[arch-commits] Commit in dia/trunk (PKGBUILD dia-0.9.3-cve-2019-19451.patch)

[Konstantin Gizdov]

    Date: Tuesday, June 15, 2021 @ 07:07:09
  Author: kgizdov
Revision: 963742

CVE-2019-19451 and FTBFS

Added:
  dia/trunk/dia-0.9.3-cve-2019-19451.patch
Modified:
  dia/trunk/PKGBUILD

--------------------------------+
 PKGBUILD                       |   11 ++++++++---
 dia-0.9.3-cve-2019-19451.patch |   26 ++++++++++++++++++++++++++
 2 files changed, 34 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2021-06-15 07:06:55 UTC (rev 963741)
+++ PKGBUILD	2021-06-15 07:07:09 UTC (rev 963742)
@@ -5,7 +5,7 @@
 
 pkgname=dia
 pkgver=0.97.3
-pkgrel=7
+pkgrel=8
 pkgdesc="A GTK+ based diagram creation program"
 arch=('x86_64')
 license=('GPL')
@@ -14,8 +14,10 @@
 makedepends=('intltool' 'python2' 'docbook-xsl')
 optdepends=('python2')
 options=('docs' '!emptydirs')
-source=("ftp://ftp.gnome.org/pub/gnome/sources/${pkgname}/0.97/${pkgname}-${pkgver}.tar.xz")
-md5sums=('0e744a0f6a6c4cb6a089e4d955392c3c')
+source=("https://ftp.gnome.org/pub/gnome/sources/${pkgname}/0.97/${pkgname}-${pkgver}.tar.xz"
+        'dia-0.9.3-cve-2019-19451.patch')
+sha256sums=('22914e48ef48f894bb5143c5efc3d01ab96e0a0cde80de11058d3b4301377d34'
+            '32cecad212fbd0f87f304d9eaf48f8b3d6555b10733ead5a3943bac778bf8586')
 
 prepare() {
   cd "${srcdir}/${pkgname}-${pkgver}"
@@ -25,6 +27,9 @@
   sed -i 's#python2\.1#python2 python2.1#' configure
   sed -i 's#freetype-config --cflags#pkg-config --cflags freetype2#' configure
   sed -i 's#freetype-config --libs#pkg-config --libs freetype2#' configure
+
+  # FS#71257
+  patch -Np1 -i "${srcdir}/dia-0.9.3-cve-2019-19451.patch"
 }
 
 build() {

Added: dia-0.9.3-cve-2019-19451.patch
===================================================================
--- dia-0.9.3-cve-2019-19451.patch	                        (rev 0)
+++ dia-0.9.3-cve-2019-19451.patch	2021-06-15 07:07:09 UTC (rev 963742)
@@ -0,0 +1,26 @@
+From baa2df853f9fb770eedcf3d94c7f5becebc90bb9 Mon Sep 17 00:00:00 2001
+From: Nils Steinger <git at n-st.de>
+Date: Thu, 7 Nov 2019 15:12:18 +0100
+Subject: [PATCH] Fix endless loop on filenames with invalid encoding
+
+See also:
+ - https://bugzilla.redhat.com/show_bug.cgi?id=1778767
+ - https://gitlab.gnome.org/GNOME/dia/-/issues/428
+---
+ app/app_procs.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/app/app_procs.c b/app/app_procs.c
+index 434a092f6..53f8b8c38 100644
+--- a/app/app_procs.c
++++ b/app/app_procs.c
+@@ -675,6 +675,7 @@ app_init (int argc, char **argv)
+ 
+ 	if (!filename) {
+ 	  g_print (_("Filename conversion failed: %s\n"), filenames[i]);
++	  ++i;
+ 	  continue;
+ 	}
+ 
+-- 
+GitLab