git » ktexteditor.git » commit bfd3a1e

Backport fix for CVE-2018-10361

author Antonio Rojas
2018-06-09 19:04:06 UTC
committer Antonio Rojas
2018-06-09 19:04:06 UTC
parent f48d65bce62a2d8acf2780bfdab51a50d9feff28
Backport fix for CVE-2018-10361
PKGBUILD +8 -3 
diff --git a/PKGBUILD b/PKGBUILD
index fd2b3d0..d5970b1 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,7 +4,7 @@
 
 pkgname=ktexteditor
 pkgver=5.47.0
-pkgrel=1
+pkgrel=2
 pkgdesc='Advanced embeddable text editor'
 arch=(x86_64)
 url='https://community.kde.org/Frameworks'
@@ -12,13 +12,18 @@ license=(LGPL)
 depends=(kparts syntax-highlighting libgit2 editorconfig-core-c qt5-declarative)
 makedepends=(extra-cmake-modules doxygen qt5-tools)
 groups=(kf5)
-source=("https://download.kde.org/stable/frameworks/${pkgver%.*}/$pkgname-$pkgver.tar.xz"{,.sig})
+source=("https://download.kde.org/stable/frameworks/${pkgver%.*}/$pkgname-$pkgver.tar.xz"{,.sig}
+        CVE-2018-10361.patch::"https://cgit.kde.org/ktexteditor.git/patch/?id=c81af5aa")
 sha256sums=('6b4ae2ea3c00dd2d7dc4c53f7760c750f8fee8aece4bcbc938064cadd34c08cc'
-            'SKIP')
+            'SKIP'
+            '3cb3da73c1f5bd7adb943f5da356d73dbc26f2ff8ef0146a1520561468593938')
 validpgpkeys=(53E6B47B45CEA3E0D5B7457758D0EE648A48B3BB) # David Faure <faure@kde.org>
 
 prepare() {
   mkdir -p build
+
+  cd $pkgname-$pkgver
+  patch -p1 -i ../CVE-2018-10361.patch # Security fix
 }
 
 build() {