okular: add patch for CVE-2020-9359

https://mail.kde.org/pipermail/kde-announce/2020-March/000089.html

srcpkgs/okular/patches/CVE-2020-9359.patch

@@ -0,0 +1,27 @@
+From 6a93a033b4f9248b3cd4d04689b8391df754e244 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Tue, 10 Mar 2020 23:07:24 +0100
+Subject: [PATCH] Document::processAction: If the url points to a binary, don't
+ run it
+
+---
+ core/document.cpp | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git core/document.cpp core/document.cpp
+index 3215a1abc..0aa5b6980 100644
+--- core/document.cpp
++++ core/document.cpp
+@@ -4388,7 +4388,8 @@ void Document::processAction( const Action * action )
+                 {
+                     const QUrl realUrl = KIO::upUrl(d->m_url).resolved(url);
+                     // KRun autodeletes
+-                    new KRun( realUrl, d->m_widget );
++                    KRun *r = new KRun( realUrl, d->m_widget );
++                    r->setRunExecutables(false);
+                 }
+             }
+             } break;
+-- 
+2.24.1
+

srcpkgs/okular/template

@@ -1,7 +1,7 @@
 # Template file for 'okular'
 pkgname=okular
 version=19.12.3
-revision=1
+revision=2
 build_style=cmake
 hostmakedepends="extra-cmake-modules pkg-config gettext kcoreaddons"
 makedepends="discount-devel djvulibre-devel ebook-tools-devel khtml-devel