[arch-commits] Commit in kwallet-pam/trunk (PKGBUILD)
Antonio Rojas
arojas at archlinux.org
Thu May 3 10:30:29 UTC 2018
Date: Thursday, May 3, 2018 @ 10:30:28
Author: arojas
Revision: 323352
Fix CVE-2018-10380
Modified:
kwallet-pam/trunk/PKGBUILD
----------+
PKGBUILD | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-05-03 09:33:10 UTC (rev 323351)
+++ PKGBUILD 2018-05-03 10:30:28 UTC (rev 323352)
@@ -3,7 +3,7 @@
pkgname=kwallet-pam
pkgver=5.12.5
-pkgrel=1
+pkgrel=2
pkgdesc='KWallet PAM integration'
arch=(x86_64)
url='https://www.kde.org/workspaces/plasmadesktop/'
@@ -11,9 +11,13 @@
depends=(pam libgcrypt socat)
makedepends=(extra-cmake-modules qt5-base)
groups=(plasma)
-source=("https://download.kde.org/stable/plasma/$pkgver/$pkgname-$pkgver.tar.xz"{,.sig})
+source=("https://download.kde.org/stable/plasma/$pkgver/$pkgname-$pkgver.tar.xz"{,.sig}
+ CVE-2018-10380-1.patch::"https://cgit.kde.org/kwallet-pam.git/patch/?id=2134dec8"
+ CVE-2018-10380-2.patch::"https://cgit.kde.org/kwallet-pam.git/patch/?id=01d4143f")
sha256sums=('6374132fe2d142c9eb999e90c636b973fe9715335de3cfa86f0b5f4258d5eba2'
- 'SKIP')
+ 'SKIP'
+ 'bc509c7d04aa21c35caac263720967dd098af47e6d282e437f1b69de38f42d66'
+ 'b3c8500c7951b4a919875907abcefe817d8d613e31a2eb4ccf63b0038a4f5b62')
validpgpkeys=('2D1D5B0588357787DE9EE225EC94D18F7F05997E' # Jonathan Riddell
'0AAC775BB6437A8D9AF7A3ACFE0784117FBCE11D' # Bhushan Shah <bshah at kde.org>
'D07BD8662C56CB291B316EB2F5675605C74E02CF' # David Edmundson
@@ -21,6 +25,11 @@
prepare() {
mkdir -p build{,4}
+
+ cd $pkgname-$pkgver
+# https://www.kde.org/info/security/advisory-20180503-1.txt
+ patch -p1 -i ../CVE-2018-10380-1.patch
+ patch -p1 -i ../CVE-2018-10380-2.patch
}
build() {
More information about the arch-commits
mailing list