community/kconfig: fix CVE-2019-14744

1 files changed, 9 insertions, 3 deletions

diff --git a/community/kconfig/APKBUILD b/community/kconfig/APKBUILD
index d7706c98dc..1fd51bfbcf 100644
--- a/community/kconfig/APKBUILD
+++ b/community/kconfig/APKBUILD
@@ -2,16 +2,21 @@
 # Maintainer: Bart Ribbers <bribbers@disroot.org>
 pkgname=kconfig
 pkgver=5.60.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Configuration system"
 arch="all"
 url="https://community.kde.org/Frameworks"
 license="LGPL-2.0-or-later AND LGPL-2.0-only AND LGPL-2.1-or-later"
 makedepends="extra-cmake-modules qt5-qttools-dev doxygen"
 checkdepends="xvfb-run"
-source="https://download.kde.org/stable/frameworks/${pkgver%.*}/$pkgname-$pkgver.tar.xz"
+source="https://download.kde.org/stable/frameworks/${pkgver%.*}/$pkgname-$pkgver.tar.xz
+	CVE-2019-14744.patch"
 subpackages="$pkgname-dev $pkgname-doc $pkgname-lang"
 
+# secfixes:
+#   5.60.0-r1:
+#     - CVE-2019-14744
+
 build() {
 	cmake \
 		-DCMAKE_BUILD_TYPE=RelWithDebInfo \
@@ -29,4 +34,5 @@ package() {
 	DESTDIR="$pkgdir" make install
 }
 
-sha512sums="76aa15e9e1630c687ff7cc6b77060c74472f307442d07ae09d5f4aa61d7b6f29f3f1d270218c6d7fea8e86eb9dda43c96821d19d827a781c7f71da6135d98753  kconfig-5.60.0.tar.xz"
+sha512sums="76aa15e9e1630c687ff7cc6b77060c74472f307442d07ae09d5f4aa61d7b6f29f3f1d270218c6d7fea8e86eb9dda43c96821d19d827a781c7f71da6135d98753  kconfig-5.60.0.tar.xz
+0265a6e02e1ac6a7bb30e75eb169c83a69237e2dd2f80a4be18b47ecd758aa27dbcecc45d2e18a52df049b32313dfd5b5432bfcfa39611279194d2c9b48dc35e  CVE-2019-14744.patch"