From 79562368132908a133c4ee33f0a60af7d4d2fd48 Mon Sep 17 00:00:00 2001
From: Daniel Jahre <rock@lospalmos.net>
Date: Mon, 24 May 2004 09:34:08 +0000
Subject: [PATCH] Daniel Jahre: 	this adds a rediffed security patch to the
 kdelibs package 	see
 http://lists.kde.org/?l=kde-announce&m=108479191819832&w=2 for reference

[2004051817564715861] (https://www.rocklinux.net/submaster)



git-svn-id: http://www.rocklinux.org/svn/rock-linux/trunk@3091 c5f82cb5-29bc-0310-9cd0-bff59a50e3bc
---
 .../kde/kdelibs/kde.org-security-fix.patch    | 37 +++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 package/kde/kdelibs/kde.org-security-fix.patch

diff --git a/package/kde/kdelibs/kde.org-security-fix.patch b/package/kde/kdelibs/kde.org-security-fix.patch
new file mode 100644
index 000000000..70c697918
--- /dev/null
+++ b/package/kde/kdelibs/kde.org-security-fix.patch
@@ -0,0 +1,37 @@
+diff -rduN kdelibs-old/kdecore/kapplication.cpp kdelibs-new/kdecore/kapplication.cpp
+--- kdelibs-old/kdecore/kapplication.cpp	2004-04-04 11:08:10.000000000 +0200
++++ kdelibs-new/kdecore/kapplication.cpp	2004-05-18 16:54:14.000000000 +0200
+@@ -2165,7 +2165,7 @@
+ 
+    if (command.isEmpty() || command == QString::fromLatin1("kmail")
+        || command.endsWith("/kmail"))
+-     command = QString::fromLatin1("kmail --composer -s %s -c %c -b %b --body %B --attach %A %t");
++     command = QString::fromLatin1("kmail --composer -s %s -c %c -b %b --body %B --attach %A -- %t");
+ 
+    // TODO: Take care of the preferred terminal app (instead of hardcoding
+    // Konsole), this will probably require a rewrite of the configurable
+diff -rduN kdelibs-old/kio/misc/ktelnetservice.cpp kdelibs-new/kio/misc/ktelnetservice.cpp
+--- kdelibs-old/kio/misc/ktelnetservice.cpp	2004-02-28 10:50:23.000000000 +0100
++++ kdelibs-new/kio/misc/ktelnetservice.cpp	2004-05-18 17:06:26.000000000 +0200
+@@ -77,10 +77,19 @@
+ 		cmd << url.user();
+ 	}
+ 
++        QString host;
+         if (!url.host().isEmpty())
+-           cmd << url.host(); // telnet://host
++           host = url.host(); // telnet://host
+         else if (!url.path().isEmpty())
+-           cmd << url.path(); // telnet:host
++           host = url.path(); // telnet:host
++
++        if (host.isEmpty() || host.startsWith("-"))
++        {
++            kdError() << "Invalid hostname " << host << endl;
++            return 2;
++        }
++
++        cmd << host;
+         
+ 	if (url.port()){
+             if ( url.protocol() == "ssh" )