summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Huber <johu@gentoo.org>2016-01-09 16:57:53 +0100
committerJohannes Huber <johu@gentoo.org>2016-01-09 16:58:10 +0100
commit482f523317639f94b7ef195d2d105699e5966d48 (patch)
treea77eb30e26e301f07addef5a3f5ae4fdc83c78e4 /net-irc/quassel
parentprofiles/package.mask: unmask fixed stuff (diff)
downloadgentoo-482f523317639f94b7ef195d2d105699e5966d48.tar.gz
gentoo-482f523317639f94b7ef195d2d105699e5966d48.tar.bz2
gentoo-482f523317639f94b7ef195d2d105699e5966d48.zip
net-irc/quassel: Revision bump for CVE-2015-8547
Add upstream patch to fix CVE-2015-8547. Gentoo-Bug: 568150 Package-Manager: portage-2.2.26
Diffstat (limited to 'net-irc/quassel')
-rw-r--r--net-irc/quassel/files/quassel-0.12.2-CVE-2015-8547.patch22
-rw-r--r--net-irc/quassel/quassel-0.12.2-r3.ebuild (renamed from net-irc/quassel/quassel-0.12.2-r2.ebuild)7
-rw-r--r--net-irc/quassel/quassel-0.12.2.ebuild2
3 files changed, 28 insertions, 3 deletions
diff --git a/net-irc/quassel/files/quassel-0.12.2-CVE-2015-8547.patch b/net-irc/quassel/files/quassel-0.12.2-CVE-2015-8547.patch
new file mode 100644
index 000000000000..cf838c7cb46b
--- /dev/null
+++ b/net-irc/quassel/files/quassel-0.12.2-CVE-2015-8547.patch
@@ -0,0 +1,22 @@
+From 476aaa050f26d6a31494631d172724409e4c569b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Konstantin=20Bl=C3=A4si?= <kblaesi@gmail.com>
+Date: Wed, 21 Oct 2015 03:26:02 +0200
+Subject: [PATCH] Fixes a crash of the core when executing "/op *" in a query.
+
+---
+ src/core/coreuserinputhandler.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/coreuserinputhandler.cpp b/src/core/coreuserinputhandler.cpp
+index 7887a92..73aac48 100644
+--- a/src/core/coreuserinputhandler.cpp
++++ b/src/core/coreuserinputhandler.cpp
+@@ -228,7 +228,7 @@ void CoreUserInputHandler::doMode(const BufferInfo &bufferInfo, const QChar& add
+ if (!isNumber || maxModes == 0) maxModes = 1;
+
+ QStringList nickList;
+- if (nicks == "*") { // All users in channel
++ if (nicks == "*" && bufferInfo.type() == BufferInfo::ChannelBuffer) { // All users in channel
+ const QList<IrcUser*> users = network()->ircChannel(bufferInfo.bufferName())->ircUsers();
+ foreach(IrcUser *user, users) {
+ if ((addOrRemove == '+' && !network()->ircChannel(bufferInfo.bufferName())->userModes(user).contains(mode))
diff --git a/net-irc/quassel/quassel-0.12.2-r2.ebuild b/net-irc/quassel/quassel-0.12.2-r3.ebuild
index 11f6a4f94ec0..967f8d0b3d2d 100644
--- a/net-irc/quassel/quassel-0.12.2-r2.ebuild
+++ b/net-irc/quassel/quassel-0.12.2-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
@@ -97,7 +97,10 @@ DEPEND="${RDEPEND}
DOCS=( AUTHORS ChangeLog README )
-PATCHES=( "${FILESDIR}/${P}-qt55.patch" )
+PATCHES=(
+ "${FILESDIR}/${P}-qt55.patch"
+ "${FILESDIR}/${P}-CVE-2015-8547.patch"
+)
REQUIRED_USE="
|| ( X server monolithic )
diff --git a/net-irc/quassel/quassel-0.12.2.ebuild b/net-irc/quassel/quassel-0.12.2.ebuild
index 470d03853d6b..42d536b6f048 100644
--- a/net-irc/quassel/quassel-0.12.2.ebuild
+++ b/net-irc/quassel/quassel-0.12.2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$