From 6d27ea8a8874cc96cb1e23d29dd2d77a06626b5a Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Aug 17 2007 13:02:03 +0000 Subject: sync w/devel branch, most importantly picking up changes: - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - ConsoleKit-related patch (#244065) - set KDE_IS_PRELINKED unconditionally (#244065) --- diff --git a/.cvsignore b/.cvsignore index 8d578fe..8a90088 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,16 +1,3 @@ -kdelibs-3.3.0.tar.bz2 -kdelibs-3.3.1.tar.bz2 -kdelibs-3.3.2.tar.bz2 -kdelibs-3.4.0-rc1.tar.bz2 -kdelibs-3.4.0.tar.bz2 -kdelibs-3.4.1.tar.bz2 -kdelibs-3.4.2.tar.bz2 -kdelibs-3.4.91.tar.bz2 -kdelibs-3.4.92.tar.bz2 -kdelibs-3.5.0.tar.bz2 -kdelibs-3.5.1.tar.bz2 -kdelibs-3.5.2.tar.bz2 -kdelibs-3.5.3.tar.bz2 -kdelibs-3.5.4.tar.bz2 +clog kdelibs-3.5.6.tar.bz2 kdelibs-3.5.7.tar.bz2 diff --git a/kdelibs-3.5.7-cups13.patch b/kdelibs-3.5.7-cups13.patch new file mode 100644 index 0000000..124d799 --- /dev/null +++ b/kdelibs-3.5.7-cups13.patch @@ -0,0 +1,82 @@ +--- kdelibs-3.5.7/kdeprint/cups/cupsdconf2/cups-util.c.cups13 2006-10-01 12:33:43.000000000 -0500 ++++ kdelibs-3.5.7/kdeprint/cups/cupsdconf2/cups-util.c 2007-07-19 15:12:48.000000000 -0500 +@@ -108,7 +108,8 @@ cupsGetConf(void) + * See if we should retry the current digest password... + */ + +- if (strncmp(cups_server->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0 || ++ if (strncmp(httpGetField (cups_server, HTTP_FIELD_WWW_AUTHENTICATE), ++ "Basic", 5) == 0 || + digest_tries > 1 || !pwdstring[0]) + { + /* +@@ -116,7 +117,7 @@ cupsGetConf(void) + */ + + snprintf(prompt, sizeof(prompt), "Password for %s on %s? ", cupsUser(), +- cups_server->hostname); ++ cupsServer()); + + if ((password = cupsGetPassword(prompt)) == NULL) + break; +@@ -135,7 +136,8 @@ cupsGetConf(void) + * Got a password; encode it for the server... + */ + +- if (strncmp(cups_server->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0) ++ if (strncmp(httpGetField (cups_server, HTTP_FIELD_WWW_AUTHENTICATE), ++ "Basic", 5) == 0) + { + /* + * Basic authentication... +@@ -334,7 +336,8 @@ cupsPutConf(const char *name) /* I - Na + * See if we should retry the current digest password... + */ + +- if (strncmp(cups_server->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0 || ++ if (strncmp(httpGetField (cups_server, HTTP_FIELD_WWW_AUTHENTICATE), ++ "Basic", 5) == 0 || + digest_tries > 1 || !pwdstring[0]) + { + /* +@@ -342,7 +345,7 @@ cupsPutConf(const char *name) /* I - Na + */ + + snprintf(prompt, sizeof(prompt), "Password for %s on %s? ", cupsUser(), +- cups_server->hostname); ++ cupsServer()); + + if ((password = cupsGetPassword(prompt)) == NULL) + break; +@@ -361,7 +364,8 @@ cupsPutConf(const char *name) /* I - Na + * Got a password; encode it for the server... + */ + +- if (strncmp(cups_server->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0) ++ if (strncmp(httpGetField (cups_server, HTTP_FIELD_WWW_AUTHENTICATE), ++ "Basic", 