← Back to branch summary

~ubuntu-branches/ubuntu/precise/kde-runtime/precise-updates

~ubuntu-branches/ubuntu/precise/kde-runtime/precise-updates

« back to all changes in this revision

Viewing changes to kioslave/smb/kio_smb_auth.cpp

Committer: Package Import Robot
Author(s): Jonathan Riddell
Date: 2014-11-20 15:46:42 UTC
mfrom: (18.1.5 precise-proposed)
Revision ID: package-import@ubuntu.com-20141120154642-hyesdbuvsk78ihtz

Tags: 4:4.8.5-0ubuntu0.3

https://launchpad.net/bugs/1393479

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
Webkit Part
- Add upstream_CVE-2014-8600.diff to escape protocol twice: once
for i18n, and once for HTML
- https://www.kde.org/info/security/advisory-20141113-1.txt
- CVE-2014-8600
- LP: #1393479

files added:
.pc/kubuntu_samba_password.diff

.pc/kubuntu_samba_password.diff/kioslave

.pc/kubuntu_samba_password.diff/kioslave/smb

.pc/kubuntu_samba_password.diff/kioslave/smb/kio_smb_auth.cpp

.pc/upstream_CVE-2014-8600.diff

.pc/upstream_CVE-2014-8600.diff/kioslave

.pc/upstream_CVE-2014-8600.diff/kioslave/bookmarks

.pc/upstream_CVE-2014-8600.diff/kioslave/bookmarks/kio_bookmarks.cpp

debian/patches/kubuntu_samba_password.diff

debian/patches/upstream_CVE-2014-8600.diff

doc/kcontrol/kcm_ssl

doc/kcontrol/kcm_ssl/CMakeLists.txt

doc/kcontrol/kcm_ssl/details.png

doc/kcontrol/kcm_ssl/index.cache.bz2

doc/kcontrol/kcm_ssl/index.docbook

doc/kcontrol/kcm_ssl/module.png

files modified:
.pc/applied-patches

.pc/kubuntu_nodisplay_knetattach.diff/knetattach/knetattach.desktop

.pc/kubuntu_oxygenify_knetattach_icon.diff/knetattach/knetattach.desktop

CMakeLists.txt

attica/kcm/kcm_attica.desktop

debian/changelog

debian/control

debian/kde-runtime-data.install

debian/libnepomukdatamanagement4.symbols

debian/patches/series

doc/documentationnotfound/index.cache.bz2

doc/glossary/index.cache.bz2

doc/glossary/index.docbook

doc/kcontrol/CMakeLists.txt

doc/kcontrol/attica/index.cache.bz2

doc/kcontrol/bookmarks/index.cache.bz2

doc/kcontrol/cache/index.cache.bz2

doc/kcontrol/componentchooser/index.cache.bz2

doc/kcontrol/cookies/index.cache.bz2

doc/kcontrol/ebrowsing/index.cache.bz2

doc/kcontrol/emoticons/index.cache.bz2

doc/kcontrol/filemanager/index.cache.bz2

doc/kcontrol/filetypes/index.cache.bz2

doc/kcontrol/history/index.cache.bz2

doc/kcontrol/icons/index.cache.bz2

doc/kcontrol/kcmcgi/index.cache.bz2

doc/kcontrol/kcmcss/index.cache.bz2

doc/kcontrol/kcmlaunch/index.cache.bz2

doc/kcontrol/kcmlaunch/index.docbook

doc/kcontrol/kcmnotify/index.cache.bz2

doc/kcontrol/kded/index.cache.bz2

doc/kcontrol/khtml-adblock/index.cache.bz2

doc/kcontrol/khtml-behavior/index.cache.bz2

doc/kcontrol/khtml-general/index.cache.bz2

doc/kcontrol/khtml-java-js/index.cache.bz2

doc/kcontrol/khtml-plugins/index.cache.bz2

doc/kcontrol/language/index.cache.bz2

doc/kcontrol/nepomuk/index.cache.bz2

doc/kcontrol/netpref/index.cache.bz2

doc/kcontrol/performance/index.cache.bz2

doc/kcontrol/phonon/index.cache.bz2

doc/kcontrol/proxy/index.cache.bz2

doc/kcontrol/smb/index.cache.bz2

doc/kcontrol/solid-device-automounter/index.cache.bz2

doc/kcontrol/solid-device-automounter/index.docbook

doc/kcontrol/spellchecking/index.cache.bz2

doc/kcontrol/trash/index.cache.bz2

doc/kcontrol/useragent/index.cache.bz2

doc/kdebugdialog/index.cache.bz2

doc/kdesu/index.cache.bz2

doc/khelpcenter/index.cache.bz2

doc/kioslave/bookmarks/index.cache.bz2

doc/kioslave/bzip2/index.cache.bz2

doc/kioslave/cgi/index.cache.bz2

doc/kioslave/finger/index.cache.bz2

doc/kioslave/fish/index.cache.bz2

doc/kioslave/floppy/index.cache.bz2

doc/kioslave/gzip/index.cache.bz2

doc/kioslave/info/index.cache.bz2

doc/kioslave/man/index.cache.bz2

doc/kioslave/nepomuksearch/index.cache.bz2

doc/kioslave/network/index.cache.bz2

doc/kioslave/nfs/index.cache.bz2

doc/kioslave/sftp/index.cache.bz2

doc/kioslave/smb/index.cache.bz2

doc/kioslave/tar/index.cache.bz2

doc/kioslave/thumbnail/index.cache.bz2

doc/kioslave/xz/index.cache.bz2

doc/knetattach/index.cache.bz2

doc/onlinehelp/index.cache.bz2

drkonqi/data/debuggers/external/kdbgrc

drkonqi/data/mappings

