit.patch
|
||||
@ -362,6 +364,8 @@ popd
|
||||
|
||||
# security fixes
|
||||
%patch200 -p1 -b .CVE-2009-2702
|
||||
%patch201 -p1 -b .CVE-2012-4515
|
||||
%patch202 -p1 -b .CVE-2012-4514
|
||||
|
||||
# rhel patches
|
||||
%if 0%{?rhel}
|
||||
@ -614,6 +618,9 @@ rm -rf %{buildroot}
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Oct 31 2012 Than Ngo <than@redhat.com> - 6:4.8.5-2
|
||||
- Resolves: CVE-2012-4515, CVE-2012-4514
|
||||
|
||||
* Thu Aug 02 2012 Rex Dieter <rdieter@fedoraproject.org> - 6:4.8.5-1
|
||||
- 4.8.5
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user