diff options
author | Treeve Jelbert | 2020-03-16 12:02:28 +0100 |
---|---|---|
committer | Treeve Jelbert | 2020-03-16 12:02:28 +0100 |
commit | 942744837645086a42ee716165351db7bd364730 (patch) | |
tree | 2bf3e3dbec62f81b69bad3271439fd3263b47bc5 /kde5-graphics/okular | |
parent | df8323c29df2329dda29c3626dc8d8df0d4bfcab (diff) |
okular -SECURITY FIX
Diffstat (limited to 'kde5-graphics/okular')
-rwxr-xr-x | kde5-graphics/okular/DETAILS | 2 | ||||
-rw-r--r-- | kde5-graphics/okular/HISTORY | 5 | ||||
-rwxr-xr-x | kde5-graphics/okular/PRE_BUILD | 5 | ||||
-rw-r--r-- | kde5-graphics/okular/patches/cve.patch | 14 |
4 files changed, 23 insertions, 3 deletions
diff --git a/kde5-graphics/okular/DETAILS b/kde5-graphics/okular/DETAILS index 9ba0a1821b..04a65084f3 100755 --- a/kde5-graphics/okular/DETAILS +++ b/kde5-graphics/okular/DETAILS @@ -9,7 +9,7 @@ SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION WEB_SITE=https://quickgit.kde.org/?p=okular/.git ENTERED=20110301 -# SECURITY_PATCH=1 + SECURITY_PATCH=1 LICENSE[0]=GPL KEYWORDS="kde5" SHORT="document viewer for kde" diff --git a/kde5-graphics/okular/HISTORY b/kde5-graphics/okular/HISTORY index 96d4a94746..4b04e8aca8 100644 --- a/kde5-graphics/okular/HISTORY +++ b/kde5-graphics/okular/HISTORY @@ -1,3 +1,8 @@ +2020-03-16 Treeve Jelbert <treeve@sourcemage.org> + * DETAILS: SECURITY_PATCH++ + * PRE-BUILD: apply patch + * patched/cve: added , fix CVE-2020-9359 + 2020-03-05 Treeve Jelbert <treeve@sourcemage.org> * DETAILS: version 19.12.3 diff --git a/kde5-graphics/okular/PRE_BUILD b/kde5-graphics/okular/PRE_BUILD index 27e7460b01..3e12cdf3d4 100755 --- a/kde5-graphics/okular/PRE_BUILD +++ b/kde5-graphics/okular/PRE_BUILD @@ -1,4 +1,3 @@ - default_pre_build && cd $SOURCE_DIRECTORY && if ! is_depends_enabled $SPELL chmlib; then @@ -6,4 +5,6 @@ if ! is_depends_enabled $SPELL chmlib; then fi && #sed -i 's/MODULE//' generators/spectre/CMakeLists.txt rm -r autotests conf/autotests po -sed -i '/autotests/D;/kdoctools_install/D' CMakeLists.txt +sed -i '/autotests/D;/kdoctools_install/D' CMakeLists.txt && +# fix CVE-2020-9359 +apply_patch_dir patches diff --git a/kde5-graphics/okular/patches/cve.patch b/kde5-graphics/okular/patches/cve.patch new file mode 100644 index 0000000000..49693b18e5 --- /dev/null +++ b/kde5-graphics/okular/patches/cve.patch @@ -0,0 +1,14 @@ +diff --git a/core/document.cpp b/core/document.cpp +index 3215a1abce6292a6cc25c5f8b645232c92d75ec5..0aa5b698019a2660f2d6baabd54cef1e82002b0e 100644 +--- a/core/document.cpp ++++ b/core/document.cpp +@@ -4388,7 +4388,8 @@ void Document::processAction( const Action * action ) + { + const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url); + // KRun autodeletes +- new KRun( realUrl, d->m_widget ); ++ KRun *r = new KRun( realUrl, d->m_widget ); ++ r->setRunExecutables(false); + } + } + } break; |