rpms/kdebase/devel post-3.5.7-kdebase-kdm.diff, NONE, 1.1 post-3.5.7-kdebase-konqueror-2.diff, NONE, 1.1 kdebase.spec, 1.266, 1.267 post-3.5.7-kdebase-konqueror.diff, 1.1, NONE
Than Ngo (than)
fedora-extras-commits at redhat.com
Tue Oct 2 14:06:19 UTC 2007
Author: than
Update of /cvs/extras/rpms/kdebase/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26717
Modified Files:
kdebase.spec
Added Files:
post-3.5.7-kdebase-kdm.diff
post-3.5.7-kdebase-konqueror-2.diff
Removed Files:
post-3.5.7-kdebase-konqueror.diff
Log Message:
- rh#299731, CVE-2007-4569
post-3.5.7-kdebase-kdm.diff:
--- NEW FILE post-3.5.7-kdebase-kdm.diff ---
--- kdm/backend/session.c
+++ kdm/bakcend/session.c
@@ -121,8 +121,9 @@
static void
DoAutoLogon( void )
{
- StrDup( &curuser, td->autoUser );
- StrDup( &curpass, td->autoPass );
+ ReStr( &curuser, td->autoUser );
+ ReStr( &curpass, td->autoPass );
+ ReStr( &curtype, "classic" );
cursource = PWSRC_AUTOLOGIN;
}
@@ -141,7 +142,9 @@
td->hstent->npass = 0;
newdmrc = td->hstent->nargs;
td->hstent->nargs = 0;
+ ReStr( &curtype, "classic" );
cursource = (td->hstent->rLogin == 1) ? PWSRC_RELOGIN : PWSRC_MANUAL;
+ return 1;
} else if (*td->autoUser && !td->autoDelay && (tdiff > 0 || td->autoAgain))
{
unsigned int lmask;
@@ -153,11 +156,9 @@
if (lmask & ShiftMask)
return 0;
DoAutoLogon();
- } else {
- cursource = PWSRC_MANUAL;
- return 0;
+ return 1;
}
- return 1;
+ return 0;
}
@@ -369,6 +370,7 @@
if (curtype) free( curtype );
curtype = GRecvStr();
Debug( " type %\"s\n", curtype );
+ cursource = PWSRC_MANUAL;
if (Verify( conv_interact, rootok )) {
Debug( " -> return success\n" );
GSendInt( V_OK );
@@ -378,7 +380,6 @@
case G_AutoLogin:
Debug( "G_AutoLogin\n" );
DoAutoLogon();
- StrDup( &curtype, "classic" );
if (Verify( conv_auto, FALSE )) {
Debug( " -> return success\n" );
GSendInt( V_OK );
@@ -565,7 +566,7 @@
tdiff = td->autoAgain ?
1 : time( 0 ) - td->hstent->lastExit - td->openDelay;
if (AutoLogon( tdiff )) {
- if (!StrDup( &curtype, "classic" ) || !Verify( conv_auto, FALSE ))
+ if (!Verify( conv_auto, FALSE ))
goto gcont;
if (greeter)
GSendInt( V_OK );
post-3.5.7-kdebase-konqueror-2.diff:
--- NEW FILE post-3.5.7-kdebase-konqueror-2.diff ---
--- konqueror/konq_combo.cc
+++ konqueror/konq_combo.cc
@@ -158,6 +158,9 @@ void KonqCombo::setURL( const QString& u
kapp->dcopClient()->send( "konqueror*", "KonquerorIface",
"addToCombo(QString,QCString)", data);
}
+ // important security consideration: always display the beginning
+ // of the url rather than its end to prevent spoofing attempts.
+ lineEdit()->setCursorPosition( 0 );
}
void KonqCombo::setTemporary( const QString& text )
--- konqueror/konq_mainwindow.cc
+++ konqueror/konq_mainwindow.cc
@@ -611,12 +611,11 @@ void KonqMainWindow::openURL( KonqView *
}
else // no known serviceType, use KonqRun
{
- if ( ( view && view == m_currentView ) ||
- ( !view && !req.newTab ) ) // startup with argument
+ if ( ( !view || view->url().isEmpty() ) && !req.newTab ) // startup with argument
{
// Show it for now in the location bar, but we'll need to store it in the view
// later on (can't do it yet since either view == 0 or updateHistoryEntry will be called).
- kdDebug(1202) << "setLocationBarURL : url = " << url << endl;
+ kdDebug(1202) << "setLocationBarURL (startup) : url = " << url << endl;
setLocationBarURL( url );
}
@@ -819,8 +818,6 @@ bool KonqMainWindow::openView( QString s
if ( childView )
{
enableAllActions( true );
-
- m_pViewManager->setActivePart( childView->part() );
m_currentView = childView;
}
}
--- konqueror/konq_viewmgr.cc
+++ konqueror/konq_viewmgr.cc
@@ -1395,6 +1395,8 @@ void KonqViewManager::slotActivePartChan
void KonqViewManager::emitActivePartChanged()
{
+ // prevent unnecessary multiple calls to slotPartActivated:
+ m_activePartChangedTimer->stop();
m_pMainWindow->slotPartActivated( activePart() );
}
Index: kdebase.spec
===================================================================
RCS file: /cvs/extras/rpms/kdebase/devel/kdebase.spec,v
retrieving revision 1.266
retrieving revision 1.267
diff -u -r1.266 -r1.267
--- kdebase.spec 27 Sep 2007 11:52:42 -0000 1.266
+++ kdebase.spec 2 Oct 2007 14:05:45 -0000 1.267
@@ -18,7 +18,7 @@
Name: kdebase
Epoch: 6
Version: 3.5.7
-Release: 15%{?dist}
+Release: 16%{?dist}
# programs: GPLv2, libs: LGPLv2
# a lot(most/all?) of files are +, but we'll be conservative, for now. -- Rex
@@ -76,9 +76,11 @@
# alternative to patch29, requires qt-copy 0078-argb-visual-hack.patch
Patch200: kdebase-3.5.7-kde#83974.patch
-# security patches
-# http://www.kde.org/info/security/advisory-20070815-1.txt
-Patch502: ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdebase-konqueror.diff
+# security fixes
+# CVE-2007-4224, CVE-2007-4225, CVE-2007-3820, Konqueror address bar spoofing
+Patch500: post-3.5.7-kdebase-konqueror-2.diff
+# CVE-2007-4569, kdm password-less login vulnerability
+Patch501: post-3.5.7-kdebase-kdm.diff
Provides: kdebase3 = %{version}-%{release}
@@ -237,7 +239,9 @@
## alternative to patch29, requires qt-copy 0078-argb-visual-hack.patch
#patch200 -p4 -b .kde#83974
-%patch502 -p0 -b .advisory-20070815-1
+# security fixes
+%patch500 -p0 -b .CVE-2007-4224-CVE-2007-4225-CVE-2007-3820
+%patch501 -p0 -b .CVE-2007-4569
%if %redhatify
cp %{SOURCE1} konsole
@@ -646,6 +650,9 @@
%changelog
+* Tue Oct 02 2007 Than Ngo <than at redhat.com> - 6:3.5.7-16
+- rh#299731, CVE-2007-4569
+
* Thu Sep 27 2007 Than Ngo <than at redhat.com> - 6:3.5.7-15
- rh#301841, "Root Shell" sessions will not close
--- post-3.5.7-kdebase-konqueror.diff DELETED ---
More information about the fedora-extras-commits
mailing list