Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
8e623da7
Commit
8e623da7
authored
3 years ago
by
Ariadne Conill
Browse files
Options
Downloads
Patches
Plain Diff
community/rxvt-unicode: add mitigation for CVE-2021-33477
parent
30e7f1ad
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
community/rxvt-unicode/APKBUILD
+12
-4
12 additions, 4 deletions
community/rxvt-unicode/APKBUILD
community/rxvt-unicode/CVE-2021-33477.patch
+20
-0
20 additions, 0 deletions
community/rxvt-unicode/CVE-2021-33477.patch
with
32 additions
and
4 deletions
community/rxvt-unicode/APKBUILD
+
12
−
4
View file @
8e623da7
...
...
@@ -4,7 +4,7 @@
# Maintainer: Sören Tempel <soeren+alpine@soeren-tempel.net>
pkgname
=
rxvt-unicode
pkgver
=
9.22
pkgrel
=
9
pkgrel
=
10
pkgdesc
=
"rxvt fork with improved unicode support"
url
=
"http://software.schmorp.de/pkg/rxvt-unicode.html"
arch
=
"all"
...
...
@@ -14,11 +14,16 @@ depends="$pkgname-terminfo"
makedepends
=
"libx11-dev libxft-dev ncurses fontconfig-dev
gdk-pixbuf-dev libxrender-dev perl-dev startup-notification-dev"
subpackages
=
"
$pkgname
-doc
$pkgname
-terminfo::noarch"
source
=
"http://dist.schmorp.de/rxvt-unicode/rxvt-unicode-
$pkgver
.tar.bz2
source
=
"http://dist.schmorp.de/rxvt-unicode/
Attic/
rxvt-unicode-
$pkgver
.tar.bz2
gentables.patch
rxvt-unicode-kerning.patch
CVE-2021-33477.patch
"
# secfixes:
# 9.22-r10:
# - CVE-2021-33477
build
()
{
./configure
\
--build
=
$CBUILD
\
...
...
@@ -65,6 +70,9 @@ terminfo() {
"
$subpkgdir
"
/usr/share/terminfo/
}
sha512sums
=
"b39f1b2cbe6dd3fbd2a0ad6a9d391a2b6f49d7c5e67bc65fe44a9c86937f8db379572c67564c6e21ff6e09b447cdfd4e540544e486179e94da0e0db679c04dd9 rxvt-unicode-9.22.tar.bz2
sha512sums
=
"
b39f1b2cbe6dd3fbd2a0ad6a9d391a2b6f49d7c5e67bc65fe44a9c86937f8db379572c67564c6e21ff6e09b447cdfd4e540544e486179e94da0e0db679c04dd9 rxvt-unicode-9.22.tar.bz2
2a973e001dacf900895d0c1045dfffd5a1ca7650669853bd5fdf09819b19a750bb59d913f8bdc83b103e5e0e7cce7f0d2b6184f36a29c1bac86e90c08ae6a475 gentables.patch
d2fb68b3e11a78328ded4d2d646ffbaae657e9f23f3b4b81e11bc4350dd3e1e7585eeaeee47a70246bdfb7e12fbb667e40a7766989154235064f56ed4ad0a987 rxvt-unicode-kerning.patch"
d2fb68b3e11a78328ded4d2d646ffbaae657e9f23f3b4b81e11bc4350dd3e1e7585eeaeee47a70246bdfb7e12fbb667e40a7766989154235064f56ed4ad0a987 rxvt-unicode-kerning.patch
2c1cb4dad04b0fdf9212949337a37b402ed86638b26390d18f00620a71a80e91894eb624ec8058e10b7c18e1c369d8e6af91a7cd26ca6c2b221a0cf060aa0950 CVE-2021-33477.patch
"
This diff is collapsed.
Click to expand it.
community/rxvt-unicode/CVE-2021-33477.patch
0 → 100644
+
20
−
0
View file @
8e623da7
--- rxvt-unicode/src/command.C 2016/07/14 05:33:26 1.582
+++ rxvt-unicode/src/command.C 2017/05/18 02:43:18 1.583
@@ -2695,7 +2695,7 @@
/* kidnapped escape sequence: Should be 8.3.48 */
case C1_ESA: /* ESC G */
// used by original rxvt for rob nations own graphics mode
- if (cmd_getc () == 'Q')
+ if (cmd_getc () == 'Q' && option (Opt_insecure))
tt_printf ("\033G0\012"); /* query graphics - no graphics */
break;
@@ -2914,7 +2914,7 @@
break;
case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */
- case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+ case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
#ifdef ISO6429
arg[0] = -arg[0];
#else /* emulate common DEC VTs */
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment