summaryrefslogtreecommitdiff
path: root/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch')
-rw-r--r--kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch26
1 files changed, 26 insertions, 0 deletions
diff --git a/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch b/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch
new file mode 100644
index 000000000000..188eb28f1043
--- /dev/null
+++ b/kde-apps/kio-extras/files/kio-extras-19.12.3-CVE-2020-12755.patch
@@ -0,0 +1,26 @@
+From d813cef3cecdec9af1532a40d677a203ff979145 Mon Sep 17 00:00:00 2001
+From: David Faure <faure@kde.org>
+Date: Sat, 9 May 2020 11:20:48 +0200
+Subject: Only store password in KWallet if the user asked for it
+
+---
+ fish/fish.cpp | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/fish/fish.cpp b/fish/fish.cpp
+index a18ef34..ccd71d3 100644
+--- a/fish/fish.cpp
++++ b/fish/fish.cpp
+@@ -595,7 +595,9 @@ int fishProtocol::establishConnection(const QByteArray &buffer) {
+ infoMessage(i18n("Initiating protocol..."));
+ if (!connectionAuth.password.isEmpty()) {
+ connectionAuth.password = connectionAuth.password.left(connectionAuth.password.length()-1);
+- cacheAuthentication(connectionAuth);
++ if (connectionAuth.keepPassword) {
++ cacheAuthentication(connectionAuth);
++ }
+ }
+ isLoggedIn = true;
+ return 0;
+--
+cgit v1.1
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-02 05:47:35 +0000