From 4aecb964aff92e5cc956b2d3b700ac7841041463 Mon Sep 17 00:00:00 2001
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
Date: Wed, 26 Jan 2022 21:22:36 +0100
Subject: [PATCH] package/polkit: bump to fix CVE-2021-4034

We are currently using the fork by Adam, with support for duktape as a
JS engine. But upstream has finally merged that just a day ago. Woohoo!

Between the fork we were using and upstream, there are very little
changes, mostly centered around:
  - translations
  - buildsystem
  - duktape
  - CVE-2021-4034

So, we just switch to using the HEAD of the repo: it has not much more
than the two important changes: duktape and the CVE fix.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Marek Belisko <marek.belisko@open-nandra.com>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/polkit/polkit.hash | 2 +-
 package/polkit/polkit.mk   | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/package/polkit/polkit.hash b/package/polkit/polkit.hash
index f108ac19ec..1fedb5a707 100644
--- a/package/polkit/polkit.hash
+++ b/package/polkit/polkit.hash
@@ -1,5 +1,5 @@
 # Locally calculated after checking pgp signature
-sha256  0a30dbc0ff798ff45f5bb303b4b40160f56679e81b139287cc0efb32aa5dfc1b  polkit-0.120.tar.gz
+sha256  243fa69d1e480510c504723487716cda7d6fb588360c7c8f7ec6ba4a3f6ae60e  polkit-a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.tar.gz
 
 # Locally calculated
 sha256  d2e2aa973e29c75e1b492e67ea7b7da9de2d501d49a934657971fd74f9a0b0a8  COPYING
diff --git a/package/polkit/polkit.mk b/package/polkit/polkit.mk
index a7ab725c81..61666594a2 100644
--- a/package/polkit/polkit.mk
+++ b/package/polkit/polkit.mk
@@ -4,13 +4,16 @@
 #
 ################################################################################
 
-POLKIT_VERSION = 0.120
-POLKIT_SITE = $(call github,aduskett,polkit-duktape,v$(POLKIT_VERSION))
+POLKIT_VERSION = a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
+POLKIT_SITE = https://gitlab.freedesktop.org/polkit/polkit/-/archive/$(POLKIT_VERSION)
 POLKIT_LICENSE = GPL-2.0
 POLKIT_LICENSE_FILES = COPYING
 POLKIT_CPE_ID_VENDOR = polkit_project
 POLKIT_INSTALL_STAGING = YES
 
+# Fix was comitted in a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
+POLKIT_IGNORE_CVE = CVE-2021-4034
+
 POLKIT_DEPENDENCIES = \
 	duktape libglib2 host-intltool expat $(TARGET_NLS_DEPENDENCIES)