Index: branches/2017Q1/devel/kf5-kio/Makefile =================================================================== --- branches/2017Q1/devel/kf5-kio/Makefile (revision 436914) +++ branches/2017Q1/devel/kf5-kio/Makefile (revision 436915) @@ -1,22 +1,23 @@ # Created by: tcberner # $FreeBSD$ PORTNAME= kio PORTVERSION= ${KDE_FRAMEWORKS_VERSION} +PORTREVISION= 1 CATEGORIES= devel kde kde-frameworks MAINTAINER= kde@FreeBSD.org COMMENT= KF5 resource and network access abstraction USES= cmake:outsource compiler:c++11-lib desktop-file-utils \ gettext kde:5 ssl tar:xz USE_GNOME= libxml2 libxslt USE_KDE= archive auth bookmarks codecs completion config \ configwidgets coreaddons dbusaddons doctools ecm \ i18n iconthemes itemviews jobwidgets \ notifications service solid sonnet textwidgets wallet \ widgetsaddons windowsystem xmlgui USE_QT5= buildtools_build concurrent core dbus gui network \ qmake_build script widgets x11extras xml .include Index: branches/2017Q1/devel/kf5-kio/files/patch-git_f9d0cb4_cve-2017-6410 =================================================================== --- branches/2017Q1/devel/kf5-kio/files/patch-git_f9d0cb4_cve-2017-6410 (nonexistent) +++ branches/2017Q1/devel/kf5-kio/files/patch-git_f9d0cb4_cve-2017-6410 (revision 436915) @@ -0,0 +1,43 @@ +From f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid +Date: Tue, 28 Feb 2017 19:00:48 +0100 +Subject: [PATCH] Sanitize URLs before passing them to FindProxyForURL + +Remove user/password information +For https: remove path and query + +Thanks to safebreach.com for reporting the problem + +CCMAIL: yoni.fridburg@safebreach.com +CCMAIL: amit.klein@safebreach.com +CCMAIL: itzik.kotler@safebreach.com +--- + src/kpac/script.cpp | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/kpac/script.cpp b/src/kpac/script.cpp +index a0235f73..2485c54d 100644 +--- src/kpac/script.cpp ++++ src/kpac/script.cpp +@@ -754,9 +754,16 @@ QString Script::evaluate(const QUrl &url) + } + } + ++ QUrl cleanUrl = url; ++ cleanUrl.setUserInfo(QString()); ++ if (cleanUrl.scheme() == QLatin1String("https")) { ++ cleanUrl.setPath(QString()); ++ cleanUrl.setQuery(QString()); ++ } ++ + QScriptValueList args; +- args << url.url(); +- args << url.host(); ++ args << cleanUrl.url(); ++ args << cleanUrl.host(); + + QScriptValue result = func.call(QScriptValue(), args); + if (result.isError()) { +-- +2.11.1 + Property changes on: branches/2017Q1/devel/kf5-kio/files/patch-git_f9d0cb4_cve-2017-6410 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2017Q1/x11/kdelibs4/Makefile =================================================================== --- branches/2017Q1/x11/kdelibs4/Makefile (revision 436914) +++ branches/2017Q1/x11/kdelibs4/Makefile (revision 436915) @@ -1,124 +1,124 @@ # Created by: arved@FreeBSD.org # $FreeBSD$ PORTNAME= kdelibs PORTVERSION= ${KDE4_KDELIBS_VERSION} -PORTREVISION= 9 +PORTREVISION= 10 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_APPLICATIONS_BRANCH}/applications/${KDE4_APPLICATIONS_VERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} MAINTAINER= kde@FreeBSD.org COMMENT= Base set of libraries needed by KDE programs LIB_DEPENDS= libIlmImf.so:graphics/OpenEXR \ libjasper.so:graphics/jasper \ libpcre.so:devel/pcre \ libenchant.so:textproc/enchant \ libgif.so:graphics/giflib \ libpng.so:graphics/png \ libhal.so:sysutils/hal \ libqca.so:devel/qca \ libpolkit-qt-core-1.so:sysutils/polkit-qt \ libdbusmenu-qt.so:devel/libdbusmenu-qt BUILD_DEPENDS= docbook-xml>0:textproc/docbook-xml \ ${LOCALBASE}/share/xsl/docbook/html/docbook.xsl:textproc/docbook-xsl RUN_DEPENDS= ${LOCALBASE}/share/icons/hicolor/index.theme:misc/hicolor-icon-theme \ xauth:x11/xauth \ docbook-xml>0:textproc/docbook-xml \ ${LOCALBASE}/share/xsl/docbook/html/docbook.xsl:textproc/docbook-xsl USES= cmake:outsource fam gettext grantlee:4 jpeg kde:4 perl5 \ shared-mime-info shebangfix tar:xz USE_GNOME= libxml2 libxslt USE_KDE= oxygen-icons4 \ attica automoc4 ontologies soprano strigi USE_OPENSSL= yes USE_QT4= corelib dbus declarative designer_build gui \ network opengl phonon qt3support \ qtestlib script sql svg webkit xml \ moc_build qmake_build rcc_build uic_build \ imageformats_run qdbusviewer_run USE_XORG= sm x11 xcursor xext xfixes xft xpm xrender xtst USE_LDCONFIG= yes MAKE_ENV= XDG_CONFIG_HOME=/dev/null CMAKE_ARGS+= -DWITH_ACL:BOOL=Off \ -DWITH_FAM:BOOL=On \ -DWITH_ASPELL:BOOL=Off \ -DWITH_HSPELL:BOOL=Off \ -DWITH_UDev:BOOL=Off \ -DKDE_DISTRIBUTION_TEXT:STRING="${OPSYS}" \ -DKDE_DEFAULT_HOME:STRING=".kde4" # Do not conflict with KDE Frameworks 5 headers: instead of installing kdelibs4 # headers directly into ${LOCALBASE}/include, put them into include/kde4 (this # also applies to all ports depending on kdelibs4 that derive their header # installation location from it). # If we install the headers directly into ${LOCALBASE}/include, with KDE # Frameworks 5 installed it is possible to end up in a situation where the # compiler is passed this: # -I${LOCALBASE}/include -I${LOCALBASE}/KF5 # which in turn leads to kdelibs4 headers with the same name being used instead # of the KF5 ones, possibly breaking the build. CMAKE_ARGS+= -DINCLUDE_INSTALL_DIR:PATH="${KDE_PREFIX}/include/kde4" SHEBANG_FILES= kdecore/kconfig_compiler/checkkcfg.pl \ kdeui/preparetips \ khtml/bindings/scripts/generate-bindings.pl \ kio/misc/fileshareset \ kio/useragent.pl \ kio/proxytype.pl \ kioslave/http/kcookiejar/kcookiescfg.pl OPTIONS_DEFINE= AVAHI UPNP OPTIONS_DEFAULT=AVAHI AVAHI_LIB_DEPENDS= libavahi-core.so:net/avahi-app UPNP_DESC= UPnP backend for Solid (WARNING: Unstable) UPNP_LIB_DEPENDS= libHUpnp.so:net/hupnp UPNP_CMAKE_ON= -DHUPNP_ENABLED:BOOL=On post-patch: ${REINPLACE_CMD} -e 's,/usr/local,${LOCALBASE},g' \ ${PATCH_WRKSRC}/kde3support/kdeui/k3sconfig.cpp \ ${PATCH_WRKSRC}/kdecore/network/k3socks.cpp \ ${PATCH_WRKSRC}/kdecore/kernel/kstandarddirs.cpp \ ${PATCH_WRKSRC}/kdeui/dialogs/kcupsoptionswidget_p.cpp \ ${PATCH_WRKSRC}/kdeui/kernel/start-session-bus.sh \ ${PATCH_WRKSRC}/kio/kssl/kopenssl.cpp \ ${PATCH_WRKSRC}/kio/kio/ksambashare.cpp \ ${PATCH_WRKSRC}/kjsembed/qtonly/FindQJSInternal.cmake # Fix rgb named colors database path. ${REINPLACE_CMD} -e 's|/usr/X11R6|${LOCALBASE}|g' \ ${PATCH_WRKSRC}/kdeui/colors/kcolordialog.cpp pre-configure: ${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \ -e 's|/usr/X11R6|${LOCALBASE}|g' \ ${PATCH_WRKSRC}/cmake/modules/*.cmake \ ${PATCH_WRKSRC}/ConfigureChecks.cmake \ ${PATCH_WRKSRC}/doc/api/doxygen.sh ${REINPLACE_CMD} -e 's|/usr/include|${LOCALBASE}/include|g' \ ${PATCH_WRKSRC}/cmake/modules/FindDNSSD.cmake ${REINPLACE_CMD} -e 's|soprano/cmake|cmake/Modules|g' \ ${PATCH_WRKSRC}/cmake/modules/FindSoprano.cmake # FindBerkeleyDB.cmake should be rewritten to support multiple version # provided by ports, instead of hardcoding one of them # ${REINPLACE_CMD} -e 's|/usr/local/include/db4|${BDB_INCLUDE_DIR}|' \ # -e 's|NAMES db|NAMES ${BDB_LIB_NAME} ${LOCALBASE}/lib|' \ # ${PATCH_WRKSRC}/cmake/modules/FindBerkeleyDB.cmake # When XSync (xext) is found, xscreensaver is just used as a fallback, # then we can disable it. ${REINPLACE_CMD} -e '/macro_bool_to_01/ s|^.*X11_Xscreensaver.*$$|set(HAVE_XSCREENSAVER 0)|' \ ${PATCH_WRKSRC}/CMakeLists.txt post-install: # workaround for non-standard mime files and directories ${MKDIR} ${STAGEDIR}/${PREFIX}/share/mime/all \ ${STAGEDIR}/${PREFIX}/share/mime/uri .include Index: branches/2017Q1/x11/kdelibs4/files/patch-git_2ab2745 =================================================================== --- branches/2017Q1/x11/kdelibs4/files/patch-git_2ab2745 (revision 436914) +++ branches/2017Q1/x11/kdelibs4/files/patch-git_2ab2745 (nonexistent) @@ -1,19 +0,0 @@ -commit 2ab2745eb01f73355c490ac8d5d1837dec84fd6c -Author: Wolfgang Bauer -Date: Thu Oct 20 15:51:29 2016 +0200 - - Support newer hunspell versions in FindHUNSPELL.cmake - - REVIEW: 128600 - ---- cmake/modules/FindHUNSPELL.cmake -+++ cmake/modules/FindHUNSPELL.cmake -@@ -14,7 +14,7 @@ ENDIF (HUNSPELL_INCLUDE_DIR AND HUNSPELL_LIBRARIES) - - FIND_PATH(HUNSPELL_INCLUDE_DIR hunspell/hunspell.hxx ) - --FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-1.3 hunspell-1.2) -+FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-2.0 hunspell-1.5 hunspell-1.4 hunspell-1.3 hunspell-1.2) - - # handle the QUIETLY and REQUIRED arguments and set HUNSPELL_FOUND to TRUE if - # all listed variables are TRUE Property changes on: branches/2017Q1/x11/kdelibs4/files/patch-git_2ab2745 ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2017Q1/x11/kdelibs4/files/patch-z-cmake_modules_FindHUNSPELL.cmake =================================================================== --- branches/2017Q1/x11/kdelibs4/files/patch-z-cmake_modules_FindHUNSPELL.cmake (revision 436914) +++ branches/2017Q1/x11/kdelibs4/files/patch-z-cmake_modules_FindHUNSPELL.cmake (nonexistent) @@ -1,12 +0,0 @@ ---- cmake/modules/FindHUNSPELL.cmake.orig 2015-06-26 03:14:18 UTC -+++ cmake/modules/FindHUNSPELL.cmake -@@ -14,7 +14,8 @@ ENDIF (HUNSPELL_INCLUDE_DIR AND HUNSPELL - - FIND_PATH(HUNSPELL_INCLUDE_DIR hunspell/hunspell.hxx ) - --FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-2.0 hunspell-1.5 hunspell-1.4 hunspell-1.3 hunspell-1.2) -+FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-2.0 hunspell-1.6 -+ hunspell-1.5 hunspell-1.4 hunspell-1.3 hunspell-1.2 hunspell) - - # handle the QUIETLY and REQUIRED arguments and set HUNSPELL_FOUND to TRUE if - # all listed variables are TRUE Property changes on: branches/2017Q1/x11/kdelibs4/files/patch-z-cmake_modules_FindHUNSPELL.cmake ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2017Q1/x11/kdelibs4/files/patch-cmake_modules_FindHUNSPELL.cmake =================================================================== --- branches/2017Q1/x11/kdelibs4/files/patch-cmake_modules_FindHUNSPELL.cmake (nonexistent) +++ branches/2017Q1/x11/kdelibs4/files/patch-cmake_modules_FindHUNSPELL.cmake (revision 436915) @@ -0,0 +1,27 @@ +Includes the following two upstream commits: + +commit c828f8592fcfd6c2a66ebc18a826de38d6a2fef2 +Author: Pino Toscano +Date: Sat Dec 31 12:08:59 2016 +0100 + + cmake: look for hunspell-1.6 as well + +commit 2ab2745eb01f73355c490ac8d5d1837dec84fd6c +Author: Wolfgang Bauer +Date: Thu Oct 20 15:51:29 2016 +0200 + + Support newer hunspell versions in FindHUNSPELL.cmake + + REVIEW: 128600 + +--- cmake/modules/FindHUNSPELL.cmake ++++ cmake/modules/FindHUNSPELL.cmake +@@ -14,7 +14,7 @@ ENDIF (HUNSPELL_INCLUDE_DIR AND HUNSPELL_LIBRARIES) + + FIND_PATH(HUNSPELL_INCLUDE_DIR hunspell/hunspell.hxx ) + +-FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-1.3 hunspell-1.2) ++FIND_LIBRARY(HUNSPELL_LIBRARIES NAMES hunspell-2.0 hunspell-1.6 hunspell-1.5 hunspell-1.4 hunspell-1.3 hunspell-1.2) + + # handle the QUIETLY and REQUIRED arguments and set HUNSPELL_FOUND to TRUE if + # all listed variables are TRUE Property changes on: branches/2017Q1/x11/kdelibs4/files/patch-cmake_modules_FindHUNSPELL.cmake ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2017Q1/x11/kdelibs4/files/patch-git_1804c2f_cve-2017-6410 =================================================================== --- branches/2017Q1/x11/kdelibs4/files/patch-git_1804c2f_cve-2017-6410 (nonexistent) +++ branches/2017Q1/x11/kdelibs4/files/patch-git_1804c2f_cve-2017-6410 (revision 436915) @@ -0,0 +1,39 @@ +From 1804c2fde7bf4e432c6cf5bb8cce5701c7010559 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid +Date: Tue, 28 Feb 2017 19:08:50 +0100 +Subject: [PATCH] Sanitize URLs before passing them to FindProxyForURL + +Remove user/password information +For https: remove path and query + +Backport from kio f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 +--- + kio/misc/kpac/script.cpp | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/kio/misc/kpac/script.cpp b/kio/misc/kpac/script.cpp +index a595301307..9ab360a0b5 100644 +--- kio/misc/kpac/script.cpp ++++ kio/misc/kpac/script.cpp +@@ -754,9 +754,16 @@ namespace KPAC + } + } + ++ KUrl cleanUrl = url; ++ cleanUrl.setUserInfo(QString()); ++ if (cleanUrl.scheme().toLower() == QLatin1String("https")) { ++ cleanUrl.setPath(QString()); ++ cleanUrl.setQuery(QString()); ++ } ++ + QScriptValueList args; +- args << url.url(); +- args << url.host(); ++ args << cleanUrl.url(); ++ args << cleanUrl.host(); + + QScriptValue result = func.call(QScriptValue(), args); + if (result.isError()) { +-- +2.11.1 + Property changes on: branches/2017Q1/x11/kdelibs4/files/patch-git_1804c2f_cve-2017-6410 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: branches/2017Q1 =================================================================== --- branches/2017Q1 (revision 436914) +++ branches/2017Q1 (revision 436915) Property changes on: branches/2017Q1 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r431563,435896