Ubuntu
meld package

html not escaped in search

Bug #203033 reported by Daniel Brumbaugh-Keeney on 2008-03-17

	Status	Importance	Assigned to
meld	Fix Released	Medium	gnome-bugs #522865
meld (Debian)	Fix Released	Undecided	Unassigned
meld (Ubuntu)	Fix Released	Medium	Daniel Hahler

Bug Description

Binary package hint: meld

html is not properly escaped in the find dialog, causing it not to correctly report the results of a failed search. If the search term is valid html, it will be rendered, if not, the search query will be wrapped with additional html display tags.

The bug can be reproduced by searching any document for an ampersand '&gibberish' or <span size="smaller">a</span><span size="larger">b</span>

Meld 1.1.5.1
Gnome 2.20.1
Ubuntu 7.10 Gutsy Gibbon
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b2) Gecko/2007121016 Firefox/3.0b2

Related branches

lp:ubuntu/karmic/meld

Revision history for this message

Daniel Brumbaugh-Keeney (db-keen) wrote on 2008-03-17:

duplicate of http://bugzilla.gnome.org/show_bug.cgi?id=522865

Bug Watch Updater (bug-watch-updater) on 2008-04-28

Changed in meld:
status:	Unknown → New

Revision history for this message

Adam Collard (adam-collard) wrote on 2008-05-26:

Confirmed in hardy (1.1.5.1-2ubuntu1)

Changed in meld:
status:	New → Confirmed

Bug Watch Updater (bug-watch-updater) on 2008-07-23

Changed in meld:
status:	New → Fix Released

Revision history for this message

Thorsten Sick (modern-ronin) wrote on 2008-09-24:

meld.debdiff Edit (1.5 KiB, text/plain)

This is the patch from the gnome bugtracker, as debdiff.

Revision history for this message

Daniel Hahler (blueyed) wrote on 2008-09-29:

Thank you for the bug report and fix.
I've verified that it fixes this bug and will sponsor the upload.

Please note that I've changed debian/changelog (should not contain lines longer than 75-80 chars and added info about the upstream fix, so that it makes the next merge easier).
Also, I've forwarded the bug and patch to Debian, which I'll link here later.

Changed in meld:
assignee:	nobody → blueyed
importance:	Undecided → Medium
status:	Confirmed → In Progress

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-09-29:

This bug was fixed in the package meld - 1.1.5.1-2ubuntu2

---------------
meld (1.1.5.1-2ubuntu2) intrepid; urgency=low

  * debian/patches/html_patch_by_kai_willadsen.patch:
    add patch by Kai Willadsen to escape html in search. (LP: #203033)
    Fixed upstream in version 1.2.

-- Thorsten Sick <email address hidden> Wed, 24 Sep 2008 16:55:51 +0200

Changed in meld:
status:	In Progress → Fix Released

Bug Watch Updater (bug-watch-updater) on 2008-09-29

Changed in meld:
status:	Unknown → New

Revision history for this message

Adam Collard (adam-collard) wrote on 2009-04-17:

Sorry about the spam, LP failed to import the Debian bug.

Manually setting to Fix Released

Changed in meld (Debian):
importance:	Unknown → Undecided
status:	New → Fix Released
importance:	Undecided → Unknown
status:	Fix Released → Unknown
importance:	Unknown → Undecided
status:	Unknown → New
status:	New → Fix Released