Accepting request 839167 from home:luca_b:branches:KDE:Applications

- Add upstream patches to fix security issues in kdeconnect (CVE-2020-26164, boo#1176268): * 0001-Do-not-leak-the-local-user-in-the-device-name.patch * 0002-Fix-use-after-free-in-LanLinkProvider-connectError.patch * 0003-Limit-identity-packets-to-8KiB.patch * 0004-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch * 0005-Don-t-brute-force-reading-the-socket.patch * 0006-Limit-number-of-connected-sockets-from-unpaired-devi.patch * 0007-Do-not-remember-more-than-a-few-identity-packets-at-.patch * 0008-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch * 0009-Do-not-replace-connections-for-a-given-deviceId-if-t.patch OBS-URL: https://build.opensuse.org/request/show/839167 OBS-URL: https://build.opensuse.org/package/show/KDE:Applications/kdeconnect-kde?expand=0&rev=17
2020-10-02 15:15:53 +00:00
parent 62727dd906
commit 41d68c2fd4
11 changed files with 455 additions and 1 deletions
--- a/kdeconnect-kde.changes
+++ b/kdeconnect-kde.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Fri Oct  2 13:43:04 UTC 2020 - Luca Beltrame <lbeltrame@kde.org>
+
+- Add upstream patches to fix security issues in kdeconnect
+  (CVE-2020-26164, boo#1176268):
+  * 0001-Do-not-leak-the-local-user-in-the-device-name.patch
+  * 0002-Fix-use-after-free-in-LanLinkProvider-connectError.patch
+  * 0003-Limit-identity-packets-to-8KiB.patch
+  * 0004-Do-not-let-lanlink-connections-stay-open-for-long-wi.patch
+  * 0005-Don-t-brute-force-reading-the-socket.patch
+  * 0006-Limit-number-of-connected-sockets-from-unpaired-devi.patch
+  * 0007-Do-not-remember-more-than-a-few-identity-packets-at-.patch
+  * 0008-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch
+  * 0009-Do-not-replace-connections-for-a-given-deviceId-if-t.patch
+
 -------------------------------------------------------------------
 Tue Sep  1 20:49:36 UTC 2020 - Luca Beltrame <lbeltrame@kde.org>