parent
c79a351025
commit
79734ca9df
|
@ -0,0 +1,62 @@
|
||||||
|
diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc kdelibs-3.5.4/kio/kssl/kopenssl.cc
|
||||||
|
--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.cc 2009-08-31 20:50:12.000000000 +0200
|
||||||
|
+++ kdelibs-3.5.4/kio/kssl/kopenssl.cc 2009-08-31 21:46:47.000000000 +0200
|
||||||
|
@@ -196,6 +196,7 @@ static int (*K_X509_NAME_add_entry_by_tx
|
||||||
|
static X509_NAME *(*K_X509_NAME_new)() = 0L;
|
||||||
|
static int (*K_X509_REQ_set_subject_name)(X509_REQ*,X509_NAME*) = 0L;
|
||||||
|
static unsigned char *(*K_ASN1_STRING_data)(ASN1_STRING*) = 0L;
|
||||||
|
+static int (*K_ASN1_STRING_length)(ASN1_STRING*) = 0L;
|
||||||
|
static STACK_OF(SSL_CIPHER) *(*K_SSL_get_ciphers)(const SSL *ssl) = 0L;
|
||||||
|
|
||||||
|
#endif
|
||||||
|
@@ -498,6 +499,7 @@ KConfig *cfg;
|
||||||
|
K_X509_NAME_new = (X509_NAME *(*)()) _cryptoLib->symbol("X509_NAME_new");
|
||||||
|
K_X509_REQ_set_subject_name = (int (*)(X509_REQ*,X509_NAME*)) _cryptoLib->symbol("X509_REQ_set_subject_name");
|
||||||
|
K_ASN1_STRING_data = (unsigned char *(*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_data");
|
||||||
|
+ K_ASN1_STRING_length = (int (*)(ASN1_STRING*)) _cryptoLib->symbol("ASN1_STRING_length");
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1549,6 +1551,13 @@ unsigned char *KOpenSSLProxy::ASN1_STRIN
|
||||||
|
return 0L;
|
||||||
|
}
|
||||||
|
|
||||||
|
+
|
||||||
|
+int KOpenSSLProxy::ASN1_STRING_length(ASN1_STRING *x) {
|
||||||
|
+ if (K_ASN1_STRING_length) return (K_ASN1_STRING_length)(x);
|
||||||
|
+ return 0L;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
STACK_OF(SSL_CIPHER) *KOpenSSLProxy::SSL_get_ciphers(const SSL* ssl) {
|
||||||
|
if (K_SSL_get_ciphers) return (K_SSL_get_ciphers)(ssl);
|
||||||
|
return 0L;
|
||||||
|
diff -pruN kdelibs-3.5.4.orig/kio/kssl/kopenssl.h kdelibs-3.5.4/kio/kssl/kopenssl.h
|
||||||
|
--- kdelibs-3.5.4.orig/kio/kssl/kopenssl.h 2006-07-22 10:16:39.000000000 +0200
|
||||||
|
+++ kdelibs-3.5.4/kio/kssl/kopenssl.h 2009-08-31 21:46:47.000000000 +0200
|
||||||
|
@@ -622,6 +622,11 @@ public:
|
||||||
|
unsigned char *ASN1_STRING_data(ASN1_STRING *x);
|
||||||
|
|
||||||
|
/*
|
||||||
|
+ * ASN1_STRING_length
|
||||||
|
+ */
|
||||||
|
+ int ASN1_STRING_length(ASN1_STRING *x);
|
||||||
|
+
|
||||||
|
+ /*
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
int OBJ_obj2nid(ASN1_OBJECT *o);
|
||||||
|
diff -pruN kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc kdelibs-3.5.4/kio/kssl/ksslcertificate.cc
|
||||||
|
--- kdelibs-3.5.4.orig/kio/kssl/ksslcertificate.cc 2006-01-19 18:06:12.000000000 +0100
|
||||||
|
+++ kdelibs-3.5.4/kio/kssl/ksslcertificate.cc 2009-08-31 21:54:38.000000000 +0200
