diff options
| author | nia <nia@pkgsrc.org> | 2021-09-19 08:41:13 +0000 |
|---|---|---|
| committer | nia <nia@pkgsrc.org> | 2021-09-19 08:41:13 +0000 |
| commit | 7db3fb1ddf0affa7ee5f9ab6479c1dc62ef68238 (patch) | |
| tree | f6ef6310e8d9ac7215e4b3faf126d246e046bdf0 /x11 | |
| parent | 173d29f8b2b0bd04033c6f9385f64c7bb303f40d (diff) | |
| download | pkgsrc-7db3fb1ddf0affa7ee5f9ab6479c1dc62ef68238.tar.gz | |
rxvt: apply fix for CVE-2021-33477. bump PKGREVISION.
Diffstat (limited to 'x11')
| -rw-r--r-- | x11/rxvt/Makefile | 4 | ||||
| -rw-r--r-- | x11/rxvt/distinfo | 5 | ||||
| -rw-r--r-- | x11/rxvt/patches/patch-src_command.c | 22 |
3 files changed, 24 insertions, 7 deletions
diff --git a/x11/rxvt/Makefile b/x11/rxvt/Makefile index a6a3ce28a20..9555c4ab4c8 100644 --- a/x11/rxvt/Makefile +++ b/x11/rxvt/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.63 2021/08/08 20:33:33 nia Exp $ +# $NetBSD: Makefile,v 1.64 2021/09/19 08:41:13 nia Exp $ DISTNAME= rxvt-2.7.10 -PKGREVISION= 8 +PKGREVISION= 9 CATEGORIES= x11 MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=rxvt/} diff --git a/x11/rxvt/distinfo b/x11/rxvt/distinfo index 1364271e1cc..4e238eafd95 100644 --- a/x11/rxvt/distinfo +++ b/x11/rxvt/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.25 2020/10/10 08:26:56 nia Exp $ +$NetBSD: distinfo,v 1.26 2021/09/19 08:41:13 nia Exp $ SHA1 (rxvt-2.7.10.tar.gz) = dabb960d94703d4f81e9a9a50749210a2977ef2b RMD160 (rxvt-2.7.10.tar.gz) = 1bea3ff456b4f9ddce187b3e3a0ac11a7363c8eb @@ -16,5 +16,6 @@ SHA1 (patch-aj) = 43ca25f034e6160f3a3dabbf1488df31cdecf95b SHA1 (patch-ak) = 83f7ffcf91d671bd8e75e5c063fd1336c0e08ed6 SHA1 (patch-al) = 7107ec12205d0a5011a5828f8d30fbd577de41b7 SHA1 (patch-am) = db69ba3b6754454613aa4aec61c1b033d7e013ae -SHA1 (patch-src_command.c) = ca6af737445f2687e3823bd0d4390e3150f664b1 +SHA1 (patch-src_command.c) = 50a7e36e97232af7bfc92e3e41b73e4c88e1605b +SHA1 (patch-src_feature.h) = da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA1 (patch-src_rxvt.h) = 86db6ffc24f1133771b6e94275a9edab07b97437 diff --git a/x11/rxvt/patches/patch-src_command.c b/x11/rxvt/patches/patch-src_command.c index 97823c470ee..84f97381294 100644 --- a/x11/rxvt/patches/patch-src_command.c +++ b/x11/rxvt/patches/patch-src_command.c @@ -1,8 +1,24 @@ -$NetBSD: patch-src_command.c,v 1.1 2017/08/05 07:00:20 nros Exp $ +$NetBSD: patch-src_command.c,v 1.2 2021/09/19 08:41:13 nia Exp $ + +* fix CVE-2021-33477 * fix CVE-2017-7483 ---- src/command.c.orig 2017-08-05 06:35:48.000000000 +0000 + +--- src/command.c.orig 2003-03-26 06:01:23.000000000 +0000 +++ src/command.c -@@ -2096,7 +2096,7 @@ rxvt_process_csi_seq(rxvt_t *r) +@@ -1954,10 +1954,12 @@ rxvt_process_escape_seq(rxvt_t *r) + rxvt_scr_add_lines(r, (const unsigned char *)"\n\r", 1, 2); + break; + ++#if 0 /* disabled because embedded newlines can make exploits easier */ + /* kidnapped escape sequence: Should be 8.3.48 */ + case C1_ESA: /* ESC G */ + rxvt_process_graphics(r); + break; ++#endif + + /* 8.3.63: CHARACTER TABULATION SET */ + case C1_HTS: /* ESC H */ +@@ -2096,7 +2098,7 @@ rxvt_process_csi_seq(rxvt_t *r) i = ch - CSI_ICH; ndef = get_byte_array_bit(csi_defaults, i); for (p = 0; p < nargs; p++) |