5) == 0) + { + /* + * Basic authentication... +--- kdelibs-3.5.7/kdeprint/cups/ipprequest.cpp.cups13 2007-01-15 05:34:19.000000000 -0600 ++++ kdelibs-3.5.7/kdeprint/cups/ipprequest.cpp 2007-07-19 15:15:09.000000000 -0500 +@@ -309,7 +309,8 @@ bool IppRequest::doFileRequest(const QSt + return false; + } + +-#ifdef HAVE_CUPS_NO_PWD_CACHE ++#if defined(HAVE_CUPS_NO_PWD_CACHE) && \ ++ CUPS_VERSION_MAJOR == 1 && CUPS_VERSION_MINOR < 3 + strncpy( HTTP->authstring, cups_authstring.data(), HTTP_MAX_VALUE ); + #endif + +@@ -319,7 +320,8 @@ bool IppRequest::doFileRequest(const QSt + } + + request_ = cupsDoFileRequest(HTTP, request_, (res.isEmpty() ? "/" : res.latin1()), (filename.isEmpty() ? NULL : filename.latin1())); +-#ifdef HAVE_CUPS_NO_PWD_CACHE ++#if defined(HAVE_CUPS_NO_PWD_CACHE) && \ ++ CUPS_VERSION_MAJOR == 1 && CUPS_VERSION_MINOR < 3 + cups_authstring = HTTP->authstring; + #endif + httpClose(HTTP); diff --git a/kdelibs-3.5.7-rh#244065.patch b/kdelibs-3.5.7-rh#244065.patch new file mode 100644 index 0000000..9be58bf --- /dev/null +++ b/kdelibs-3.5.7-rh#244065.patch @@ -0,0 +1,26 @@ +--- branches/KDE/3.5/kdelibs/kinit/setproctitle.cpp 2005/07/26 18:54:59 438982 ++++ branches/KDE/3.5/kdelibs/kinit/setproctitle.cpp 2007/08/10 18:22:59 698691 +@@ -173,6 +173,15 @@ + else + continue; + } ++ ++ /* ++ * On linux, we don't want to reuse the memory allocated for ++ * the environment, as there are tools that try to read our environment ++ * variables while we're running (ConsoleKit does that). ++ * There is no way to move or resize it, so just not touchint it ++ * seems to be the only option ++ */ ++#ifndef __linux__ + for (i=0; envp[i] != NULL; i++) + { + if (LastArgv + 1 == envp[i]) +@@ -180,6 +189,7 @@ + else + continue; + } ++#endif + } + + #if SPT_TYPE != SPT_BUILTIN diff --git a/kdelibs.spec b/kdelibs.spec index 1c29b88..ffd1683 100644 --- a/kdelibs.spec +++ b/kdelibs.spec @@ -1,36 +1,48 @@ +# kdelibs3 review: http://bugzilla.redhat.com/248899 %define distname "Fedora" -#define debug 1 -%define final 1 %define kde_settings 1 -%define apidocs 1 -%define qt_epoch 1 +%define arts 1 %define arts_epoch 8 -%define cups_epoch 1 - -%define qt_version 3.3.8 %define arts_version 1.5.7 -%define kde_major_version 3 +%define qt_epoch 1 +%define qt_version 3.3.8 %global qt_ver %(pkg-config --modversion qt-mt 2>/dev/null || echo %{qt_version}) %define qtdocdir %{_docdir}/qt-devel-%{qt_ver} +%define kde_major_version 3 + %define make_cvs 1 -%define arts 1 -Name: kdelibs +%define apidocs 1 + Summary: K Desktop Environment - Libraries -Epoch: 6 Version: 3.5.7 -Release: 9%{?dist} +Release: 20%{?dist} -License: LGPL +%if 0%{?fedora} > 8 +Name: kdelibs3 +Obsoletes: kdelibs < 6:%{version}-%{release} +Provides: kdelibs = 6:%{version}-%{release} +%else +Name: kdelibs +Epoch: 6 +Obsoletes: kdelibs3 = %{version}-%{release} +Provides: kdelibs3 = %{version}-%{release} +%endif + +# LGPLv2: everything, except (see below) +# BSD: dcop/ kdoctools/ +# GFDL: kdoctools/customization ?? +License: LGPLv2 and BSD Url: http://www.kde.org/ Group: System Environment/Libraries BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Source0: ftp://ftp.kde.org/pub/kde/stable/%{version}/src/%{name}-%{version}.tar.bz2 + +Source0: ftp://ftp.kde.org/pub/kde/stable/%{version}/src/kdelibs-%{version}.tar.bz2 Source1: kde.sh Source2: kde.csh Source3: devices.protocol @@ -49,45 +61,41 @@ Patch38: kdelibs-3.5.2-cupsdconf2-group.patch Patch39: kdelibs-3.5.4-kabc-make.patch Patch40: kdelibs-3.5.4-kdeprint-utf8.patch Patch41: kdelibs-3.5.6-utempter.patch -Patch42: kdelibs-3.5.7-ICEauthority.patch Patch43: kdelibs-3.5.6-lang.patch +Patch44: kdelibs-3.5.7-cups13.patch # use /etc/kde in addition to /usr/share/config, borrowed from debian -Patch104: kdelibs-3.5.5-kstandarddirs.patch - -# upstream patches -# kget ignores simultaneous download limit (kde #101956) -Patch502: kdelibs-3.5.0-101956.patch -# automake-1.10, $(all_libraries) is missing from a few LDFLAGS (kde #137675) -Patch503: kdelibs-3.5.6-137675.patch -Patch505: kdelibs-3.5.7-kde#146105.patch +Patch100: kdelibs-3.5.5-kstandarddirs.patch # http://bugs.kde.org/93359, alternative to export libltdl_cv_shlibext=".so" hack. -Patch93359: kde-3.5-libtool-shlibext.patch -## See http://bugs.kde.org/139445, patch needs boost-devel, FIXME, doesn't apply to kde-3.5.7 -Patch139445: kdelibs-3.5.5-lib_loader-1.2.patch -#BuildRequires: boost-devel +Patch101: kde-3.5-libtool-shlibext.patch +# automake-1.10, $(all_libraries) is missing from a few LDFLAGS (kde #137675) +Patch102: kdelibs-3.5.6-137675.patch +# kget ignores simultaneous download limit (kde #101956) +Patch103: kdelibs-3.5.0-101956.patch -# To help transition to kde4 -Provides: kdelibs3 = %{version}-%{release} +## upstream patches +Patch500: kdelibs-3.5.7-kde#146105.patch +# http://bugzilla.redhat.com/244065 +# http://websvn.kde.org/branches/KDE/3.5/kdelibs/kinit/setproctitle.cpp?r1=438982&r2=698691 +Patch501: kdelibs-3.5.7-rh#244065.patch +# http://www.kde.org/info/security/advisory-20070815-1.txt +Patch502: ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdelibs-kdecore.diff -Requires: arts >= %{arts_epoch}:%{arts_version} +%{?arts:Requires: arts >= %{arts_epoch}:%{arts_version}} Requires: qt >= %{qt_epoch}:%{qt_ver} -Requires: cups-libs >= %{cups_epoch}:1.1.12 Requires: hicolor-icon-theme %if %{kde_settings} Requires: kde-settings >= 3.5 %endif +Requires: kde-filesystem Requires: redhat-menus Requires: shadow-utils -# kdesu/sudo support, http://bugs.kde.org/20914 BuildRequires: sudo Requires(hint): sudo -# dnssd, FIXME/TODO -#BuildRequires: mDNSResponder-devel %if 0%{?fedora} > 4 || 0%{?rhel} > 4 -%define libkdnssd libkdnssd -Requires: libkdnssd +%define libkdnssd libkdnssd +Requires: %{libkdnssd} %define BuildRequires: xorg-x11-proto-devel libX11-devel %define _with_rgbfile --with-rgbfile=%{_datadir}/X11/rgb.txt Requires: iceauth @@ -99,9 +107,9 @@ Requires(postun): /sbin/ldconfig