kcontrol/componentchooser/componentchooser.desktop

kcontrol/componentchooser/componentservices/kcm_filemanager.desktop

kcontrol/componentchooser/windowmanagers/metacity.desktop

kcontrol/dnssd/kcm_kdnssd.desktop

kcontrol/emoticons/emoticons.desktop

kcontrol/icons/icons.desktop

kcontrol/kded/kcmkded.desktop

kcontrol/knotify/kcmnotify.desktop

kcontrol/locale/kcmlocale.cpp

kcontrol/locale/language.desktop

kcontrol/spellchecking/spellchecking.desktop

keditfiletype/filetypes.desktop

kglobalaccel/kglobalaccel.desktop

kglobalaccel/kglobalaccel.notifyrc

khelpcenter/Help.desktop

khelpcenter/htmlsearch/htmlsearch.desktop

khelpcenter/kcmhelpcenter.desktop

khelpcenter/mainwindow.cpp

khelpcenter/plugins/info.desktop

khelpcenter/plugins/kicmodules.desktop

khelpcenter/plugins/plasma.desktop

kioslave/bookmarks/kio_bookmarks.cpp

kioslave/cgi/kcmcgi/kcmcgi.desktop

kioslave/desktop/Home.desktop

kioslave/network/ioslave/network.protocol

kioslave/remote/kdedmodule/remotedirnotify.desktop

kioslave/sftp/kio_sftp.cpp

kioslave/sftp/kio_sftp.h

kioslave/smb/kio_smb_auth.cpp

kioslave/thumbnail/imagethumbnail.desktop

kioslave/trash/kcmtrash.desktop

knetattach/knetattach.desktop

knotify/hardwarenotifications.notifyrc

knotify/kde.notifyrc

knotify/knotify4.desktop

kpasswdserver/kpasswdserver.cpp

kuiserver/CMakeLists.txt

kurifilter-plugins/ikws/kuriikwsfiltereng.cpp

kurifilter-plugins/ikws/searchproviders/call.desktop

kurifilter-plugins/ikws/searchproviders/cpan.desktop

l10n/ae/entry.desktop

l10n/bd/entry.desktop

l10n/bi/entry.desktop

l10n/cf/entry.desktop

l10n/kg/entry.desktop

l10n/ls/entry.desktop

l10n/sm/entry.desktop

l10n/ss/entry.desktop

l10n/sv/entry.desktop

l10n/tl/entry.desktop

l10n/tt/entry.desktop

localization/currency/ssp.desktop

menu/desktop/kde-unknown.directory

nepomuk/controller/nepomukcontroller.desktop

nepomuk/interfaces/org.kde.nepomuk.OntologyManager.xml

nepomuk/interfaces/org.kde.nepomuk.ResourceWatcherConnection.xml

nepomuk/kcm/kcm_nepomuk.desktop

nepomuk/kcm/statuswidget.cpp

nepomuk/kcm/statuswidget.h

nepomuk/services/backupsync/service/nepomukbackupsync.desktop

nepomuk/services/fileindexer/nepomukfileindexer.desktop

nepomuk/services/fileindexer/nepomukfileindexer.notifyrc

nepomuk/services/storage/datamanagementmodel.cpp

nepomuk/services/storage/datamanagementmodel.h

nepomuk/services/storage/lib/resourcewatcher.cpp

nepomuk/services/storage/lib/resourcewatcher.h

nepomuk/services/storage/nepomukcore.cpp

nepomuk/services/storage/ontologyloader.cpp

nepomuk/services/storage/ontologyloader.h

nepomuk/services/storage/resourcemerger.cpp

nepomuk/services/storage/resourcemerger.h

nepomuk/services/storage/resourcewatcherconnection.cpp

nepomuk/services/storage/resourcewatcherconnection.h

nepomuk/services/storage/resourcewatchermanager.cpp

nepomuk/services/storage/resourcewatchermanager.h

phonon/kcm/kcm_phonon.desktop

phonon/kcm/xine/kcm_phononxine.desktop

phonon/platform_kde/phonon.notifyrc

plasma/declarativeimports/plasmacomponents/qml/Button.qml

plasma/declarativeimports/plasmacomponents/qml/ToolBar.qml

plasma/declarativeimports/plasmacomponents/qml/ToolButton.qml

plasma/remotewidgetshelper/kcm_remotewidgets.actions

plasma/scriptengines/javascript/data/plasma-javascriptaddon.desktop

plasma/scriptengines/javascript/data/plasma-packagestructure-javascript-addon.desktop

platforms/win/config/platform.desktop

platforms/win/kwinstartmenu/winstartmenu.desktop

solid-device-automounter/kcm/device_automounter_kcm.desktop

solid-networkstatus/kded/networkstatus.desktop

Show diffs side-by-side

added added

removed removed

kioslave/smb/kio_smb_auth.cpp

154

154

if ( openPasswordDialog(info) ) {

155

155

kDebug(KIO_SMB) << "openPasswordDialog returned " << info.username;

156

156

url.setUser(info.username);

157

158

if (info.keepPassword) {

159

kDebug(KIO_SMB) << "Caching info.username = " << info.username

160

<< ", info.url = " << info.url.prettyUrl();

161

cacheAuthentication(info);

162

}

163

157

164

return true;

158

165

}

159

166

kDebug(KIO_SMB) << "no value from openPasswordDialog\n";

Older »