← Back to branch summary

~ubuntu-branches/ubuntu/precise/kde-runtime/precise-updates

~ubuntu-branches/ubuntu/precise/kde-runtime/precise-updates

« back to all changes in this revision

Viewing changes to kpasswdserver/kpasswdserver.cpp

Committer: Package Import Robot
Author(s): Jonathan Riddell
Date: 2014-11-20 15:46:42 UTC
mfrom: (18.1.5 precise-proposed)
Revision ID: package-import@ubuntu.com-20141120154642-hyesdbuvsk78ihtz

Tags: 4:4.8.5-0ubuntu0.3

https://launchpad.net/bugs/1393479

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
Webkit Part
- Add upstream_CVE-2014-8600.diff to escape protocol twice: once
for i18n, and once for HTML
- https://www.kde.org/info/security/advisory-20141113-1.txt
- CVE-2014-8600
- LP: #1393479

files added:
.pc/kubuntu_samba_password.diff

.pc/kubuntu_samba_password.diff/kioslave

.pc/kubuntu_samba_password.diff/kioslave/smb

.pc/kubuntu_samba_password.diff/kioslave/smb/kio_smb_auth.cpp

.pc/upstream_CVE-2014-8600.diff

.pc/upstream_CVE-2014-8600.diff/kioslave

.pc/upstream_CVE-2014-8600.diff/kioslave/bookmarks

.pc/upstream_CVE-2014-8600.diff/kioslave/bookmarks/kio_bookmarks.cpp

debian/patches/kubuntu_samba_password.diff

debian/patches/upstream_CVE-2014-8600.diff

doc/kcontrol/kcm_ssl

doc/kcontrol/kcm_ssl/CMakeLists.txt

doc/kcontrol/kcm_ssl/details.png

doc/kcontrol/kcm_ssl/index.cache.bz2

doc/kcontrol/kcm_ssl/index.docbook

doc/kcontrol/kcm_ssl/module.png

files modified:
.pc/applied-patches

.pc/kubuntu_nodisplay_knetattach.diff/knetattach/knetattach.desktop

.pc/kubuntu_oxygenify_knetattach_icon.diff/knetattach/knetattach.desktop

CMakeLists.txt

attica/kcm/kcm_attica.desktop

debian/changelog

debian/control

debian/kde-runtime-data.install

debian/libnepomukdatamanagement4.symbols

debian/patches/series

doc/documentationnotfound/index.cache.bz2

doc/glossary/index.cache.bz2

doc/glossary/index.docbook

doc/kcontrol/CMakeLists.txt

doc/kcontrol/attica/index.cache.bz2

doc/kcontrol/bookmarks/index.cache.bz2

doc/kcontrol/cache/index.cache.bz2

doc/kcontrol/componentchooser/index.cache.bz2

doc/kcontrol/cookies/index.cache.bz2

doc/kcontrol/ebrowsing/index.cache.bz2

doc/kcontrol/emoticons/index.cache.bz2

doc/kcontrol/filemanager/index.cache.bz2

doc/kcontrol/filetypes/index.cache.bz2

doc/kcontrol/history/index.cache.bz2

doc/kcontrol/icons/index.cache.bz2

doc/kcontrol/kcmcgi/index.cache.bz2

doc/kcontrol/kcmcss/index.cache.bz2

doc/kcontrol/kcmlaunch/index.cache.bz2

doc/kcontrol/kcmlaunch/index.docbook

doc/kcontrol/kcmnotify/index.cache.bz2

doc/kcontrol/kded/index.cache.bz2

doc/kcontrol/khtml-adblock/index.cache.bz2

doc/kcontrol/khtml-behavior/index.cache.bz2

doc/kcontrol/khtml-general/index.cache.bz2

doc/kcontrol/khtml-java-js/index.cache.bz2

doc/kcontrol/khtml-plugins/index.cache.bz2

doc/kcontrol/language/index.cache.bz2

doc/kcontrol/nepomuk/index.cache.bz2

doc/kcontrol/netpref/index.cache.bz2

doc/kcontrol/performance/index.cache.bz2

doc/kcontrol/phonon/index.cache.bz2

doc/kcontrol/proxy/index.cache.bz2

doc/kcontrol/smb/index.cache.bz2

doc/kcontrol/solid-device-automounter/index.cache.bz2

doc/kcontrol/solid-device-automounter/index.docbook

doc/kcontrol/spellchecking/index.cache.bz2

doc/kcontrol/trash/index.cache.bz2

doc/kcontrol/useragent/index.cache.bz2

doc/kdebugdialog/index.cache.bz2

doc/kdesu/index.cache.bz2

doc/khelpcenter/index.cache.bz2

doc/kioslave/bookmarks/index.cache.bz2

doc/kioslave/bzip2/index.cache.bz2

doc/kioslave/cgi/index.cache.bz2

doc/kioslave/finger/index.cache.bz2

doc/kioslave/fish/index.cache.bz2

doc/kioslave/floppy/index.cache.bz2

doc/kioslave/gzip/index.cache.bz2

doc/kioslave/info/index.cache.bz2

doc/kioslave/man/index.cache.bz2

doc/kioslave/nepomuksearch/index.cache.bz2

doc/kioslave/network/index.cache.bz2

doc/kioslave/nfs/index.cache.bz2

doc/kioslave/sftp/index.cache.bz2

doc/kioslave/smb/index.cache.bz2

doc/kioslave/tar/index.cache.bz2

doc/kioslave/thumbnail/index.cache.bz2

doc/kioslave/xz/index.cache.bz2

doc/knetattach/index.cache.bz2

doc/onlinehelp/index.cache.bz2

drkonqi/data/debuggers/external/kdbgrc

drkonqi/data/mappings

kcontrol/componentchooser/componentchooser.desktop

kcontrol/componentchooser/componentservices/kcm_filemanager.desktop

kcontrol/componentchooser/windowmanagers/metacity.desktop

kcontrol/dnssd/kcm_kdnssd.desktop

kcontrol/emoticons/emoticons.desktop

kcontrol/icons/icons.desktop

kcontrol/kded/kcmkded.desktop

kcontrol/knotify/kcmnotify.desktop

kcontrol/locale/kcmlocale.cpp

kcontrol/locale/language.desktop

kcontrol/spellchecking/spellchecking.desktop

keditfiletype/filetypes.desktop

kglobalaccel/kglobalaccel.desktop

kglobalaccel/kglobalaccel.notifyrc

khelpcenter/Help.desktop

khelpcenter/htmlsearch/htmlsearch.desktop

khelpcenter/kcmhelpcenter.desktop

khelpcenter/mainwindow.cpp

khelpcenter/plugins/info.desktop

khelpcenter/plugins/kicmodules.desktop

khelpcenter/plugins/plasma.desktop

kioslave/bookmarks/kio_bookmarks.cpp

kioslave/cgi/kcmcgi/kcmcgi.desktop

kioslave/desktop/Home.desktop

kioslave/network/ioslave/network.protocol

kioslave/remote/kdedmodule/remotedirnotify.desktop

kioslave/sftp/kio_sftp.cpp

kioslave/sftp/kio_sftp.h

kioslave/smb/kio_smb_auth.cpp

kioslave/thumbnail/imagethumbnail.desktop

kioslave/trash/kcmtrash.desktop

knetattach/knetattach.desktop

knotify/hardwarenotifications.notifyrc

knotify/kde.notifyrc

knotify/knotify4.desktop

kpasswdserver/kpasswdserver.cpp

kuiserver/CMakeLists.txt

kurifilter-plugins/ikws/kuriikwsfiltereng.cpp

kurifilter-plugins/ikws/searchproviders/call.desktop

kurifilter-plugins/ikws/searchproviders/cpan.desktop

l10n/ae/entry.desktop

l10n/bd/entry.desktop

l10n/bi/entry.desktop

l10n/cf/entry.desktop

l10n/kg/entry.desktop

l10n/ls/entry.desktop

l10n/sm/entry.desktop

l10n/ss/entry.desktop

l10n/sv/entry.desktop

l10n/tl/entry.desktop

l10n/tt/entry.desktop

localization/currency/ssp.desktop

menu/desktop/kde-unknown.directory

nepomuk/controller/nepomukcontroller.desktop

nepomuk/interfaces/org.kde.nepomuk.OntologyManager.xml

