summaryrefslogtreecommitdiffstats
path: root/kde5-graphics/okular
diff options
context:
space:
mode:
authorTreeve Jelbert2020-03-16 12:02:28 +0100
committerTreeve Jelbert2020-03-16 12:02:28 +0100
commit942744837645086a42ee716165351db7bd364730 (patch)
tree2bf3e3dbec62f81b69bad3271439fd3263b47bc5 /kde5-graphics/okular
parentdf8323c29df2329dda29c3626dc8d8df0d4bfcab (diff)
okular -SECURITY FIX
Diffstat (limited to 'kde5-graphics/okular')
-rwxr-xr-xkde5-graphics/okular/DETAILS2
-rw-r--r--kde5-graphics/okular/HISTORY5
-rwxr-xr-xkde5-graphics/okular/PRE_BUILD5
-rw-r--r--kde5-graphics/okular/patches/cve.patch14
4 files changed, 23 insertions, 3 deletions
diff --git a/kde5-graphics/okular/DETAILS b/kde5-graphics/okular/DETAILS
index 9ba0a1821b..04a65084f3 100755
--- a/kde5-graphics/okular/DETAILS
+++ b/kde5-graphics/okular/DETAILS
@@ -9,7 +9,7 @@
SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION
WEB_SITE=https://quickgit.kde.org/?p=okular/.git
ENTERED=20110301
-# SECURITY_PATCH=1
+ SECURITY_PATCH=1
LICENSE[0]=GPL
KEYWORDS="kde5"
SHORT="document viewer for kde"
diff --git a/kde5-graphics/okular/HISTORY b/kde5-graphics/okular/HISTORY
index 96d4a94746..4b04e8aca8 100644
--- a/kde5-graphics/okular/HISTORY
+++ b/kde5-graphics/okular/HISTORY
@@ -1,3 +1,8 @@
+2020-03-16 Treeve Jelbert <treeve@sourcemage.org>
+ * DETAILS: SECURITY_PATCH++
+ * PRE-BUILD: apply patch
+ * patched/cve: added , fix CVE-2020-9359
+
2020-03-05 Treeve Jelbert <treeve@sourcemage.org>
* DETAILS: version 19.12.3
diff --git a/kde5-graphics/okular/PRE_BUILD b/kde5-graphics/okular/PRE_BUILD
index 27e7460b01..3e12cdf3d4 100755
--- a/kde5-graphics/okular/PRE_BUILD
+++ b/kde5-graphics/okular/PRE_BUILD
@@ -1,4 +1,3 @@
-
default_pre_build &&
cd $SOURCE_DIRECTORY &&
if ! is_depends_enabled $SPELL chmlib; then
@@ -6,4 +5,6 @@ if ! is_depends_enabled $SPELL chmlib; then
fi &&
#sed -i 's/MODULE//' generators/spectre/CMakeLists.txt
rm -r autotests conf/autotests po
-sed -i '/autotests/D;/kdoctools_install/D' CMakeLists.txt
+sed -i '/autotests/D;/kdoctools_install/D' CMakeLists.txt &&
+# fix CVE-2020-9359
+apply_patch_dir patches
diff --git a/kde5-graphics/okular/patches/cve.patch b/kde5-graphics/okular/patches/cve.patch
new file mode 100644
index 0000000000..49693b18e5
--- /dev/null
+++ b/kde5-graphics/okular/patches/cve.patch
@@ -0,0 +1,14 @@
+diff --git a/core/document.cpp b/core/document.cpp
+index 3215a1abce6292a6cc25c5f8b645232c92d75ec5..0aa5b698019a2660f2d6baabd54cef1e82002b0e 100644
+--- a/core/document.cpp
++++ b/core/document.cpp
+@@ -4388,7 +4388,8 @@ void Document::processAction( const Action * action )
+ {
+ const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url);
+ // KRun autodeletes
+- new KRun( realUrl, d->m_widget );
++ KRun *r = new KRun( realUrl, d->m_widget );
++ r->setRunExecutables(false);
+ }
+ }
+ } break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 02:28:10 +0000