Version in base suite: 5.78.0-4

Base version: knewstuff_5.78.0-4
Target version: knewstuff_5.78.0-4+deb11u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/k/knewstuff/knewstuff_5.78.0-4.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/k/knewstuff/knewstuff_5.78.0-4+deb11u1.dsc

 changelog                   |    8 ++++++++
 patches/knewstuff_dns.patch |   28 ++++++++++++++++++++++++++++
 patches/series              |    1 +
 3 files changed, 37 insertions(+)

diff -Nru knewstuff-5.78.0/debian/changelog knewstuff-5.78.0/debian/changelog
--- knewstuff-5.78.0/debian/changelog	2021-02-24 22:04:55.000000000 +0000
+++ knewstuff-5.78.0/debian/changelog	2022-02-22 21:02:10.000000000 +0000
@@ -1,3 +1,11 @@
+knewstuff (5.78.0-4+deb11u1) bullseye; urgency=medium
+
+  * Team upload.
+  * Cherry-pick commit to fix the Denial of Service bug in Discover
+    (Closes: #1006126).
+
+ -- Patrick Franz <deltaone@debian.org>  Tue, 22 Feb 2022 22:02:10 +0100
+
 knewstuff (5.78.0-4) unstable; urgency=medium
 
   * Team upload.
diff -Nru knewstuff-5.78.0/debian/patches/knewstuff_dns.patch knewstuff-5.78.0/debian/patches/knewstuff_dns.patch
--- knewstuff-5.78.0/debian/patches/knewstuff_dns.patch	1970-01-01 00:00:00.000000000 +0000
+++ knewstuff-5.78.0/debian/patches/knewstuff_dns.patch	2022-02-22 21:02:10.000000000 +0000
@@ -0,0 +1,28 @@
+From abaa25340b96307fcc7e586ed00bfde67500b57d Mon Sep 17 00:00:00 2001
+From: Aleix Pol <aleixpol@kde.org>
+Date: Tue, 8 Feb 2022 11:48:11 +0100
+Subject: [PATCH] Engine: Ensure we are not using the wrong ProvidersUrl
+
+---
+ src/core/engine.cpp | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/core/engine.cpp b/src/core/engine.cpp
+index c5894747..30fdf2bb 100644
+--- a/src/core/engine.cpp
++++ b/src/core/engine.cpp
+@@ -237,7 +237,10 @@ bool Engine::init(const QString &configfile)
+ 
+     qCDebug(KNEWSTUFFCORE) << "Categories: " << m_categories;
+     m_providerFileUrl = group.readEntry("ProvidersUrl");
+-
++    if (m_providerFileUrl == QLatin1String("https://download.kde.org/ocs/providers.xml")) {
++        m_providerFileUrl = QStringLiteral("https://autoconfig.kde.org/ocs/providers.xml");
++        qCWarning(KNEWSTUFFCORE) << "Please make sure" << configfile << "has ProvidersUrl=https://autoconfig.kde.org/ocs/providers.xml";
++    }
+     d->tagFilter = group.readEntry("TagFilter", QStringList(QStringLiteral("ghns_excluded!=1")));
+     d->downloadTagFilter = group.readEntry("DownloadTagFilter", QStringList());
+ 
+-- 
+GitLab
+
diff -Nru knewstuff-5.78.0/debian/patches/series knewstuff-5.78.0/debian/patches/series
--- knewstuff-5.78.0/debian/patches/series	2021-02-24 10:36:14.000000000 +0000
+++ knewstuff-5.78.0/debian/patches/series	2022-02-22 21:02:10.000000000 +0000
@@ -1 +1,2 @@
 upstream-a3050ecf-qtquickengine-check-knscore-engine-is-valid-before-search.patch
+knewstuff_dns.patch