K 10
svn:author
V 8
tcberner
K 8
svn:date
V 27
2016-08-30T18:10:34.322978Z
K 7
svn:log
V 677
MFH: r420994

Add upstream patch for a security issue in karchive:
        Directory traversal vulnerability in KArchive before 5.24, as
        used in KDE Frameworks, allows remote attackers to write to
        arbitrary files via a ../ (dot dot slash) in a filename in an
        archive file, related to KNewsstuff downloads.

Review the patch is from: https://git.reviewboard.kde.org/r/128749/
Original KF5 review: https://git.reviewboard.kde.org/r/128185/
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6232

Approved by: rakuco (mentor)
Security: 4472ab39-6c66-11e6-9ca5-50e549ebab6c, CVE-2016-6232

Approved by:	ports-secteam (junovitch), rakuco (mentor)

END