|
||||||
|
@@ -1099,7 +1099,9 @@ QStringList KSSLCertificate::subjAltName
|
||||||
|
}
|
||||||
|
|
||||||
|
QString s = (const char *)d->kossl->ASN1_STRING_data(val->d.ia5);
|
||||||
|
- if (!s.isEmpty()) {
|
||||||
|
+ if (!s.isEmpty() &&
|
||||||
|
+ /* skip subjectAltNames with embedded NULs */
|
||||||
|
+ s.length() == d->kossl->ASN1_STRING_length(val->d.ia5)) {
|
||||||
|
rc += s;
|
||||||
|
}
|
||||||
|
}
|
|
@ -8,13 +8,7 @@
|
||||||
|
|
||||||
%define arts 1
|
%define arts 1
|
||||||
%define arts_ev 8:1.5.10
|
%define arts_ev 8:1.5.10
|
||||||
|
|
||||||
%if 0%{?fedora} > 8
|
|
||||||
%define qt3 qt3
|
%define qt3 qt3
|
||||||
%else
|
|
||||||
%define qt3_epoch 1:
|
|
||||||
%define qt3 qt
|
|
||||||
%endif
|
|
||||||
%define qt3_version 3.3.8b
|
%define qt3_version 3.3.8b
|
||||||
%define qt3_ev %{?qt3_epoch}%{qt3_version}
|
%define qt3_ev %{?qt3_epoch}%{qt3_version}
|
||||||
# unfortunately, this doesn't work for 3.3.8b which still identifies as 3.3.8
|
# unfortunately, this doesn't work for 3.3.8b which still identifies as 3.3.8
|
||||||
|
@ -36,18 +30,11 @@
|
||||||
|
|
||||||
Summary: K Desktop Environment 3 - Libraries
|
Summary: K Desktop Environment 3 - Libraries
|
||||||
Version: 3.5.10
|
Version: 3.5.10
|
||||||
Release: 14%{?dist}
|
Release: 15%{?dist}
|
||||||
|
|
||||||
%if 0%{?fedora} > 8
|
|
||||||
Name: kdelibs3
|
Name: kdelibs3
|
||||||
Obsoletes: kdelibs < 6:%{version}-%{release}
|
Obsoletes: kdelibs < 6:%{version}-%{release}
|
||||||
Provides: kdelibs = 6:%{version}-%{release}
|
Provides: kdelibs = 6:%{version}-%{release}
|
||||||
%else
|
|
||||||
Name: kdelibs
|
|
||||||
Epoch: 6
|
|
||||||
Obsoletes: kdelibs3 < %{version}-%{release}
|
|
||||||
Provides: kdelibs3 = %{version}-%{release}
|
|
||||||
%endif
|
|
||||||
|
|
||||||
License: LGPLv2
|
License: LGPLv2
|
||||||
Url: http://www.kde.org/
|
Url: http://www.kde.org/
|
||||||
|
@ -108,6 +95,8 @@ Patch202: kdelibs-3.5.4-CVE-2009-1687.patch
|
||||||
Patch203: kdelibs-3.5.4-CVE-2009-1690.patch
|
Patch203: kdelibs-3.5.4-CVE-2009-1690.patch
|
||||||
# fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling
|
# fix CVE-2009-1698 - crash, possible ACE in CSS style attribute handling
|
||||||
Patch204: kdelibs-3.5.10-cve-2009-1698.patch
|
Patch204: kdelibs-3.5.10-cve-2009-1698.patch
|
||||||
|
# fix CVE-2009-2702 - ssl incorrect verification of SSL certificate with NUL in subjectAltName
|
||||||
|
Patch205: kdelibs-3.5.10-CVE-2009-2702.patch
|
||||||
|
|
||||||
#{?arts:Requires: arts >= %{arts_ev}}
|
#{?arts:Requires: arts >= %{arts_ev}}
|
||||||
#Requires: %{qt3} >= %{qt3_ev}
|
#Requires: %{qt3} >= %{qt3_ev}
|
||||||
|
@ -116,22 +105,18 @@ Requires: hicolor-icon-theme
|
||||||
