Date: Tuesday, June 15, 2021 @ 07:07:09 Author: kgizdov Revision: 963742
CVE-2019-19451 and FTBFS Added: dia/trunk/dia-0.9.3-cve-2019-19451.patch Modified: dia/trunk/PKGBUILD --------------------------------+ PKGBUILD | 11 ++++++++--- dia-0.9.3-cve-2019-19451.patch | 26 ++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2021-06-15 07:06:55 UTC (rev 963741) +++ PKGBUILD 2021-06-15 07:07:09 UTC (rev 963742) @@ -5,7 +5,7 @@ pkgname=dia pkgver=0.97.3 -pkgrel=7 +pkgrel=8 pkgdesc="A GTK+ based diagram creation program" arch=('x86_64') license=('GPL') @@ -14,8 +14,10 @@ makedepends=('intltool' 'python2' 'docbook-xsl') optdepends=('python2') options=('docs' '!emptydirs') -source=("ftp://ftp.gnome.org/pub/gnome/sources/${pkgname}/0.97/${pkgname}-${pkgver}.tar.xz") -md5sums=('0e744a0f6a6c4cb6a089e4d955392c3c') +source=("https://ftp.gnome.org/pub/gnome/sources/${pkgname}/0.97/${pkgname}-${pkgver}.tar.xz" + 'dia-0.9.3-cve-2019-19451.patch') +sha256sums=('22914e48ef48f894bb5143c5efc3d01ab96e0a0cde80de11058d3b4301377d34' + '32cecad212fbd0f87f304d9eaf48f8b3d6555b10733ead5a3943bac778bf8586') prepare() { cd "${srcdir}/${pkgname}-${pkgver}" @@ -25,6 +27,9 @@ sed -i 's#python2\.1#python2 python2.1#' configure sed -i 's#freetype-config --cflags#pkg-config --cflags freetype2#' configure sed -i 's#freetype-config --libs#pkg-config --libs freetype2#' configure + + # FS#71257 + patch -Np1 -i "${srcdir}/dia-0.9.3-cve-2019-19451.patch" } build() { Added: dia-0.9.3-cve-2019-19451.patch =================================================================== --- dia-0.9.3-cve-2019-19451.patch (rev 0) +++ dia-0.9.3-cve-2019-19451.patch 2021-06-15 07:07:09 UTC (rev 963742) @@ -0,0 +1,26 @@ +From baa2df853f9fb770eedcf3d94c7f5becebc90bb9 Mon Sep 17 00:00:00 2001 +From: Nils Steinger <g...@n-st.de> +Date: Thu, 7 Nov 2019 15:12:18 +0100 +Subject: [PATCH] Fix endless loop on filenames with invalid encoding + +See also: + - https://bugzilla.redhat.com/show_bug.cgi?id=1778767 + - https://gitlab.gnome.org/GNOME/dia/-/issues/428 +--- + app/app_procs.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/app/app_procs.c b/app/app_procs.c +index 434a092f6..53f8b8c38 100644 +--- a/app/app_procs.c ++++ b/app/app_procs.c +@@ -675,6 +675,7 @@ app_init (int argc, char **argv) + + if (!filename) { + g_print (_("Filename conversion failed: %s\n"), filenames[i]); ++ ++i; + continue; + } + +-- +GitLab