notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
This referral link gives you 10% off a Fastmail.com account and gives me a discount on my Fastmail account.
New feature planned: get notified when the package is available. Now is the time to contribute ideas/suggestions.
non port: devel/kf5-kio/files

Number of commits found: 8

Wednesday, 17 Jun 2020
10:45 tcberner search for other commits by this committer
Update KDE Frameworks to 5.71.0

June 06, 2020. KDE today announces the release of KDE Frameworks 5.71.0.

KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.

This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.

Announcement:
        https://kde.org/announcements/kde-frameworks-5.71.0

Exp-run by:	antoine
PR:		247240
Original commitRevision:539415 
Sunday, 24 May 2020
20:22 tcberner search for other commits by this committer
devel/kf5-kio: add upstream bug fix: "Could not find the program 'konsole'"

From upstrams [1] bug report

Fix service file specifying 'Run in terminal' giving an error code 100

Happens because KIO::DesktopExecParser::resultingArguments() prepends
the terminal application to the command line.  If this is a relative path,
as it is most likely to be (and will be in the default 'konsole' case),
the "realExecutable" check in KProcessRunner::KProcessRunner() is triggered
and the job aborts with an error.

Expand the specified terminal executable into a full path in
resultingArguments(),
and return an error immediately if it cannot be found.  This full terminal path
is not relative for the KProcessRunner::KProcessRunner() check and does not
fail.

Check that resultingArguments() is not empty (an error return) before accessing
the first word of the command, so that it does not assert if the list is empty.
Also only call resultingArguments() once.

[1] https://bugs.kde.org/show_bug.cgi?id=421374

PR:		246659
Reported by:	Serge Volkov <sv@ulstu.ru>
Original commitRevision:536419 
Sunday, 17 Nov 2019
11:06 tcberner search for other commits by this committer
Update KDE Frameworks to 5.64.0

November 10, 2019. KDE today announces the release of KDE Frameworks 5.64.0. [1]

KDE Frameworks are over 70 addon libraries to Qt which provide a wide variety
of commonly needed functionality in mature, peer reviewed and well tested
libraries with friendly licensing terms. For an introduction see the KDE
Frameworks web page.

This release is part of a series of planned monthly releases making
improvements available to developers in a quick and predictable manner.

Noteably, there is one FreeBSD specific change:
* KCoreAddons
  - KProcessInfoList -- add proclist backend for FreeBSD

[1] https://kde.org/announcements/kde-frameworks-5.64.0.php

PR:		241852
Exp-run by:	antoine
Original commitRevision:517817 
Friday, 8 Nov 2019
08:13 tcberner search for other commits by this committer
devel/kf5-kio: add upstream patch for nextcloud calendar support.

Upstream PR:
	https://bugs.kde.org/show_bug.cgi?id=413316

PR:		241741
Reported by:	Greg Rivers <gcr@tharned.org>
Original commitRevision:517033 
Monday, 12 Nov 2018
18:31 tcberner search for other commits by this committer
Update KDE Frameworks to 5.52.0

PR:		233107
Exp-run by:	antoine
Original commitRevision:484814 
Saturday, 20 Oct 2018
18:07 tcberner search for other commits by this committer
devel/kf5-kio: add upstream patch to fix crash when accessing help

Obtained
from:	https://cgit.kde.org/kio.git/commit/?id=cf3b0d102855a4a90db3fb65a99e0009fcdd3755
Original commitRevision:482610 
Friday, 17 Mar 2017
06:27 tcberner search for other commits by this committer
Update KDE Frameworks to 5.32

* While here, set the MASTER_SITES for the portingAids separately.
* Stop to couple kirigamis' distfiles with kf5 until it's actually a part of it.

PR:		217709
Exp-Run by:	antoine
Reviewed by:	rakuco
Approved by:	rakuco (mentor)
Differential Revision:	https://reviews.freebsd.org/D9959
Original commitRevision:436317 
Saturday, 11 Mar 2017
10:28 tcberner search for other commits by this committer
Adress CVE-2017-6410 in devel/kf5-kio and x11/kdelibs4

Using a malicious PAC file, and then using exfiltration methods in the PAC
function FindProxyForURL() enables the attacker to expose full https URLs.

This is a security issue since https URLs may contain sensitive
information in the URL authentication part (user:password@host), and in the
path and the query (e.g. access tokens).

This attack can be carried out remotely (over the LAN) since proxy settings
allow ``Detect Proxy Configuration Automatically''
This setting uses WPAD to retrieve the PAC file, and an attacker who has access
to the victim's LAN can interfere with the WPAD protocols (DHCP/DNS+HTTP)
and inject his/her own malicious PAC instead of the legitimate one.

Reviewed by:	mat, rakuco
Approved by:	rakuco (mentor), mat (mentor)
Obtained from:	https://marc.info/?l=kde-announce&m=148831226706885&w=2
MFH:		2017Q1
Security:	CVE-2017-6410
Differential Revision:	https://reviews.freebsd.org/D9908
Original commitRevision:435896 

Number of commits found: 8