Requires: kde-settings >= 3.5
|
Requires: kde-settings >= 3.5
|
||||||
%endif
|
%endif
|
||||||
Requires: kde-filesystem
|
Requires: kde-filesystem
|
||||||
%if "%{name}" != "kdelibs"
|
|
||||||
Requires: kdelibs-common
|
Requires: kdelibs-common
|
||||||
%endif
|
|
||||||
Requires: redhat-menus
|
Requires: redhat-menus
|
||||||
Requires: shadow-utils
|
Requires: shadow-utils
|
||||||
BuildRequires: sudo
|
BuildRequires: sudo
|
||||||
Requires(hint): sudo
|
Requires(hint): sudo
|
||||||
|
|
||||||
%if 0%{?fedora} > 4 || 0%{?rhel} > 4
|
|
||||||
%define libkdnssd libkdnssd
|
%define libkdnssd libkdnssd
|
||||||
# omit for now, may contribute to http://bugzilla.redhat.com/441222
|
# omit for now, may contribute to http://bugzilla.redhat.com/441222
|
||||||
#Requires: %{libkdnssd}
|
#Requires: %{libkdnssd}
|
||||||
%define BuildRequires: xorg-x11-proto-devel libX11-devel
|
%define BuildRequires: xorg-x11-proto-devel libX11-devel
|
||||||
%define _with_rgbfile --with-rgbfile=%{_datadir}/X11/rgb.txt
|
%define _with_rgbfile --with-rgbfile=%{_datadir}/X11/rgb.txt
|
||||||
Requires: iceauth
|
Requires: iceauth
|
||||||
%endif
|
|
||||||
|
|
||||||
Requires(pre): coreutils
|
Requires(pre): coreutils
|
||||||
Requires(post): /sbin/ldconfig
|
Requires(post): /sbin/ldconfig
|
||||||
|
@ -163,24 +148,16 @@ BuildRequires: libart_lgpl-devel
|
||||||
BuildRequires: bzip2-devel
|
BuildRequires: bzip2-devel
|
||||||
BuildRequires: libtiff-devel
|
BuildRequires: libtiff-devel
|
||||||
BuildRequires: libacl-devel libattr-devel
|
BuildRequires: libacl-devel libattr-devel
|
||||||
%if 0%{?fedora} >= 9
|
|
||||||
BuildRequires: enchant-devel
|
BuildRequires: enchant-devel
|
||||||
Requires: hunspell
|
Requires: hunspell
|
||||||
%else
|
|
||||||
BuildRequires: aspell-devel
|
|
||||||
%endif
|
|
||||||
BuildRequires: krb5-devel
|
BuildRequires: krb5-devel
|
||||||
BuildRequires: openldap-devel
|
BuildRequires: openldap-devel
|
||||||
BuildRequires: db4-devel
|
BuildRequires: db4-devel
|
||||||
BuildRequires: alsa-lib-devel
|
BuildRequires: alsa-lib-devel
|
||||||
BuildRequires: pkgconfig
|
BuildRequires: pkgconfig
|
||||||
BuildRequires: glibc-kernheaders
|
BuildRequires: glibc-kernheaders
|
||||||
%if 0%{?fedora} > 5 || 0%{?rhel} > 4
|
|
||||||
%define _with_libutempter 1
|
%define _with_libutempter 1
|
||||||
BuildRequires: libutempter-devel
|
BuildRequires: libutempter-devel
|
||||||
%else
|
|
||||||
BuildRequires: utempter
|
|
||||||
%endif
|
|
||||||
BuildRequires: findutils
|
BuildRequires: findutils
|
||||||
BuildRequires: jasper-devel
|
BuildRequires: jasper-devel
|
||||||
BuildRequires: OpenEXR-devel
|
BuildRequires: OpenEXR-devel
|
||||||
|
@ -211,13 +188,8 @@ kimgio (image manipulation).
