From 8e2d32c04e4c2684e6cd5976a955f8ee569afd61 Mon Sep 17 00:00:00 2001
From: Eric Hameleers <alien@slackware.com>
Date: Sat, 10 Feb 2018 19:16:05 +0100
Subject: Disable patches that were applied upstream

---
 kde/patch/kwin.patch                               |  4 +--
 kde/patch/plasma-workspace.patch                   |  4 +++
 .../plasma-workspace_kdebug389815.patch            | 32 ++++++++++++++++++++++
 3 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch

diff --git a/kde/patch/kwin.patch b/kde/patch/kwin.patch
index 5cef188..9f05f30 100644
--- a/kde/patch/kwin.patch
+++ b/kde/patch/kwin.patch
@@ -6,6 +6,6 @@
 # Fixed in kwin 5.10.3.
 #cat $CWD/patch/kwin/kwin_qt59_rootwindow_events.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 
-# Fix compilation with cmake 3.10:
-cat $CWD/patch/kwin/kwin_cmake310.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+# Fix compilation with cmake 3.10 (fixed in 5.12.0):
+#cat $CWD/patch/kwin/kwin_cmake310.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 
diff --git a/kde/patch/plasma-workspace.patch b/kde/patch/plasma-workspace.patch
index ca71474..8671c65 100644
--- a/kde/patch/plasma-workspace.patch
+++ b/kde/patch/plasma-workspace.patch
@@ -11,3 +11,7 @@
 # Fixed in 5.9.0
 #cat $CWD/patch/plasma-workspace/plasma-workspace.systray_cpubug.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 
+# Fix vulnerability (CVE-2018-6791 - KDEBUG_389815)
+# (already fixed in Plasma 5.12.0):
+#cat $CWD/patch/plasma-workspace/plasma-workspace_kdebug389815.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
diff --git a/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch
new file mode 100644
index 0000000..e2f1e48
--- /dev/null
+++ b/kde/patch/plasma-workspace/plasma-workspace_kdebug389815.patch
@@ -0,0 +1,32 @@
+From f32002ce50edc3891f1fa41173132c820b917d57 Mon Sep 17 00:00:00 2001
+From: Marco Martin <notmart@gmail.com>
+Date: Mon, 5 Feb 2018 13:12:51 +0100
+Subject: Make sure device paths are quoted
+
+in the case a vfat removable device has $() or `` in its label,
+such as $(touch foo) the quoted command may get executed,
+leaving an attack vector. Use KMacroExpander::expandMacrosShellQuote
+to make sure everything is quoted and not interpreted as a command
+
+BUG:389815
+---
+ soliduiserver/deviceserviceaction.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/soliduiserver/deviceserviceaction.cpp b/soliduiserver/deviceserviceaction.cpp
+index f49c967..738b27c 100644
+--- a/soliduiserver/deviceserviceaction.cpp
++++ b/soliduiserver/deviceserviceaction.cpp
+@@ -158,7 +158,7 @@ void DelayedExecutor::delayedExecute(const QString &udi)
+ 
+     QString exec = m_service.exec();
+     MacroExpander mx(device);
+-    mx.expandMacros(exec);
++    mx.expandMacrosShellQuote(exec);
+ 
+     KRun::runCommand(exec, QString(), m_service.icon(), 0);
+     deleteLater();
+-- 
+cgit v0.11.2
+
+
-- 
cgit v1.2.3