[20136] trunk/dports/kde/kdelibs3

source_changes at macosforge.org source_changes at macosforge.org
Mon Oct 23 15:36:43 PDT 2006 

Revision: 20136
          http://trac.macosforge.org/projects/macports/changeset/20136
Author:   takanori at macports.org
Date:     2006-10-23 15:36:42 -0700 (Mon, 23 Oct 2006)

Log Message:
-----------
Fixed a potential security issue in khtml. (CVE-2006-4811)

Modified Paths:
--------------
    trunk/dports/kde/kdelibs3/Portfile

Added Paths:
-----------
    trunk/dports/kde/kdelibs3/files/patch-CVE-2006-4811

Modified: trunk/dports/kde/kdelibs3/Portfile
===================================================================
--- trunk/dports/kde/kdelibs3/Portfile	2006-10-23 07:38:04 UTC (rev 20135)
+++ trunk/dports/kde/kdelibs3/Portfile	2006-10-23 22:36:42 UTC (rev 20136)
@@ -5,7 +5,7 @@
 PortSystem 1.0
 name		kdelibs3
 version		3.5.1
-revision	3
+revision	4
 set kdeadmin	kde-admindir-3.5.1
 categories	kde
 maintainers	ben at macports.org takanori at macports.org
@@ -59,7 +59,7 @@
 extract.only ${distname}.tar.bz2
 post-extract { system "cd ${worksrcpath} && bzcat -dc ${distpath}/${kdeadmin}.tar.bz2 | tar xf -" }
 
-patchfiles	kdelibs3-unified.patch patch-ipprequest.cpp
+patchfiles	kdelibs3-unified.patch patch-ipprequest.cpp patch-CVE-2006-4811
 patch		{
 		cd ${worksrcpath}
 		foreach file $patchfiles {

Added: trunk/dports/kde/kdelibs3/files/patch-CVE-2006-4811
===================================================================
--- trunk/dports/kde/kdelibs3/files/patch-CVE-2006-4811	                        (rev 0)
+++ trunk/dports/kde/kdelibs3/files/patch-CVE-2006-4811	2006-10-23 22:36:42 UTC (rev 20136)
@@ -0,0 +1,12 @@
+--- kdelibs-3.5.1/khtml/rendering/render_image.cpp.orig	2006-01-20 02:06:53.000000000 +0900
++++ kdelibs-3.5.1/khtml/rendering/render_image.cpp	2006-10-24 07:14:43.000000000 +0900
+@@ -294,7 +294,8 @@
+         if ( (cWidth != intrinsicWidth() ||  cHeight != intrinsicHeight()) &&
+              pix.width() > 0 && pix.height() > 0 && i->valid_rect().isValid())
+         {
+-            if (resizeCache.isNull() && cWidth && cHeight && intrinsicWidth() && intrinsicHeight())
++            if (resizeCache.isNull() && cWidth > 0 && cHeight > 0 && intrinsicWidth() && intrinsicHeight()
++                    && cWidth < 4096 && cHeight < 4096)
+             {
+                 QRect scaledrect(i->valid_rect());
+ //                 kdDebug(6040) << "time elapsed: " << dt->elapsed() << endl;

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20061023/a3dd2310/attachment.html

More information about the macports-changes mailing list