summaryrefslogtreecommitdiffstats
path: root/kde/patch/kdelibs/kdelibs.kssl.CVE-2011-3365.patch
blob: b44b865e2d481e4c5a6b4ddc17487cdecaba28f7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
commit bd70d4e589711fda9ab07738c46e37eee8376214
Author: David Faure <faure@kde.org>
Date:   Thu Jun 30 23:43:45 2011 +0200

    Security fix: don't interpret html tags
    
    Credits to Tim Brown for the find.

diff --git a/kio/kssl/ksslcertificatebox.cpp b/kio/kssl/ksslcertificatebox.cpp
index 4ffc613..094787a 100644
--- a/kio/kssl/ksslcertificatebox.cpp
+++ b/kio/kssl/ksslcertificatebox.cpp
@@ -36,6 +36,10 @@ KSslCertificateBox::KSslCertificateBox(QWidget *parent)
    d(new KSslCertificateBoxPrivate())
 {
     d->ui.setupUi(this);
+    // No fooling us with html tags
+    Q_FOREACH(QLabel* label, qFindChildren<QLabel *>(this)) {
+        label->setTextFormat(Qt::PlainText);
+    }
 }