diff options
| author |   Eric Hameleers <alien@slackware.com> | 2015-01-09 00:06:49 +0100 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2015-01-09 00:06:49 +0100 |
| commit | da1be5a21ba06235b67a999f696ec66e35dc17a1 (patch) | |
| tree | 6df637d821a6ac0ad65f8caaf967ea2a6956a862 /kde/patch/kdeplasma-addons | |
| parent | b1b35d20ce6b70330b23a9d056dcb44b58795bd6 (diff) | |
| download | ktown-da1be5a21ba06235b67a999f696ec66e35dc17a1.tar.gz ktown-da1be5a21ba06235b67a999f696ec66e35dc17a1.tar.xz | |
Prepare for new KDE 5: Frameworks 5.6.0, Plasma 5.1.2, Applications 14.12.0.
KDE 5_1501
==========
This is going to be KDE 5 for Slackware-current, composed of Frameworks 5.6.0,
Plasma 5.1.2 and Applications 14.12.0.
Note that there is still a lot of KDE 4 stuff in here, which is necessary to
support all the Applications that have not yet been ported to KDE Frameworks 5.
The Applications 15.04 (march 2015) release should offer a lot more KF5 ports.
Preliminary build procedure (not verified 100% yet):
----------------------------------------------------
- (crude) get rid of Slackware's KDE: removepkg /var/log/packages/*-4.10.5-*
- build all the deps using "updates.SlackBuild" script in the "deps/" directory
- note that extra-cmake-modules is required here as well as when building the
frameworks, so I just copied it from frameworks to deps.
- logoff/login to activate Qt5 profile script.
- removepkg akonadi-qt5 or else kdepimlibs-4.14.3 picks up Qt5 dependencies and
its compilation will fail as a result
- build all the KDE 4 stuff in the "kde/" directory, using "./KDE.SlackBuild kde
libs kdebase:nepomuk-core kdepimlibs kdebase kdebindings kdebase:kde-workspace k
depim extragear"
- installpkg akonadi-qt5
- build the remaining KDE 5 stuff in the "kde/" directory, using "./KDE.SlackBui
ld frameworks plasma plasma-extra polkit-kde applications"
- build kdei
==============================================================================
Eric Hameleers / alien at slackware dot com / 09-jan-2015
Diffstat (limited to 'kde/patch/kdeplasma-addons')
| -rw-r--r-- | kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch | 76 | ||||
| -rw-r--r-- | kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch.gz | bin | 945 -> 0 bytes |
2 files changed, 76 insertions, 0 deletions
diff --git a/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch b/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch new file mode 100644 index 0000000..7a394a5 --- /dev/null +++ b/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch @@ -0,0 +1,76 @@ +From: Aaron Seigo <aseigo@kde.org> +Date: Mon, 03 Jun 2013 17:16:32 +0000 +Subject: use KRandom, avoid modulo bias +X-Git-Url: http://quickgit.kde.org/?p=kdeplasma-addons.git&a=commitdiff&h=36a1fe49cb70f717c4a6e9eeee2c9186503a8dce +--- +use KRandom, avoid modulo bias +--- + + +--- a/applets/paste/pastemacroexpander.cpp ++++ b/applets/paste/pastemacroexpander.cpp +@@ -27,6 +27,7 @@ + #include <KDebug> + #include <KLocale> + #include <KMessageBox> ++#include <KRandom> + + class PasteMacroExpanderSingleton + { +@@ -142,35 +143,49 @@ + << "01234567890" + << "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"; + +- int charCount; ++ int charCount = 8; + QString chars; + QString result; + + if (a.count() > 0) { +- charCount = qMax(a[0].trimmed().toInt(), 1); +- } else { +- charCount = 8; ++ charCount = qMax(a[0].trimmed().toInt(), 8); + } ++ + if (a.count() < 2) { + chars = characterSets.join(""); + } ++ + if (a.count() > 1) { + chars += (a[1].trimmed() == "true") ? characterSets[0] : ""; + } ++ + if (a.count() > 2) { + chars += (a[2].trimmed() == "true") ? characterSets[1] : ""; + } ++ + if (a.count() > 3) { + chars += (a[3].trimmed() == "true") ? characterSets[2] : ""; + } ++ + if (a.count() > 4) { + chars += (a[4].trimmed() == "true") ? characterSets[3] : ""; + } + +- QDateTime now = QDateTime::currentDateTime(); +- qsrand(now.toTime_t() / now.time().msec()); ++ const int setSize = chars.count(); ++ const int top = (RAND_MAX / setSize) * setSize; ++ kDebug() << "topping out at " << setSize << RAND_MAX << top; + for (int i = 0; i < charCount; ++i) { +- result += chars[qrand() % chars.count()]; ++ // to prevent modulo bias, discard random numbers at the ++ // 'top end' of INT_MAX ++ int rand = -1; ++ do { ++ if (rand > 0) { ++ kDebug() << "Ha!" << rand; ++ } ++ rand = KRandom::random(); ++ } while (rand >= top); ++ ++ result += chars[rand % setSize]; + } + //kDebug() << result; + return result; diff --git a/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch.gz b/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch.gz Binary files differdeleted file mode 100644 index a6f723a..0000000 --- a/kde/patch/kdeplasma-addons/random_generator_cve-2013-2120.patch.gz +++ /dev/null |