path: root/kde/patch/okular
diff options
Diffstat (limited to 'kde/patch/okular')
1 files changed, 32 insertions, 0 deletions
diff --git a/kde/patch/okular/cve-2020-9359.patch b/kde/patch/okular/cve-2020-9359.patch
new file mode 100644
index 0000000..d82c91c
--- /dev/null
+++ b/kde/patch/okular/cve-2020-9359.patch
@@ -0,0 +1,32 @@
+Okular: Local binary execution via action links
+CVE: CVE-2020-9359
+Okular can be tricked into executing local binaries via specially crafted
+PDF files.
+This binary execution can require almost no user interaction.
+No parameters can be passed to those local binaries.
+We have not been able to identify any binary that will cause actual damage,
+be it in the hardware or software level, when run without parameters.
+We remain relatively confident that for this issue to do any actual damage,
+it has to run a binary specially crafted. That binary must have been deployed
+to the user system via another method, be it the user downloading it directly
+as an email attachment, webpage download, etc. or by the system being
+already compromised.
+diff --git a/core/document.cpp b/core/document.cpp
+index 3215a1abce6292a6cc25c5f8b645232c92d75ec5..0aa5b698019a2660f2d6baabd54cef1e82002b0e 100644
+--- a/core/document.cpp
++++ b/core/document.cpp
+@@ -4388,7 +4388,8 @@ void Document::processAction( const Action * action )
+ {
+ const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url);
+ // KRun autodeletes
+- new KRun( realUrl, d->m_widget );
++ KRun *r = new KRun( realUrl, d->m_widget );
++ r->setRunExecutables(false);
+ }
+ }
+ } break;