(In reply to comment #9) > While working on a fix for the Fedora kdelibs3 compatibility package, I > noticed that your fix for 4.10 is NOT complete: There are at least 2 > instances where url() (rather than prettyUrl()) is still used in error > messages!
Wow, thanks a lot for that. > https://projects.kde.org/projects/kde/kdelibs/repository/entry/kioslave/http/ > http.cpp?rev=KDE%2F4.10#L1582 > This one looks particularly weird: Only if the URL is NOT null, it gets > replaced with the default??? I think that url can be null is _url cannot be converted, so it looks legitimate. However you're right, prettyUrl() should indeed be used. > https://projects.kde.org/projects/kde/kdelibs/repository/entry/kioslave/http/ > http.cpp?rev=KDE%2F4.10#L3467 > And this one shouldn't need any explanation of why it's bad. Indeed. Thanks a lot for you help, I'll fix those. Cheers, Grégory -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1178286 Title: Security advisory from KDE upstream To manage notifications about this bug go to: https://bugs.launchpad.net/kdelibs/+bug/1178286/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