nepomuk/interfaces/org.kde.nepomuk.ResourceWatcherConnection.xml

nepomuk/kcm/kcm_nepomuk.desktop

nepomuk/kcm/statuswidget.cpp

nepomuk/kcm/statuswidget.h

nepomuk/services/backupsync/service/nepomukbackupsync.desktop

nepomuk/services/fileindexer/nepomukfileindexer.desktop

nepomuk/services/fileindexer/nepomukfileindexer.notifyrc

nepomuk/services/storage/datamanagementmodel.cpp

nepomuk/services/storage/datamanagementmodel.h

nepomuk/services/storage/lib/resourcewatcher.cpp

nepomuk/services/storage/lib/resourcewatcher.h

nepomuk/services/storage/nepomukcore.cpp

nepomuk/services/storage/ontologyloader.cpp

nepomuk/services/storage/ontologyloader.h

nepomuk/services/storage/resourcemerger.cpp

nepomuk/services/storage/resourcemerger.h

nepomuk/services/storage/resourcewatcherconnection.cpp

nepomuk/services/storage/resourcewatcherconnection.h

nepomuk/services/storage/resourcewatchermanager.cpp

nepomuk/services/storage/resourcewatchermanager.h

phonon/kcm/kcm_phonon.desktop

phonon/kcm/xine/kcm_phononxine.desktop

phonon/platform_kde/phonon.notifyrc

plasma/declarativeimports/plasmacomponents/qml/Button.qml

plasma/declarativeimports/plasmacomponents/qml/ToolBar.qml

plasma/declarativeimports/plasmacomponents/qml/ToolButton.qml

plasma/remotewidgetshelper/kcm_remotewidgets.actions

plasma/scriptengines/javascript/data/plasma-javascriptaddon.desktop

plasma/scriptengines/javascript/data/plasma-packagestructure-javascript-addon.desktop

platforms/win/config/platform.desktop

platforms/win/kwinstartmenu/winstartmenu.desktop

solid-device-automounter/kcm/device_automounter_kcm.desktop

solid-networkstatus/kded/networkstatus.desktop

Show diffs side-by-side

added added

removed removed

kpasswdserver/kpasswdserver.cpp

46

46

)

47

47

K_EXPORT_PLUGIN(KPasswdServerFactory("kpasswdserver"))

48

48

49

#define AUTHINFO_EXTRAFIELD_DOMAIN "domain"

50

#define AUTHINFO_EXTRAFIELD_ANONYMOUS "anonymous"

51

#define AUTHINFO_EXTRAFIELD_BYPASS_CACHE_AND_KWALLET "bypass-cache-and-kwallet"

49

#define AUTHINFO_EXTRAFIELD_DOMAIN QLatin1String("domain")

50

#define AUTHINFO_EXTRAFIELD_ANONYMOUS QLatin1String("anonymous")

51

#define AUTHINFO_EXTRAFIELD_BYPASS_CACHE_AND_KWALLET QLatin1String("bypass-cache-and-kwallet")

52

52

#define AUTHINFO_EXTRAFIELD_SKIP_CACHING_ON_QUERY QLatin1String("skip-caching-on-query")

53

#define AUTHINFO_EXTRAFIELD_HIDE_USERNAME_INPUT QLatin1String("hide-username-line")

53

54

54

55

static int debugArea() { static int s_area = KDebug::registerArea("KPasswdServer"); return s_area; }

55

56

577

578

dialogFlags |= KPasswordDialog::ShowAnonymousLoginCheckBox;

578

579

}

579

580

580

dialogFlags |= KPasswordDialog::ShowUsernameLine;

581

if (!info.getExtraField(AUTHINFO_EXTRAFIELD_HIDE_USERNAME_INPUT).toBool())

582

{

583

dialogFlags |= KPasswordDialog::ShowUsernameLine;

584

}

581

585

582

586

// If wallet is not enabled and the caller explicitly request for it,

583

587

// do not show the keep password checkbox.

Older »