backport upstream patches
This commit is contained in:
Than Ngo
parent
d43dd7ec44
commit
cb927be5c8
|
|
@ -0,0 +1,32 @@
|
|||
--- kdelibs-3.5.10/kio/kio/kzip.cpp.orig 2009-12-09 18:42:47.000000000 +0100
|
||||
+++ kdelibs-3.5.10/kio/kio/kzip.cpp 2009-12-09 18:45:43.000000000 +0100
|
||||
@@ -1051,6 +1051,20 @@
|
||||
return true;
|
||||
}
|
||||
|
||||
+bool KZip::writeDir(const QString& name, const QString& user, const QString& group)
|
||||
+{
|
||||
+ // Zip files have no explicit directories, they are implicitly created during extraction time
|
||||
+ // when file entries have paths in them.
|
||||
+ // However, to support empty directories, we must create a dummy file entry which ends with '/'.
|
||||
+ QString dirName = name;
|
||||
+ if (!name.endsWith("/"))
|
||||
+ dirName = dirName.append('/');
|
||||
+
|
||||
+ mode_t perm = 040755;
|
||||
+ time_t the_time = time(0);
|
||||
+ return writeFile(dirName, user, group, 0, perm, the_time, the_time, the_time, 0);
|
||||
+}
|
||||
+
|
||||
// Doesn't need to be reimplemented anymore. Remove for KDE-4.0
|
||||
bool KZip::writeFile( const QString& name, const QString& user, const QString& group, uint size, const char* data )
|
||||
{
|
||||
@@ -1114,7 +1128,7 @@
|
||||
}
|
||||
|
||||
// delete entries in the filelist with the same filename as the one we want
|
||||
- // to save, so that we don´t have duplicate file entries when viewing the zip
|
||||
+ // to save, so that we don�t have duplicate file entries when viewing the zip
|
||||
// with konqi...
|
||||
// CAUTION: the old file itself is still in the zip and won't be removed !!!
|
||||
QPtrListIterator<KZipFileEntry> it( d->m_fileList );
|
||||
|
|
@ -81,6 +81,11 @@ Patch101: kde-3.5-libtool-shlibext.patch
|
|||
Patch103: kdelibs-3.5.0-101956.patch
|
||||
Patch104: kdelibs-3.5.10-gcc44.patch
|
||||
Patch105: kdelibs-3.5.10-ossl-1.x.patch
|
||||
Patch106: kdelibs-3.5.0-kio.patch
|
||||
Patch107: kdelibs-3.5.10-assert.patch
|
||||
Patch108: kdelibs-3.5.10-dtoa.patch
|
||||
Patch109: kdelibs-3.5.10-kabc.patch
|
||||
|
||||
|
||||
## security fixes
|
||||
# fix CVE-2009-2537 - select length DoS
|
||||
|
|
@ -242,6 +247,10 @@ format for easy browsing
|
|||
%patch101 -p1 -b .libtool-shlibext
|
||||
%patch104 -p1 -b .gcc44
|
||||
%patch105 -p1 -b .ossl-1.x
|
||||
%patch106 -p1 -b .kio
|
||||
%patch107 -p1 -b .assert
|
||||
%patch108 -p1 -b .alias
|
||||
%patch109 -p1 -b .kabc
|
||||
|
||||
# security fixes
|
||||
%patch200 -p1 -b .cve-2009-2537
|
||||
|
|
@ -577,6 +586,7 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
|
|||
%changelog
|
||||
* Mon Dec 07 2009 Than Ngo <than@redhat.com> - 3.5.10-21
|
||||
- fix security issues in libltdl bundle within kdelibs CVE-2009-3736
|
||||
- backport upstream patches
|
||||
|
||||
* Mon Nov 2 2009 Lukáš Tinkl <ltinkl@redhat.com> - 3.5.10-20
|
||||
- fix unrestricted XMLHttpRequest access to local URLs (oCERT-2009-015), #532428
|
||||
|
|
|
|||
Loading…
Reference in New Issue