|
||||||
%package devel
|
%package devel
|
||||||
Group: Development/Libraries
|
Group: Development/Libraries
|
||||||
Summary: Header files and documentation for compiling KDE 3 applications.
|
Summary: Header files and documentation for compiling KDE 3 applications.
|
||||||
%if "%{name}" == "kdelibs"
|
|
||||||
Obsoletes: kdelibs3-devel < %{version}-%{release}
|
|
||||||
Provides: kdelibs3-devel = %{version}-%{release}
|
|
||||||
%else
|
|
||||||
Obsoletes: kdelibs-devel < 6:%{version}-%{release}
|
Obsoletes: kdelibs-devel < 6:%{version}-%{release}
|
||||||
Provides: kdelibs-devel = 6:%{version}-%{release}
|
Provides: kdelibs-devel = 6:%{version}-%{release}
|
||||||
%endif
|
|
||||||
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
|
||||||
Requires: %{qt3}-devel
|
Requires: %{qt3}-devel
|
||||||
Requires: openssl-devel
|
Requires: openssl-devel
|
||||||
|
@ -231,15 +203,9 @@ applications for KDE 3.
|
||||||
Group: Development/Documentation
|
Group: Development/Documentation
|
||||||
Summary: KDE 3 API documentation.
|
Summary: KDE 3 API documentation.
|
||||||
Requires: %{name} = %{?epoch:%{epoch}:}%{version}
|
Requires: %{name} = %{?epoch:%{epoch}:}%{version}
|
||||||
%if "%{name}" == "kdelibs"
|
|
||||||
Provides: kdelibs3-apidocs = %{version}-%{release}
|
|
||||||
%else
|
|
||||||
Obsoletes: kdelibs-apidocs < 6:%{version}-%{release}
|
Obsoletes: kdelibs-apidocs < 6:%{version}-%{release}
|
||||||
Provides: kdelibs-apidocs = 6:%{version}-%{release}
|
Provides: kdelibs-apidocs = 6:%{version}-%{release}
|
||||||
%endif
|
|
||||||
%if 0%{?fedora} > 9
|
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
%endif
|
|
||||||
|
|
||||||
%description apidocs
|
%description apidocs
|
||||||
This package includes the KDE 3 API documentation in HTML
|
This package includes the KDE 3 API documentation in HTML
|
||||||
|
@ -266,16 +232,12 @@ format for easy browsing
|
||||||
%patch43 -p1 -b .lang
|
%patch43 -p1 -b .lang
|
||||||
%patch45 -p1 -b .xdg-autostart
|
%patch45 -p1 -b .xdg-autostart
|
||||||
%patch46 -p1 -b .kate-vhdl
|
%patch46 -p1 -b .kate-vhdl
|
||||||
%if 0%{?fedora} >= 9
|
|
||||||
%patch48 -p1 -b .kspell
|
%patch48 -p1 -b .kspell
|
||||||
%patch49 -p1 -b .kspell2
|
%patch49 -p1 -b .kspell2
|
||||||
%patch50 -p1 -b .no-ispell
|
%patch50 -p1 -b .no-ispell
|
||||||
%endif
|
|
||||||
%patch51 -p1 -b .cupsserverbin
|
%patch51 -p1 -b .cupsserverbin
|
||||||
%patch52 -p1 -b .KDE3
|
%patch52 -p1 -b .KDE3
|
||||||
%if "%{name}" != "kdelibs"
|
|
||||||
%patch53 -p1 -b .drkonqi-kde4
|
%patch53 -p1 -b .drkonqi-kde4
|
||||||
%endif
|
|
||||||
%patch54 -p1 -b .flock-redefinition
|
%patch54 -p1 -b .flock-redefinition
|
||||||
%patch55 -p1 -b .latex-syntax
