git » poppler.git » commit 4e88858

fix FS#75713 / CVE-2022-38171

author Andreas Radke
2022-08-29 20:12:41 UTC
committer Andreas Radke
2022-08-29 20:12:41 UTC
parent aabb2b0d7ee4a487e56329344b71fe453eb57ef7
fix FS#75713 / CVE-2022-38171
PKGBUILD +8 -2 
diff --git a/PKGBUILD b/PKGBUILD
index 90154cc..2e347cf 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -4,7 +4,7 @@
 pkgbase=poppler
 pkgname=('poppler' 'poppler-glib' 'poppler-qt5' 'poppler-qt6')
 pkgver=22.08.0
-pkgrel=1
+pkgrel=2
 arch=(x86_64)
 license=('GPL')
 makedepends=('libjpeg' 'gcc-libs' 'cairo' 'fontconfig' 'openjpeg2' 'gtk3' 'pkgconfig' 'lcms2' 
@@ -14,14 +14,20 @@ options=('!emptydirs' 'debug')
 url="https://poppler.freedesktop.org/"
 # https://gitlab.freedesktop.org/poppler/poppler
 source=(https://poppler.freedesktop.org/${pkgbase}-${pkgver}.tar.xz{,.sig}
-        test::git+https://anongit.freedesktop.org/git/poppler/test/#commit=920c89f8f43bdfe8966c8e397e7f67f5302e9435)
+        test::git+https://anongit.freedesktop.org/git/poppler/test/#commit=920c89f8f43bdfe8966c8e397e7f67f5302e9435
+        JBIG2Stream_Fix_crash_on_broken_file.patch::https://gitlab.freedesktop.org/poppler/poppler/-/commit/27354e9d96.patch
+)
 sha256sums=('b493328721402f25cb7523f9cdc2f7d7c59f45ad999bde75c63c90604db0f20b'
+            'SKIP'
             'SKIP'
             'SKIP')
 validpgpkeys=('CA262C6C83DE4D2FB28A332A3A6A4DB839EAA6D7') # "Albert Astals Cid <aacid@kde.org>"
 
 prepare() {
   mkdir build
+ cd ${pkgname}-${pkgver}
+ # FS#75713 / CVE-2022-38171
+ patch -Np1 -i  ../JBIG2Stream_Fix_crash_on_broken_file.patch
 }
 
 build() {