[arch-commits] Commit in qt5-svg/trunk (PKGBUILD)

[Antonio Rojas]

    Date: Friday, April 2, 2021 @ 18:02:01
  Author: arojas
Revision: 411418

Fix CVE-2021-3481 (FS#70262)

Modified:
  qt5-svg/trunk/PKGBUILD

----------+
 PKGBUILD |   12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2021-04-02 16:18:47 UTC (rev 411417)
+++ PKGBUILD	2021-04-02 18:02:01 UTC (rev 411418)
@@ -4,7 +4,7 @@
 pkgname=qt5-svg
 _qtver=5.15.2
 pkgver=${_qtver/-/}
-pkgrel=1
+pkgrel=2
 arch=('x86_64')
 url='https://www.qt.io'
 license=('GPL3' 'LGPL3' 'FDL' 'custom')
@@ -12,11 +12,17 @@
 depends=('qt5-base')
 groups=('qt' 'qt5')
 _pkgfqn="${pkgname/5-/}-everywhere-src-${_qtver}"
-source=("https://download.qt.io/official_releases/qt/${pkgver%.*}/${_qtver}/submodules/${_pkgfqn}.tar.xz")
-sha256sums=('8bc3c2c1bc2671e9c67d4205589a8309b57903721ad14c60ea21a5d06acb585e')
+source=("https://download.qt.io/official_releases/qt/${pkgver%.*}/${_qtver}/submodules/${_pkgfqn}.tar.xz"
+         CVE-2021-3481a.patch::https://code.qt.io/cgit/qt/qtsvg.git/patch/?id=aceea78c
+         CVE-2021-3481b.patch::https://code.qt.io/cgit/qt/qtsvg.git/patch/?id=0fa52290)
+sha256sums=('8bc3c2c1bc2671e9c67d4205589a8309b57903721ad14c60ea21a5d06acb585e'
+            '9e2e001d3ee7376ef1729e5fd77b662cb8632a14462b56e5b9181c7bc4e2bce4'
+            '60c37f206f855f77ac7fa5a3d42166bc349db4b31a088471d9697d297eea4763')
 
 prepare() {
   mkdir -p build
+  patch -d $_pkgfqn -p1 < CVE-2021-3481a.patch
+  patch -d $_pkgfqn -p1 < CVE-2021-3481b.patch
 }
 
 build() {