Diffusion FreeBSD ports repository rP421128

MFH: r420994
rP421128
Actions

Description

MFH: r420994

Add upstream patch for a security issue in karchive:

Directory traversal vulnerability in KArchive before 5.24, as
used in KDE Frameworks, allows remote attackers to write to
arbitrary files via a ../ (dot dot slash) in a filename in an
archive file, related to KNewsstuff downloads.

Review the patch is from: https://git.reviewboard.kde.org/r/128749/
Original KF5 review: https://git.reviewboard.kde.org/r/128185/
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6232

Approved by: rakuco (mentor)
Security: 4472ab39-6c66-11e6-9ca5-50e549ebab6c, CVE-2016-6232

Approved by: ports-secteam (junovitch), rakuco (mentor)

Details

Provenance

tcberner

Authored on

Parents

rP421127: audio/teamspeak3-server: 3.0.12.4 -> 3.0.13.2

Branches

Unknown

Tags

Unknown

Event Timeline

tcberner committed rP421128: MFH: r420994.Aug 30 2016, 6:10 PM

Changes (3)

Path

Size

branches/

2016Q3/

x11/

kdelibs4/

Makefile

	branches/	2016Q3/	x11/	kdelibs4/	files/
		head/	x11/	kdelibs4/	files/

patch-git_dd1c2da

rP421128

View Options

branches/2016Q3/

View Options

branches/2016Q3/x11/kdelibs4/Makefile

View Options

branches/2016Q3/x11/kdelibs4/files/patch-git_dd1c2da

MFH: r420994rP421128Actions

Description

Details

Event Timeline

Changes (3)

rP421128

branches/2016Q3/

branches/2016Q3/x11/kdelibs4/Makefile

branches/2016Q3/x11/kdelibs4/files/patch-git_dd1c2da

MFH: r420994
rP421128
Actions