Martin Wilke 5cc7f243b6 Secuirty Update: ... Ark input sanitization errors: The KDE archiving tool, Ark, performs insufficient validation which leads to specially crafted archive files, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites. IO Slaves input sanitization errors: KDE protocol handlers perform insufficient input validation, an attacker can craft malicious URI that would trigger JavaScript execution. Additionally the 'help://' protocol handler suffer from directory traversal. It should be noted that the scope of this issue is limited as the malicious URIs cannot be embedded in Internet hosted content. KMail input sanitization errors: The KDE mail client, KMail, performs insufficient validation which leads to specially crafted email attachments, using unknown MIME types, to be rendered using a KHTML instance, this can trigger uncontrolled XMLHTTPRequests to remote sites. Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> (based on) Approved by: secteam (myself), portmgr Security: http://www.vuxml.org/freebsd/6f358f5a-c7ea-11de-a9f3-0030843d3802.html		2009-11-03 09:45:47 +00:00
..
files	Secuirty Update:	2009-11-03 09:45:47 +00:00
distinfo	The FreeBSD KDE is please to announce the release of KDE 4.3.1,	2009-09-01 22:19:47 +00:00
Makefile	Secuirty Update:	2009-11-03 09:45:47 +00:00
pkg-descr	The KDE FreeBSD team is proud to announce the release of KDE 4.1.0	2008-08-09 16:52:28 +00:00
pkg-plist	The KDE FreeBSD team is proud to announce the release of KDE 4.3.0	2009-08-04 21:14:07 +00:00