BuildRequires: gettext BuildRequires: pcre-devel -BuildRequires: cups-devel >= %{cups_epoch}:1.1.20, cups +BuildRequires: cups-devel cups BuildRequires: qt-devel qt-devel-docs -BuildRequires: arts-devel >= %{arts_epoch}:%{arts_version} +%{?arts:BuildRequires: arts-devel >= %{arts_epoch}:%{arts_version}} BuildRequires: flex >= 2.5.4a-13 BuildRequires: doxygen BuildRequires: libxslt-devel @@ -131,7 +139,6 @@ BuildRequires: alsa-lib-devel BuildRequires: pkgconfig BuildRequires: glibc-kernheaders %if 0%{?fedora} > 5 || 0%{?rhel} > 4 -# See also http://bugzilla.redhat.com/205767 %define _with_libutempter 1 BuildRequires: libutempter-devel %else @@ -144,6 +151,10 @@ BuildRequires: OpenEXR-devel BuildRequires: automake libtool %endif +%if "%{name}" != "kdelibs" && "%{?apidocs}" != "1" +Obsoletes: kdelibs-apidocs < 6:%{version}-%{release} +%endif + %description Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), @@ -154,23 +165,19 @@ kimgio (image manipulation). %package devel Group: Development/Libraries Summary: Header files and documentation for compiling KDE applications. -Provides: kdelibs3-devel = %{version}-%{release} -Requires: %{name} = %{epoch}:%{version}-%{release} +Conflicts: kdelibs4-devel +%if "%{name}" == "kdelibs" +Obsoletes: kdelibs3-devel < %{version}-%{release} +Provides: kdelibs3-devel = %{version}-%{release} +%else +Obsoletes: kdelibs-devel < 6:%{version}-%{release} +Provides: kdelibs-devel = 6:%{version}-%{release} +%endif +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} Requires: qt-devel -Requires: arts-devel +%{?arts:Requires: arts-devel} %{?libkdnssd:Requires: libkdnssd-devel} -## those below can/should be omitted from future builds -- Rex -Requires: libart_lgpl-devel -Requires: libxslt-devel -Requires: libjpeg-devel -Requires: zlib-devel Requires: openssl-devel -Requires: bzip2-devel -Requires: libtiff-devel -Requires: libidn-devel -Requires: libacl-devel -Requires: pcre-devel -%{?_with_libutempter:Requires: libutempter-devel} %description devel This package includes the header files you will need to compile applications for KDE. @@ -178,19 +185,24 @@ applications for KDE. %package apidocs Group: Development/Documentation Summary: KDE API documentation. -Requires: %{name} = %{epoch}:%{version} -Obsoletes: kdelibs-docs < %{epoch}:%{version}-%{release} +Requires: %{name} = %{?epoch:%{epoch}:}%{version} +%if "%{name}" == "kdelibs" +Provides: kdelibs3-apidocs = %{version}-%{release} +%else +Obsoletes: kdelibs-apidocs < 6:%{version}-%{release} +Provides: kdelibs-apidocs = 6:%{version}-%{release} +%endif + %description apidocs This package includes the KDE API documentation in HTML format for easy browsing %prep -%setup -q +%setup -q -n kdelibs-%{version} + %patch1 -p1 -b .xdg-menu -%if "%{?debug}" != "1" %patch2 -p1 -b .debug -%endif %patch4 -p1 -b .ksyscoca %patch5 -p1 -b .openssl %patch15 -p1 -b .buildroot @@ -203,17 +215,17 @@ format for easy browsing %patch39 -p1 -b .kabc-make %patch40 -p1 -b .kdeprint-utf8 %{?_with_libutempter:%patch41 -p1 -b .utempter} -# omission recommended by upstream: http://bugs.kde.org/147454#c37 -#patch42 -p1 -b .ICEauthority %patch43 -p1 -b .lang +%patch44 -p1 -b .cups13 -%patch104 -p1 -b .kstandarddirs +%patch100 -p1 -b .kstandarddirs +%patch101 -p1 -b .libtool-shlibext +%patch102 -p0 -b .kde#137675 # upstream patches -%patch503 -p0 -b .kde#137675 -%patch505 -p0 -b .kde#146105 -%patch93359 -p1 -b .libtool-shlibext -#patch139445 -p1 -b .kde#139445 +%patch500 -p0 -b .kde#146105 +%patch501 -p4 -b .rh#244065 +%patch502 -p0 -b .advisory-20070815-1 sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h @@ -226,8 +238,6 @@ sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{versi unset QTDIR && . /etc/profile.d/qt.sh export QTDOC=%{qtdocdir} -# use patch93359 instead -#export libltdl_cv_shlibext=".so" if [ -x /etc/profile.d/krb5.sh ]; then . /etc/profile.d/krb5.sh @@ -265,9 +275,8 @@ fi make %{?_smp_mflags} -# FIXME/TODO: build as noarch? -- Rex -%if %{apidocs} -make %{?_smp_mflags} apidox +%if "%{?apidocs}" == "1" + make %{?_smp_mflags} apidox %endif @@ -279,12 +288,11 @@ make DESTDIR=%{buildroot} install chmod a+x %{buildroot}%{_libdir}/* install -p -m 644 %{SOURCE3} %{buildroot}%{_datadir}/services/devices.protocol +%if "%{?apidocs}" == "1" pushd %{buildroot}%{_docdir} ln -sf HTML/en/kdelibs-apidocs %{name}-devel-%{kde_major_version} popd - -mkdir -p %{buildroot}%{_sysconfdir}/profile.d -install -p -m 755 %{SOURCE1} %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d/ +%endif # Make symlinks relative pushd %{buildroot}%{_docdir}/HTML/en @@ -296,15 +304,18 @@ for i in *; do done popd -## menus +%if "%{name}" == "kdelibs3" +install -p -m 755 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d/kde3.sh +install -p -m 755 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d/kde3.csh +%else +install -p -m 755 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d/kde.sh +install -p -m 755 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d/kde.csh +# menus + mkdir -p %{buildroot}%{_sysconfdir}/kde/xdg/menus mv %{buildroot}%{_sysconfdir}/xdg/menus/applications.menu \ %{buildroot}%{_sysconfdir}/xdg/menus/kde-applications.menu -# compat-symlinks, can go away eventually -- Rex -ln -s %{_sysconfdir}/xdg/menus/kde-applications.menu \ - %{buildroot}%{_sysconfdir}/kde/xdg/menus/kde-applications.menu -ln -s kde-applications.menu \ - %{buildroot}%{_sysconfdir}/kde/xdg/menus/applications.menu +%endif echo "OnlyShowIn=KDE;" >> %{buildroot}%{_datadir}/applications/kde/kresources.desktop @@ -314,7 +325,7 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/icons/hicolor/ # ghost'd files touch $RPM_BUILD_ROOT%{_datadir}/services/ksycoca -## remove references to extraneous/optional libraries in .la files (#170602) +# remove references to extraneous/optional libraries in .la files (#170602) # fam, libart_lgpl, pcre, libidn, libpng, libjpeg, libdns_sd, libacl/libattr, alsa-lib/asound find $RPM_BUILD_ROOT%{_libdir} -name "*.la" | xargs \ sed -i \ @@ -339,25 +350,40 @@ find $RPM_BUILD_ROOT%{_libdir} -name "*.la" | xargs \ -e "s@-lasound@@g" \ -e "s@-lutempter@@g" -## unpackaged files # libkdnssd bits rm -f %{buildroot}%{_libdir}/libkdnssd.la %{?libkdnssd:rm -rf %{buildroot}{%{_libdir}/libkdnssd.*,%{_includedir}/kde/dnssd}} +%if "%{name}" != "kdelibs" +# remove conflicts with kdelibs-4 +pushd %{buildroot}%{_bindir} +rm -f cupsdconf cupsdoprint imagetops kaddprinterwizard kconf_update kcookiejar \ + kde-menu kdesu_stub kdontchangethehostname kdostartupconfig kio_http_cache_cleaner kioslave \ + klauncher kpac_dhcp_helper ksendbugmail kstartupconfig ktradertest \ + make_driver_db_cups make_driver_db_lpr meinproc preparetips \ + khotnewstuff kinstalltheme kcmshell kfile kioexec +# devel stuff (skip for now) +#rm -f checkXML kconfig_compiler ksvgtopng kunittestmodrunner makekdewidgets +popd +rm -f %{buildroot}%{_datadir}/config/* \ + %{buildroot}%{_datadir}/config/ui/kprintpreviewui.rc || : + +rm -rf %{buildroot}%{_datadir}/config/colors \ + %{buildroot}%{_datadir}/apps/k* \ + %{buildroot}%{_datadir}/apps/LICENSES \ + %{buildroot}%{_datadir}/apps/proxyscout \ + %{buildroot}%{_datadir}/locale \ + %{buildroot}%{_datadir}/autostart \ + %{buildroot}/etc/xdg \ + %{buildroot}%{_docdir}/HTML \ + %{buildroot}%{_datadir}/emoticons +%endif + %clean rm -rf %{buildroot} -# Not sure if this is really needed anymore, but doesn't look harmful either -- Rex -%pre -if [ -d /etc/skel/Desktop/Autostart ]; then - mv -f /etc/skel/Desktop/Autostart /etc/skel/Desktop/Autostart-OLD..KDE -elif [ -d /etc/skel/Desktop/Autostart.rpmsave ]; then - mv -f /etc/skel/Desktop/Autostart.rpmsave /etc/skel/Desktop/Autostart-OLD..KDE -fi -exit 0 - %post /sbin/ldconfig touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || : @@ -373,14 +399,10 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || : %files %defattr(-,root,root,-) +%doc README +%doc COPYING COPYING.BSD COPYING.LIB COPYING-DOCS %config(noreplace) %{_sysconfdir}/profile.d/* -%dir %{_sysconfdir}/kde -%dir %{_sysconfdir}/kde/xdg -%dir %{_sysconfdir}/kde/xdg/menus -%{_sysconfdir}/kde/xdg/menus/*.menu -%{_sysconfdir}/xdg/menus/*.menu %{_bindir}/artsmessage -%{_bindir}/checkXML %{_bindir}/cupsdconf %{_bindir}/cupsdoprint %{_bindir}/dcop @@ -400,7 +422,6 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || : %{_bindir}/kbuildsycoca %{_bindir}/kcmshell %{_bindir}/kconf_update -%{_bindir}/kconfig_compiler %{_bindir}/kcookiejar %{_bindir}/kde-config %{_bindir}/kde-menu @@ -424,59 +445,102 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || : %{_bindir}/ksendbugmail %{_bindir}/kshell %{_bindir}/kstartupconfig -%{_bindir}/ksvgtopng %{_bindir}/ktelnetservice %{_bindir}/ktradertest -%{_bindir}/kunittestmodrunner %{_bindir}/kwrapper %{_bindir}/lnusertemp %{_bindir}/make_driver_db_cups %{_bindir}/make_driver_db_lpr -%{_bindir}/makekdewidgets %{_bindir}/meinproc %{_bindir}/preparetips -%attr(4755,root,root) %{_bindir}/kpac_dhcp_helper -%attr(4755,root,root) %{_bindir}/kgrantpty %{_bindir}/start_kdeinit +%attr(4755,root,root) %{_bindir}/kgrantpty %{_libdir}/lib*.so.* %{_libdir}/libkdeinit_*.so %{_libdir}/lib*.la %{_libdir}/kde3/ -%{_datadir}/applications/ -%{_datadir}/apps/ -%{_datadir}/locale/all_languages -%dir %{_datadir}/config +%{_datadir}/applications/kde/*.desktop +%{_datadir}/apps/* +%exclude %{_datadir}/apps/ksgmltools2/ +%exclude %{_datadir}/apps/kdewidgets/ +%exclude %{_libdir}/kde3/plugins/designer/kdewidgets.* %config(noreplace) %{_datadir}/config/* -%{_datadir}/emoticons %{_datadir}/icons/crystalsvg/ %{_datadir}/icons/default.kde -%{_datadir}/mimelnk/ -%{_datadir}/autostart/ -%{_datadir}/services/ +%{_datadir}/mimelnk/magic +%{_datadir}/mimelnk/*/*.desktop +%{_datadir}/services/* +%{_datadir}/servicetypes/* %ghost %{_datadir}/services/ksycoca -%{_datadir}/servicetypes/ -%dir %{_docdir}/HTML -%dir %{_docdir}/HTML/en +%if "%{name}" == "kdelibs" +%{_sysconfdir}/xdg/menus/*.menu +%attr(4755,root,root) %{_bindir}/kpac_dhcp_helper +%{_datadir}/autostart/* +%{_datadir}/emoticons/* +%{_datadir}/locale/all_languages %{_docdir}/HTML/en/common %{_docdir}/HTML/en/kspell +%endif %files devel -%defattr(-,root,root) +%defattr(-,root,root,-) +%{_bindir}/checkXML %{_bindir}/dcopidl* +%{_bindir}/kconfig_compiler +%{_bindir}/ksvgtopng +%{_bindir}/kunittestmodrunner +%{_bindir}/makekdewidgets +%{_datadir}/apps/kdewidgets/ +%dir %{_libdir}/kde3/plugins/designer +%{_libdir}/kde3/plugins/designer/kdewidgets.* +%{_datadir}/apps/ksgmltools2/ %{_includedir}/kde/ %{_libdir}/lib*.so %{_libdir}/lib*.a %exclude %{_libdir}/libkdeinit_*.so -%if %{apidocs} +%if "%{?apidocs}" == "1" %files apidocs -%defattr(-,root,root) +%defattr(-,root,root,-) %{_docdir}/%{name}-devel-%{kde_major_version} %{_docdir}/HTML/en/kdelibs* %endif %changelog +* Wed Aug 15 2007 Rex Dieter 6:3.5.7-20 +- CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 +- clarify licensing + +* Tue Aug 14 2007 Rex Dieter 6:3.5.7-19 +- ConsoleKit-related patch (#244065) + +* Sun Aug 12 2007 Florian La Roche 6:3.5.7-18 +- fix apidocs subpackage requires + +* Mon Aug 06 2007 Than Ngo - 6:3.5.7-17 +- cleanup + +* Fri Aug 03 2007 Rex Dieter - 6:3.5.7-16 +- undo kdelibs3 rename (for now, anyway) +- move to -devel: checkXML, kconfig_compiler, (make)kdewidgets, ksgmltools2, + ksvgtopng, kunittestmodrunner +- set KDE_IS_PRELINKED unconditionally (#244065) +- License: LGPLv2+ + +* Fri Jul 20 2007 Rex Dieter - 6:3.5.7-15 +- Obsoletes/Provides: kdelibs-apidocs (kdelibs3) + +* Fri Jul 20 2007 Rex Dieter - 6:3.5.7-14 +- toggle kdelibs3 (f8+) + +* Wed Jul 18 2007 Rex Dieter - 6:3.5.7-13 +- build fails against cups-1.3 (#248717) +- incorporate kdelibs3 bits (not enabled... yet) + +* Wed Jul 18 2007 Rex Dieter - 6:3.5.7-10 +- +Requires: kde-filesystem + * Mon Jul 09 2007 Rex Dieter - 6:3.5.7-9 - omit ICEauthority patch (kde#147454, rh#243560, rh#247455) diff --git a/post-3.5.7-kdelibs-kdecore.diff b/post-3.5.7-kdelibs-kdecore.diff new file mode 100644 index 0000000..eb7e89e --- /dev/null +++ b/post-3.5.7-kdelibs-kdecore.diff @@ -0,0 +1,61 @@ +------------------------------------------------------------------------ +r700053 | mueller | 2007-08-14 18:37:30 +0200 (Tue, 14 Aug 2007) | 2 lines + +be more robust against addressbar spoofing (CVE-2007-4225) + +------------------------------------------------------------------------ +--- kdecore/tests/kurltest.cpp ++++ kdecore/tests/kurltest.cpp +@@ -288,6 +288,16 @@ int main(int argc, char *argv[]) + check("KURL::prettyURL()", url15582.prettyURL(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%in%url.html"); + check("KURL::url()", url15582.url(), "http://alain.knaff.linux.lu/bug-reports/kde/percentage%25in%25url.html"); + ++ KURL whitespaceInUser("http://www.google.com%20%20%20%20%20@foobar.com/"); ++ check("KURL::prettyURL()", whitespaceInUser.prettyURL(), "http://www.google.com%20%20%20%20%20@foobar.com/"); ++ ++ KURL whitespaceInPath("http://www.google.com/foo%20bar/"); ++ check("KURL::prettyURL()", whitespaceInPath.prettyURL(), "http://www.google.com/foo bar/"); ++ ++ KURL whitespaceInPath2("http://www.google.com/foo%20%20%20%20%20%20%20bar/"); ++ check("KURL::prettyURL()", whitespaceInPath2.prettyURL(), ++ "http://www.google.com/foo%20%20%20%20%20%20 bar/"); ++ + KURL carsten; + carsten.setPath("/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18"); + check("KURL::path()", carsten.path(), "/home/gis/src/kde/kdelibs/kfile/.#kfiledetailview.cpp.1.18"); +@@ -594,6 +604,15 @@ int main(int argc, char *argv[]) + check("http: URL with empty path string path", waba1.path(), + ""); + ++ waba1 = "http://www.meinestadt.de&url_plain=http"; ++ check("http: URL with empty path string", waba1.host(), ++ "www.meinestadt.de&url_plain=http"); ++ check("http: URL with empty path string", waba1.htmlURL(), ++ "http://www.meinestadt.de&url_plain=http"); ++ ++ check("http: URL with empty path string", waba1.path(), ++ ""); ++ + waba1 = "http://a:389#b=c"; + check( "http: URL with port, ref, and empty path; url", waba1.url(), "http://a:389#b=c" ); + check( "http: URL with port, ref, and empty path; host", waba1.host(), "a" ); +--- kdecore/kurl.cpp ++++ kdecore/kurl.cpp +@@ -183,7 +183,7 @@ static QString lazy_encode( const QStrin + (character == '?') || // Start of query delimiter + ((character == '@') && encodeAt) || // Username delimiter + (character == '#') || // Start of reference delimiter +- ((character == 32) && (i+1 == old_length))) // A trailing space ++ ((character == 32) && (i+1 == old_length || segment[i+1] == ' '))) // A trailing space + { + new_segment[ new_length++ ] = '%'; + +@@ -1540,7 +1540,7 @@ QString KURL::prettyURL( int _trailing ) + u += "//"; + if ( hasUser() ) + { +- u += lazy_encode(m_strUser); ++ u += encode(m_strUser, 0, 0); + // Don't show password! + u += "@"; + }