From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Thu, 16 Apr 2020 17:05:12 +0000 (+0100)
Subject: do not load plugin from the $PWD
X-Git-Tag: archive/raspbian/5.12.5+dfsg-10+rpi1^2~13
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com//%22mailto:g.real.ate%40gmail.com/%22/%22http:/www.example.com/%22mailto:g.real.ate%40gmail.com/%22?a=commitdiff_plain;h=b635c09a8506446a53a34fa61f01ac5e4918dee7;p=qtbase-opensource-src.git

do not load plugin from the $PWD

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b340
Last-Update: 2020-01-30


Gbp-Pq: Name CVE-2020-0569.diff
---

diff --git a/src/corelib/plugin/qpluginloader.cpp b/src/corelib/plugin/qpluginloader.cpp
index 00480198b..1bb445759 100644
--- a/src/corelib/plugin/qpluginloader.cpp
+++ b/src/corelib/plugin/qpluginloader.cpp
@@ -305,7 +305,6 @@ static QString locatePlugin(const QString& fileName)
         paths.append(fileName.left(slash)); // don't include the '/'
     } else {
         paths = QCoreApplication::libraryPaths();
-        paths.prepend(QStringLiteral(".")); // search in current dir first
     }
 
     for (const QString &path : qAsConst(paths)) {