[arch-commits] Commit in kcron/trunk (PKGBUILD)

Wed, 16 Feb 2022 03:25:26 -0800 

    Date: Wednesday, February 16, 2022 @ 11:25:14
  Author: arojas
Revision: 437483

Fix CVE-2022-24986

Modified:
  kcron/trunk/PKGBUILD

----------+
 PKGBUILD |   15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2022-02-16 11:11:18 UTC (rev 437482)
+++ PKGBUILD    2022-02-16 11:25:14 UTC (rev 437483)
@@ -4,7 +4,7 @@
 
 pkgname=kcron
 pkgver=21.12.2
-pkgrel=1
+pkgrel=2
 pkgdesc='Configure and schedule tasks'
 url='https://apps.kde.org/kcron/'
 arch=(x86_64)
@@ -12,14 +12,23 @@
 groups=(kde-applications kde-system)
 depends=(kio cron)
 makedepends=(extra-cmake-modules kdoctools)
-source=(https://download.kde.org/stable/release-service/$pkgver/src/$pkgname-$pkgver.tar.xz{,.sig})
+source=(https://download.kde.org/stable/release-service/$pkgver/src/$pkgname-$pkgver.tar.xz{,.sig}
+        https://invent.kde.org/system/kcron/-/commit/2c04c9f6.patch
+        https://invent.kde.org/system/kcron/-/commit/ef4266e3.patch)
 sha256sums=('93d248a155416987b4abf226be677b9e3f858d2635bc6f9446b212be83a1af35'
-            'SKIP')
+            'SKIP'
+            '6e4512beaa6d15c1f53ef06a2a5a0ad9fe49c1ebb263a372456a36239d9b30ce'
+            'e13e5cc83727e3af1fa33ed1218b10101374fc9f3435d335d9d6271140ca9e1c')
 validpgpkeys=(CA262C6C83DE4D2FB28A332A3A6A4DB839EAA6D7  # Albert Astals Cid 
<[email protected]>
               F23275E4BF10AFC1DF6914A6DBD2CE893E2D1C87  # Christoph Feck 
<[email protected]>
               D81C0CB38EB725EF6691C385BB463350D6EF31EF) # Heiko Becker 
<[email protected]>
 options=(debug)
 
+prepare() {
+  patch -d $pkgname-$pkgver -p1 < 2c04c9f6.patch # CVE-2022-24986
+  patch -d $pkgname-$pkgver -p1 < ef4266e3.patch # CVE-2022-24986
+}
+
 build() {
   cmake -B build -S $pkgname-$pkgver \
     -DBUILD_TESTING=OFF

Reply via email to