[arch-commits] Commit in exo/trunk (PKGBUILD)
Evangelos Foutras
foutrelis at gemini.archlinux.org
Mon Jun 6 17:24:04 UTC 2022
Date: Monday, June 6, 2022 @ 17:24:04
Author: foutrelis
Revision: 447642
upgpkg: exo 4.16.3-2: add fix for CVE-2022-32278
> This patch prevents executing possibly malicious .desktop files
> from online sources (ftp://, http:// etc.).
Modified:
exo/trunk/PKGBUILD
----------+
PKGBUILD | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2022-06-06 17:05:10 UTC (rev 447641)
+++ PKGBUILD 2022-06-06 17:24:04 UTC (rev 447642)
@@ -4,7 +4,7 @@
pkgname=exo
pkgver=4.16.3
-pkgrel=1
+pkgrel=2
pkgdesc="Application library for Xfce"
arch=('x86_64')
url="https://www.xfce.org/"
@@ -12,11 +12,14 @@
groups=('xfce4')
depends=('libxfce4ui' 'hicolor-icon-theme')
makedepends=('intltool')
-source=(https://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2)
-sha256sums=('722dff3c3fe23f0a65405e63889cf247c99d092d3f9fb16dec78d062cfb8fae6')
+source=(https://archive.xfce.org/src/xfce/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.bz2
+ $pkgname-exo-open-only-execute-local-desktop-files.patch::https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882.patch)
+sha256sums=('722dff3c3fe23f0a65405e63889cf247c99d092d3f9fb16dec78d062cfb8fae6'
+ 'a864116f1692ca541d4837640e9c535cc127ae2420f64cbafff329f4b4cc68a0')
prepare() {
cd "$srcdir/$pkgname-$pkgver"
+ patch -Np1 -i ../$pkgname-exo-open-only-execute-local-desktop-files.patch
}
build() {
More information about the arch-commits
mailing list