Commit 7485e398 authored by Ariadne Conill's avatar Ariadne Conill 🐰
Browse files

main/rxvt: add mitigation for CVE-2021-33477

parent e10583f0
......@@ -2,7 +2,7 @@
# Maintainer: Mark Constable <markc@renta.net>
pkgname=mrxvt
pkgver=0.5.4
pkgrel=7
pkgrel=8
pkgdesc="A multi-tabbed X terminal emulator based on rxvt code"
url="http://materm.sourceforge.net/wiki/pmwiki.php"
arch="all"
......@@ -13,9 +13,14 @@ source="
https://downloads.sourceforge.net/sourceforge/materm/$pkgname-$pkgver.tar.gz
mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
musl-fix-includes.patch
CVE-2021-33477.patch
mrxvt.desktop
"
# secfixes:
# 0.5.4-r8:
# - CVE-2021-33477
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
......@@ -58,15 +63,10 @@ package() {
install -Dm644 ../mrxvt.desktop $pkgdir/usr/share/applications/mrxvt.desktop
}
md5sums="0232c8868484751dcb931a28f0756f69 mrxvt-0.5.4.tar.gz
e4a8bb2521246aba85f8dcaa01aed527 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
762a151ed6d4f3ee6928678fda5b477f musl-fix-includes.patch
6ba3bcd484c8dad1b0b48465ded54de3 mrxvt.desktop"
sha256sums="f403ad5a908fcd38a55ed0a7e1b85584cb77be8781199653a39b8af1a9ad10d7 mrxvt-0.5.4.tar.gz
578f52cf072574ccfc8d500fb4d5d3ce97d7ecf610ec0f7798b8a74850b18756 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
146201eb1f3e525eac3e287dae80575e20c3c09ed9d7c1d2d1f32414cd9ca8cd musl-fix-includes.patch
3bdaed1adcd443347b01e3c976cd8c0923a75645ae75fcc4b5020dba07d20ac1 mrxvt.desktop"
sha512sums="572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
sha512sums="
572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
27d8a9775a5ea6e5e0e588d84ab5c76cc76aaa4ebeb473950e8f6b3dbf660a380c2d2385356ab9bd12d2e00b98c467f99f8e1aac16c91f8ffa4e29a38124340a mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
4f2cf06484b1b364f7eb9f2acc629d2e600d4e614071fca5035d3654b083347f00162d2077496626fe4184dcac938b0b91f3ffe23f259b53ed475c4b8e85dbb0 musl-fix-includes.patch
04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop"
0b299ba3c049e91619a59df4c53053cdea0b3000e633495843518d1676b146214fea567fa1d441aca023e8c6ef0447cd43c7a4c4c0a498121e562d3afbafc59f CVE-2021-33477.patch
04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop
"
--- mrxvt-0.5.4/src/command.c.orig
+++ mrxvt-0.5.4/src/command.c
@@ -207,7 +207,9 @@
int rxvt_privcases (rxvt_t*, int, int, uint32_t);
void rxvt_process_terminal_mode (rxvt_t*, int, int, int, unsigned int, const int*);
void rxvt_process_sgr_mode (rxvt_t*, int, unsigned int, const int*);
+#if 0
void rxvt_process_graphics (rxvt_t*, int);
+#endif
void rxvt_process_getc (rxvt_t*, int, unsigned char);
/*--------------------------------------------------------------------*
* END `INTERNAL' ROUTINE PROTOTYPES *
@@ -5029,10 +5031,12 @@
rxvt_scr_add_lines(r, page, (const unsigned char *)"\n\r", 1, 2);
break;
+#if 0
/* kidnapped escape sequence: Should be 8.3.48 */
case C1_ESA: /* ESC G */
rxvt_process_graphics(r, page);
break;
+#endif
/* 8.3.63: CHARACTER TABULATION SET */
case C1_HTS: /* ESC H */
@@ -6671,6 +6675,7 @@
}
/*}}} */
+#if 0
/*{{{ process Rob Nation's own graphics mode sequences */
/* INTPROTO */
void
@@ -6707,6 +6712,7 @@
printable characters. */
}
/*}}} */
+#endif
/* ------------------------------------------------------------------------- */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment