summaryrefslogtreecommitdiff
path: root/user/okular/CVE-2020-9359.patch
diff options
context:
space:
mode:
authorMax Rees <maxcrees@me.com>2020-03-19 22:23:52 -0500
committerMax Rees <maxcrees@me.com>2020-03-19 22:23:52 -0500
commitd17942503235bc65e4152f1400579e9d7bc70831 (patch)
tree91e6163978d64655686b628b61a55fea2a7e093d /user/okular/CVE-2020-9359.patch
parentcebbcb3bb912c38634f4f064f68ab26dd75f0343 (diff)
downloadpackages-d17942503235bc65e4152f1400579e9d7bc70831.tar.gz
packages-d17942503235bc65e4152f1400579e9d7bc70831.tar.bz2
packages-d17942503235bc65e4152f1400579e9d7bc70831.tar.xz
packages-d17942503235bc65e4152f1400579e9d7bc70831.zip
user/okular: patch CVE-2020-9359
Diffstat (limited to 'user/okular/CVE-2020-9359.patch')
-rw-r--r--user/okular/CVE-2020-9359.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/user/okular/CVE-2020-9359.patch b/user/okular/CVE-2020-9359.patch
new file mode 100644
index 000000000..34ff3e2ce
--- /dev/null
+++ b/user/okular/CVE-2020-9359.patch
@@ -0,0 +1,27 @@
+From 6a93a033b4f9248b3cd4d04689b8391df754e244 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Tue, 10 Mar 2020 23:07:24 +0100
+Subject: [PATCH] Document::processAction: If the url points to a binary, don't
+ run it
+
+---
+ core/document.cpp | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/core/document.cpp b/core/document.cpp
+index 3215a1abc..0aa5b6980 100644
+--- a/core/document.cpp
++++ b/core/document.cpp
+@@ -4388,7 +4388,8 @@ void Document::processAction( const Action * action )
+ {
+ const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url);
+ // KRun autodeletes
+- new KRun( realUrl, d->m_widget );
++ KRun *r = new KRun( realUrl, d->m_widget );
++ r->setRunExecutables(false);
+ }
+ }
+ } break;
+--
+2.25.2
+