From aeb4f4f53a72dbb76c3854dd273ca76a54b72346 Mon Sep 17 00:00:00 2001
From: André Fabian Silva Delgado <emulatorman@parabola.nu>
Date: Thu, 2 Mar 2017 01:53:03 -0300
Subject: kdelibs-4.14.29-2.parabola1: backport security fix

---
 libre/kdelibs/PKGBUILD | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/libre/kdelibs/PKGBUILD b/libre/kdelibs/PKGBUILD
index 24201121e..939588e1d 100644
--- a/libre/kdelibs/PKGBUILD
+++ b/libre/kdelibs/PKGBUILD
@@ -1,4 +1,4 @@
-# $Id: PKGBUILD 288283 2017-02-09 11:21:12Z arojas $
+# $Id: PKGBUILD 289740 2017-02-28 19:06:41Z arojas $
 # Maintainer (Arch): Felix Yan <felixonmars@archlinux.org>
 # Contributor (Arch): Andrea Scarpino <andrea@archlinux.org
 # Contributor (Arch): Pierre Schmitz <pierre@archlinux.de>
@@ -7,7 +7,7 @@
 pkgname=kdelibs
 pkgver=4.14.29
 _kdeappver=16.12.2
-pkgrel=1.parabola1
+pkgrel=2.parabola1
 pkgdesc="KDE Core Libraries, without nonfree plugins recommendation support"
 arch=('i686' 'x86_64' 'armv7h')
 url='https://www.kde.org/'
@@ -19,13 +19,15 @@ depends=('attica-qt4' 'libxss' 'qca-qt4' 'libdbusmenu-qt4' 'polkit-qt4'
         'docbook-xsl' 'upower' 'udisks2' 'libxcursor' 'phonon-qt4'
         'media-player-info' 'libutempter' 'icu')
 makedepends=('cmake' 'automoc4' 'avahi' 'libgl' 'mesa')
-source=("http://download.kde.org/stable/applications/${_kdeappver}/src/$pkgname-$pkgver.tar.xz"
-        'kde-applications-menu.patch' 'khtml-fsdg.diff' 'qt4.patch' 'kdelibs-no-kdewebkit.patch')
+source=("https://download.kde.org/stable/applications/${_kdeappver}/src/$pkgname-$pkgver.tar.xz"
+        'kde-applications-menu.patch' 'khtml-fsdg.diff' 'qt4.patch' 'kdelibs-no-kdewebkit.patch'
+        kdelibs-sanitize-url.patch::"https://cgit.kde.org/kdelibs.git/patch/?id=1804c2fd")
 sha1sums=('d04e3fe612cef075d2023f6cef1938ff236f19d3'
           '86ee8c8660f19de8141ac99cd6943964d97a1ed7'
           'a1502a964081ad583a00cf90c56e74bf60121830'
           'ed1f57ee661e5c7440efcaba7e51d2554709701c'
-          'ee83d517c2d8dbe611e263ef16df87f39531fe72')
+          'ee83d517c2d8dbe611e263ef16df87f39531fe72'
+          '25c65eb2dd321b45e216d8b8adae2312bff06ee5')
 
 prepare() {
   mkdir -p build
@@ -38,6 +40,8 @@ prepare() {
   patch -p1 -i ../qt4.patch
   # disable kdewebkit (Fedora)
   patch -p1 -i ../kdelibs-no-kdewebkit.patch
+  # Sanitize URLs before passing them to FindProxyForURL
+  patch -p1 -i ../kdelibs-sanitize-url.patch
 }
 
 build() {
-- 
cgit v1.2.3