From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Thu, 30 Jan 2020 21:03:38 +0000 (+0000)
Subject: do not load plugin from the $PWD
X-Git-Tag: archive/raspbian/5.12.5+dfsg-8+rpi1^2~10
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/success/%22http:/www.example.com/cgi/success?a=commitdiff_plain;h=c04ca40e4c15c5b736aef892289e232016002f20;p=qtbase-opensource-src.git

do not load plugin from the $PWD

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b340
Last-Update: 2020-01-30


Gbp-Pq: Name CVE-2020-0569.diff
---

diff --git a/src/corelib/plugin/qpluginloader.cpp b/src/corelib/plugin/qpluginloader.cpp
index 00480198b..1bb445759 100644
--- a/src/corelib/plugin/qpluginloader.cpp
+++ b/src/corelib/plugin/qpluginloader.cpp
@@ -305,7 +305,6 @@ static QString locatePlugin(const QString& fileName)
         paths.append(fileName.left(slash)); // don't include the '/'
     } else {
         paths = QCoreApplication::libraryPaths();
-        paths.prepend(QStringLiteral(".")); // search in current dir first
     }
 
     for (const QString &path : qAsConst(paths)) {