diff options
author | markd <markd@pkgsrc.org> | 2020-03-29 20:43:52 +0000 |
---|---|---|
committer | markd <markd@pkgsrc.org> | 2020-03-29 20:43:52 +0000 |
commit | 77a3e9876d4e738afbf8a162171819dfb8ceb358 (patch) | |
tree | 76055c336a7ee2d570055b49d8bc918fe32d53a7 /print | |
parent | b50604be7c547c8222ede42a6d8c9ba1be27e17c (diff) | |
download | pkgsrc-77a3e9876d4e738afbf8a162171819dfb8ceb358.tar.gz |
okular: fix https://nvd.nist.gov/vuln/detail/CVE-2020-9359
Diffstat (limited to 'print')
-rw-r--r-- | print/okular/Makefile | 4 | ||||
-rw-r--r-- | print/okular/distinfo | 3 | ||||
-rw-r--r-- | print/okular/patches/patch-core_document.cpp | 17 |
3 files changed, 21 insertions, 3 deletions
diff --git a/print/okular/Makefile b/print/okular/Makefile index c5eb2edee8f..61c6800c3d9 100644 --- a/print/okular/Makefile +++ b/print/okular/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.93 2020/03/10 22:10:52 wiz Exp $ +# $NetBSD: Makefile,v 1.94 2020/03/29 20:43:52 markd Exp $ DISTNAME= okular-${KAPPSVER} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= print HOMEPAGE= https://kde.org/applications/graphics/okular/ diff --git a/print/okular/distinfo b/print/okular/distinfo index b006e9d947a..451bef9dabb 100644 --- a/print/okular/distinfo +++ b/print/okular/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.15 2020/02/02 03:02:05 markd Exp $ +$NetBSD: distinfo,v 1.16 2020/03/29 20:43:52 markd Exp $ SHA1 (okular-19.12.1.tar.xz) = 915f2886079aa5adac5b3505fc8e10589d0b7e18 RMD160 (okular-19.12.1.tar.xz) = 24fc29a4a1f0ea795dc8923b5b5b63e1d59d930b SHA512 (okular-19.12.1.tar.xz) = 6da6f870cd7e3060ca108c630e082fe20e7ecb702ffe7da2892450ca8401d25cd135d1039e883303000ad46b1d98c9bd6707c5eae54e03a225fcdf3f706465ec Size (okular-19.12.1.tar.xz) = 7203952 bytes +SHA1 (patch-core_document.cpp) = f2849a3e73a141eed38f110fb5edb0bdcc1db7a1 diff --git a/print/okular/patches/patch-core_document.cpp b/print/okular/patches/patch-core_document.cpp new file mode 100644 index 00000000000..494a419eb46 --- /dev/null +++ b/print/okular/patches/patch-core_document.cpp @@ -0,0 +1,17 @@ +$NetBSD: patch-core_document.cpp,v 1.1 2020/03/29 20:43:53 markd Exp $ + +https://nvd.nist.gov/vuln/detail/CVE-2020-9359 +https://kde.org/info/security/advisory-20200312-1.txt + +--- core/document.cpp.orig 2020-01-06 13:55:05.000000000 +0000 ++++ core/document.cpp +@@ -4352,7 +4352,8 @@ void Document::processAction( const Acti + { + const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url); + // KRun autodeletes +- new KRun( realUrl, d->m_widget ); ++ KRun *r = new KRun( realUrl, d->m_widget ); ++ r->setRunExecutables(false); + } + } + } break; |