From 93684c808b1ca7fb3aaeb4279aacc3889303db2a Mon Sep 17 00:00:00 2001
From: Eric Hameleers <alien@slackware.com>
Date: Sat, 14 Sep 2019 13:11:43 +0200
Subject: KDE 4 kdelibs: address a CVE and make it compile against openssl 1.x

Security fix for CVE-2019-14744.
---
 kde/patch/kdelibs.patch | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'kde/patch/kdelibs.patch')

diff --git a/kde/patch/kdelibs.patch b/kde/patch/kdelibs.patch
index 8fefb2e..d51fd45 100644
--- a/kde/patch/kdelibs.patch
+++ b/kde/patch/kdelibs.patch
@@ -16,3 +16,10 @@ cat $CWD/patch/kdelibs/return-application-icons-properly.patch | patch -R -p1 --
 # Will be fixed in 4.14.7:
 #cat $CWD/patch/kdelibs/fixbic-4.14.6.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
 
+# Support OpenSSL-1.1.x:
+cat $CWD/patch/kdelibs/kdelibs-openssl-1.1.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
+# Security: remove support for $(...) in config keys with [$e] marker.
+# (CVE-2019-14744):
+cat $CWD/patch/kdelibs/kdelibs.2c3762feddf7e66cf6b64d9058f625a715694a00.patch | patch -p1 --verbose || { touch ${SLACK_KDE_BUILD_DIR}/${PKGNAME}.failed ; continue ; }
+
-- 
cgit v1.2.3