diff options
| author | Michael Nottebrock <lofi@FreeBSD.org> | 2007-09-19 16:44:37 +0000 |
|---|---|---|
| committer | Michael Nottebrock <lofi@FreeBSD.org> | 2007-09-19 16:44:37 +0000 |
| commit | 8e352eea26ed57b8aad0c1dc5d0e753d8a2aa115 (patch) | |
| tree | 62b313d6f93ca7597c6eb83d2472e612ba0cbea8 /x11/kde4-workspace/files | |
| parent | 78c02ac4fa95875310585892282e1eb032925d66 (diff) | |
| download | ports-8e352eea26ed57b8aad0c1dc5d0e753d8a2aa115.tar.gz ports-8e352eea26ed57b8aad0c1dc5d0e753d8a2aa115.zip | |
Add patch for KDM passwordless login vulnerability and update patches
for Konqueror address bar spoofing vulnerability.
Security: CVE-2007-3820 CVE-2007-4224 CVE-2007-4225 CVE-2007-4569
Notes
Notes:
svn path=/head/; revision=199767
Diffstat (limited to 'x11/kde4-workspace/files')
| -rw-r--r-- | x11/kde4-workspace/files/patch-post-3.5.7-kdebase-kdm.diff | 63 | ||||
| -rw-r--r-- | x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror-2.diff (renamed from x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror.diff) | 0 |
2 files changed, 63 insertions, 0 deletions
diff --git a/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-kdm.diff b/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-kdm.diff new file mode 100644 index 000000000000..40b6abb8ec0e --- /dev/null +++ b/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-kdm.diff @@ -0,0 +1,63 @@ +--- kdm/backend/session.c ++++ kdm/bakcend/session.c +@@ -121,8 +121,9 @@ + static void + DoAutoLogon( void ) + { +- StrDup( &curuser, td->autoUser ); +- StrDup( &curpass, td->autoPass ); ++ ReStr( &curuser, td->autoUser ); ++ ReStr( &curpass, td->autoPass ); ++ ReStr( &curtype, "classic" ); + cursource = PWSRC_AUTOLOGIN; + } + +@@ -141,7 +142,9 @@ + td->hstent->npass = 0; + newdmrc = td->hstent->nargs; + td->hstent->nargs = 0; ++ ReStr( &curtype, "classic" ); + cursource = (td->hstent->rLogin == 1) ? PWSRC_RELOGIN : PWSRC_MANUAL; ++ return 1; + } else if (*td->autoUser && !td->autoDelay && (tdiff > 0 || td->autoAgain)) + { + unsigned int lmask; +@@ -153,11 +156,9 @@ + if (lmask & ShiftMask) + return 0; + DoAutoLogon(); +- } else { +- cursource = PWSRC_MANUAL; +- return 0; ++ return 1; + } +- return 1; ++ return 0; + } + + +@@ -369,6 +370,7 @@ + if (curtype) free( curtype ); + curtype = GRecvStr(); + Debug( " type %\"s\n", curtype ); ++ cursource = PWSRC_MANUAL; + if (Verify( conv_interact, rootok )) { + Debug( " -> return success\n" ); + GSendInt( V_OK ); +@@ -378,7 +380,6 @@ + case G_AutoLogin: + Debug( "G_AutoLogin\n" ); + DoAutoLogon(); +- StrDup( &curtype, "classic" ); + if (Verify( conv_auto, FALSE )) { + Debug( " -> return success\n" ); + GSendInt( V_OK ); +@@ -565,7 +566,7 @@ + tdiff = td->autoAgain ? + 1 : time( 0 ) - td->hstent->lastExit - td->openDelay; + if (AutoLogon( tdiff )) { +- if (!StrDup( &curtype, "classic" ) || !Verify( conv_auto, FALSE )) ++ if (!Verify( conv_auto, FALSE )) + goto gcont; + if (greeter) + GSendInt( V_OK ); diff --git a/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror.diff b/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror-2.diff index 0d6e44ef4f82..0d6e44ef4f82 100644 --- a/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror.diff +++ b/x11/kde4-workspace/files/patch-post-3.5.7-kdebase-konqueror-2.diff |