|
%patch55 -p1 -b .latex-syntax
|
||||||
|
|
||||||
|
@ -289,6 +251,7 @@ format for easy browsing
|
||||||
%patch202 -p1 -b .cve-2009-1687
|
%patch202 -p1 -b .cve-2009-1687
|
||||||
%patch203 -p1 -b .cve-2009-1690
|
%patch203 -p1 -b .cve-2009-1690
|
||||||
%patch204 -p1 -b .cve-2009-1698
|
%patch204 -p1 -b .cve-2009-1698
|
||||||
|
%patch205 -p1 -b .cve-2009-2702
|
||||||
|
|
||||||
sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h
|
sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h
|
||||||
|
|
||||||
|
@ -331,11 +294,7 @@ export DO_NOT_COMPILE="libkscreensaver"
|
||||||
--enable-sendfile \
|
--enable-sendfile \
|
||||||
--with-distribution="$(cat /etc/redhat-release 2>/dev/null)" \
|
--with-distribution="$(cat /etc/redhat-release 2>/dev/null)" \
|
||||||
--with-alsa \
|
--with-alsa \
|
||||||
%if 0%{?fedora} >= 9
|
|
||||||
--without-aspell \
|
--without-aspell \
|
||||||
%else
|
|
||||||
--with-aspell \
|
|
||||||
%endif
|
|
||||||
--without-hspell \
|
--without-hspell \
|
||||||
--disable-libfam \
|
--disable-libfam \
|
||||||
--enable-dnotify \
|
--enable-dnotify \
|
||||||
|
@ -384,13 +343,6 @@ popd
|
||||||
install -p -m 644 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d/kde.sh
|
install -p -m 644 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d/kde.sh
|
||||||
install -p -m 644 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d/kde.csh
|
install -p -m 644 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d/kde.csh
|
||||||
|
|
||||||
%if "%{name}" == "kdelibs"
|
|
||||||
# menus
|
|
||||||
mkdir -p %{buildroot}%{_sysconfdir}/kde/xdg/menus
|
|
||||||
mv %{buildroot}%{_sysconfdir}/xdg/menus/applications.menu \
|
|
||||||
%{buildroot}%{_sysconfdir}/xdg/menus/kde-applications.menu
|
|
||||||
%endif
|
|
||||||
|
|
||||||
# Use hicolor-icon-theme rpm/pkg instead (#178319)
|
# Use hicolor-icon-theme rpm/pkg instead (#178319)
|
||||||
rm -rf $RPM_BUILD_ROOT%{_datadir}/icons/hicolor/
|
rm -rf $RPM_BUILD_ROOT%{_datadir}/icons/hicolor/
|
||||||
|
|
||||||
|
@ -426,7 +378,6 @@ find $RPM_BUILD_ROOT%{_libdir} -name "*.la" | xargs \
|
||||||
rm -f %{buildroot}%{_libdir}/libkdnssd.la
|
rm -f %{buildroot}%{_libdir}/libkdnssd.la
|
||||||
%{?libkdnssd:rm -rf %{buildroot}{%{_libdir}/libkdnssd.*,%{_includedir}/kde/dnssd}}
|
%{?libkdnssd:rm -rf %{buildroot}{%{_libdir}/libkdnssd.*,%{_includedir}/kde/dnssd}}
|
||||||
|
|
||||||
%if "%{name}" != "kdelibs"
|
|
||||||
# remove conflicts with kdelibs-4
|
# remove conflicts with kdelibs-4
|
||||||
rm -f %{buildroot}%{_bindir}/checkXML
|
rm -f %{buildroot}%{_bindir}/checkXML
|
||||||
rm -f %{buildroot}%{_bindir}/ksvgtopng
|
rm -f %{buildroot}%{_bindir}/ksvgtopng
|
||||||
|
