aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-04-28 06:07:10 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-04-28 06:07:10 -0600
commitae653326007249c125b21d4f3bd2361efe3271cc (patch)
treeb62326c6ea67fa90c145eeeaab2f42fc39c22713
parent9fd952949666234007cd84d912da0bb25350864d (diff)
community/discover: add mitigation for CVE-2021-28117
-rw-r--r--community/discover/APKBUILD12
1 files changed, 9 insertions, 3 deletions
diff --git a/community/discover/APKBUILD b/community/discover/APKBUILD
index 69344647faa..d81d06e7659 100644
--- a/community/discover/APKBUILD
+++ b/community/discover/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Bart Ribbers <bribbers@disroot.org>
pkgname=discover
pkgver=5.20.5
-pkgrel=0
+pkgrel=1
# armhf blocked by qt5-qtdeclarative
# s390x blocked by flatpak
arch="all !armhf !s390x !mips64"
@@ -12,9 +12,14 @@ license="LGPL-2.0-or-later AND (GPL-2.0-only OR GPL-3.0-only) AND GFDL-1.2-only"
depends="kirigami2"
makedepends="extra-cmake-modules qt5-qtbase-dev qt5-qtdeclarative-dev kcoreaddons-dev kconfig-dev kcrash-dev kdbusaddons-dev ki18n-dev karchive-dev kxmlgui-dev kitemmodels-dev kio-dev kdeclarative-dev attica-dev knewstuff-dev plasma-framework-dev appstream-dev flatpak-dev"
checkdepends="xvfb-run"
-source="https://download.kde.org/stable/plasma/$pkgver/discover-$pkgver.tar.xz"
+source="https://download.kde.org/stable/plasma/$pkgver/discover-$pkgver.tar.xz
+ CVE-2021-28117.patch::https://invent.kde.org/plasma/discover/commit/fcd3b30552bf03a384b1a16f9bb8db029c111356.patch"
subpackages="$pkgname-lang $pkgname-backend-flatpak:backend_flatpak"
+# secfixes:
+# 5.20.5-r1:
+# - CVE-2021-28117
+
case "$CARCH" in
x86|x86_64)
makedepends="$makedepends fwupd-dev"
@@ -81,4 +86,5 @@ backend_fwupd() {
"$subpkgdir"/usr/lib/qt5/plugins/discover/
}
-sha512sums="e33f1027a09c8c7733c0b9da81ee82f0c90237c736435ad93cfdb127d79e0ddee0d4d8214774032c81a4078613d278688f0fddbf287aa03a5192cfcdb1eeffa7 discover-5.20.5.tar.xz"
+sha512sums="e33f1027a09c8c7733c0b9da81ee82f0c90237c736435ad93cfdb127d79e0ddee0d4d8214774032c81a4078613d278688f0fddbf287aa03a5192cfcdb1eeffa7 discover-5.20.5.tar.xz
+187e7082bea4897de80886b172185aac581ef72b90ea465952f9d9f574febaca8b9dd26c8c26dcee646dbc1004764df2d94d99bc2b864eedc8431887df51b295 CVE-2021-28117.patch"