From b635c09a8506446a53a34fa61f01ac5e4918dee7 Mon Sep 17 00:00:00 2001
From: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Date: Thu, 16 Apr 2020 18:05:12 +0100
Subject: [PATCH] do not load plugin from the $PWD

Origin: upstream, https://code.qt.io/cgit/qt/qtbase.git/commit/?id=bf131e8d2181b340
Last-Update: 2020-01-30


Gbp-Pq: Name CVE-2020-0569.diff
---
 src/corelib/plugin/qpluginloader.cpp | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/corelib/plugin/qpluginloader.cpp b/src/corelib/plugin/qpluginloader.cpp
index 00480198b..1bb445759 100644
--- a/src/corelib/plugin/qpluginloader.cpp
+++ b/src/corelib/plugin/qpluginloader.cpp
@@ -305,7 +305,6 @@ static QString locatePlugin(const QString& fileName)
         paths.append(fileName.left(slash)); // don't include the '/'
     } else {
         paths = QCoreApplication::libraryPaths();
-        paths.prepend(QStringLiteral(".")); // search in current dir first
     }
 
     for (const QString &path : qAsConst(paths)) {
-- 
2.30.2