@ -484,8 +435,6 @@ rm -f %{buildroot}%{_bindir}/preparetips
|
||||||
# don't show kresources
|
# don't show kresources
|
||||||
sed -i -e "s,^OnlyShowIn=KDE;,OnlyShowIn=KDE3;," %{buildroot}%{_datadir}/applications/kde/kresources.desktop
|
sed -i -e "s,^OnlyShowIn=KDE;,OnlyShowIn=KDE3;," %{buildroot}%{_datadir}/applications/kde/kresources.desktop
|
||||||
|
|
||||||
%endif
|
|
||||||
|
|
||||||
%if 0%{?include_crystalsvg} == 0
|
%if 0%{?include_crystalsvg} == 0
|
||||||
# remove all crystalsvg icons for now
|
# remove all crystalsvg icons for now
|
||||||
rm -rf %{buildroot}%{_datadir}/icons/crystalsvg/
|
rm -rf %{buildroot}%{_datadir}/icons/crystalsvg/
|
||||||
|
@ -600,15 +549,7 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
|
||||||
%{_datadir}/servicetypes/*
|
%{_datadir}/servicetypes/*
|
||||||
%ghost %{_datadir}/services/ksycoca
|
%ghost %{_datadir}/services/ksycoca
|
||||||
%{_docdir}/HTML/en/kspell
|
%{_docdir}/HTML/en/kspell
|
||||||
%if "%{name}" == "kdelibs"
|
|
||||||
%{_sysconfdir}/xdg/menus/*.menu
|
|
||||||
%{_datadir}/autostart/*
|
|
||||||
# include also the conflicting file in kdelibs fedora < 9
|
|
||||||
%{_docdir}/HTML/en/common
|
|
||||||
%{_datadir}/locale/all_languages
|
|
||||||
%else
|
|
||||||
%{_docdir}/HTML/en/common/*
|
%{_docdir}/HTML/en/common/*
|
||||||
%endif
|
|
||||||
%if 0%{?include_crystalsvg}
|
%if 0%{?include_crystalsvg}
|
||||||
%{_datadir}/icons/crystalsvg/
|
%{_datadir}/icons/crystalsvg/
|
||||||
%endif
|
%endif
|
||||||
|
@ -616,12 +557,6 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
|
||||||
%files devel
|
%files devel
|
||||||
%defattr(-,root,root,-)
|
%defattr(-,root,root,-)
|
||||||
# include also the conflicting file in kdelibs-devel fedora < 9
|
# include also the conflicting file in kdelibs-devel fedora < 9
|
||||||
%if "%{name}" == "kdelibs"
|
|
||||||
%{_bindir}/checkXML
|
|
||||||
%{_bindir}/ksvgtopng
|
|
||||||
%{_bindir}/kunittestmodrunner
|
|
||||||
%{_bindir}/preparetips
|
|
||||||
%endif
|
|
||||||
%{_bindir}/dcopidl*
|
%{_bindir}/dcopidl*
|
||||||
%{_bindir}/kconfig_compiler
|
%{_bindir}/kconfig_compiler
|
||||||
%{_bindir}/makekdewidgets
|
%{_bindir}/makekdewidgets
|
||||||
|
@ -640,6 +575,9 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Sep 04 2009 Than Ngo <than@redhat.com> - 3.5.10-15
|
||||||
|
- fix for CVE-2009-2702
|
||||||
|
|
||||||
* Thu Sep 03 2009 Rex Dieter <rdieter@fedoraproject.org> - 3.5.10-14
|
* Thu Sep 03 2009 Rex Dieter <rdieter@fedoraproject.org> - 3.5.10-14
|
||||||
- kde.(sh|csh): drop KDE_IS_PRELINKED (workaround bug #515539)
|
- kde.(sh|csh): drop KDE_IS_PRELINKED (workaround bug #515539)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue