Package: qtbase-opensource-src

Package: qtbase-opensource-src / 5.7.1+dfsg-3+deb9u2

CVE-2020-0569.diff

Description: do not load plugin from the $PWD
Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b340
Last-Update: 2020-01-30

---
 src/corelib/plugin/qpluginloader.cpp |    1 -
 1 file changed, 1 deletion(-)

--- a/src/corelib/plugin/qpluginloader.cpp
+++ b/src/corelib/plugin/qpluginloader.cpp
@@ -304,7 +304,6 @@ static QString locatePlugin(const QStrin
         paths.append(fileName.left(slash)); // don't include the '/'
     } else {
         paths = QCoreApplication::libraryPaths();
-        paths.prepend(QStringLiteral(".")); // search in current dir first
     }
 
     for (const QString &path : qAsConst(paths)) {