[pkgsrc/trunk]: pkgsrc/x11/mrxvt mrxvt: patch CVE-2021-33477 RCU. Fix pkglint...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/x11/mrxvt mrxvt: patch CVE-2021-33477 RCU. Fix pkglint...
From: tnn <tnn%pkgsrc.org@localhost>
Date: Mon, 19 Jul 2021 13:58:17 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/25b8bffc1665
branches:  trunk
changeset: 456092:25b8bffc1665
user:      tnn <tnn%pkgsrc.org@localhost>
date:      Mon Jul 19 13:03:38 2021 +0000

description:
mrxvt: patch CVE-2021-33477 RCU. Fix pkglint. Bump.

diffstat:

 x11/mrxvt/Makefile                    |   5 ++-
 x11/mrxvt/distinfo                    |   6 ++--
 x11/mrxvt/patches/patch-aa            |   4 ++-
 x11/mrxvt/patches/patch-src_command.c |  46 ++++++++++++++++++++++++++++++++--
 4 files changed, 52 insertions(+), 9 deletions(-)

diffs (113 lines):

diff -r 374f1ecb84d0 -r 25b8bffc1665 x11/mrxvt/Makefile
--- a/x11/mrxvt/Makefile        Mon Jul 19 12:48:01 2021 +0000
+++ b/x11/mrxvt/Makefile        Mon Jul 19 13:03:38 2021 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.38 2020/08/17 20:20:32 leot Exp $
+# $NetBSD: Makefile,v 1.39 2021/07/19 13:03:38 tnn Exp $
 #
 
 DISTNAME=      mrxvt-0.5.4
-PKGREVISION=   13
+PKGREVISION=   14
 CATEGORIES=    x11
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=materm/}
 PATCH_SITES=   ${MASTER_SITES}
@@ -11,6 +11,7 @@
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
 HOMEPAGE=      https://code.google.com/p/mrxvt/
 COMMENT=       Multi-tabbed terminal emulator with Xft support
+LICENSE=       gnu-gpl-v2
 
 GNU_CONFIGURE=         YES
 USE_TOOLS+=            gmake
diff -r 374f1ecb84d0 -r 25b8bffc1665 x11/mrxvt/distinfo
--- a/x11/mrxvt/distinfo        Mon Jul 19 12:48:01 2021 +0000
+++ b/x11/mrxvt/distinfo        Mon Jul 19 13:03:38 2021 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2017/11/27 08:05:24 maya Exp $
+$NetBSD: distinfo,v 1.13 2021/07/19 13:03:38 tnn Exp $
 
 SHA1 (mrxvt-0.5.4-001-fix-segfault-when-wd-empty.patch) = 62b1d128f71e463dd38239efa4d5bc0daa77e9cf
 RMD160 (mrxvt-0.5.4-001-fix-segfault-when-wd-empty.patch) = 039929a83065055abfe29e239d7760390bb54a6b
@@ -8,7 +8,7 @@
 RMD160 (mrxvt-0.5.4.tar.gz) = 175ce5c554c267ada4efde18e22704ff1b688dac
 SHA512 (mrxvt-0.5.4.tar.gz) = 572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992
 Size (mrxvt-0.5.4.tar.gz) = 603978 bytes
-SHA1 (patch-aa) = 809be5640f60ccc8238c2b851056fd520426f6b1
-SHA1 (patch-src_command.c) = 1705e80d071bbab1bebe51bda13b22ffae1b727f
+SHA1 (patch-aa) = c04589243f13fb998929f00ab8a59bd4d7e0a808
+SHA1 (patch-src_command.c) = 2f34ca9baa71d86737f01338ca4cc25e4a637b4c
 SHA1 (patch-src_init.c) = 358b46b1c03ef3cdf62b964ca435db7987c9c33d
 SHA1 (patch-src_transparent.c) = 09229a237dfc2fef6c6d76f75270ead5c75521e1
diff -r 374f1ecb84d0 -r 25b8bffc1665 x11/mrxvt/patches/patch-aa
--- a/x11/mrxvt/patches/patch-aa        Mon Jul 19 12:48:01 2021 +0000
+++ b/x11/mrxvt/patches/patch-aa        Mon Jul 19 13:03:38 2021 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-aa,v 1.6 2017/11/27 08:05:24 maya Exp $
+$NetBSD: patch-aa,v 1.7 2021/07/19 13:03:39 tnn Exp $
+
+Don't error out (skipping utmp logging) when using Unix98 ptys.
 
 --- src/logging.c.orig 2008-02-17 22:04:50.000000000 +0000
 +++ src/logging.c
diff -r 374f1ecb84d0 -r 25b8bffc1665 x11/mrxvt/patches/patch-src_command.c
--- a/x11/mrxvt/patches/patch-src_command.c     Mon Jul 19 12:48:01 2021 +0000
+++ b/x11/mrxvt/patches/patch-src_command.c     Mon Jul 19 13:03:38 2021 +0000
@@ -1,10 +1,34 @@
-$NetBSD: patch-src_command.c,v 1.1 2017/11/27 08:05:24 maya Exp $
+$NetBSD: patch-src_command.c,v 1.2 2021/07/19 13:03:39 tnn Exp $
 
 Avoid integer overflow (CVE-2017-7483)
+Avoid RCU (CVE-2021-33477, via https://bugs.gentoo.org/790782)
 
---- src/command.c.orig 2008-07-09 21:33:36.000000000 +0000
+--- src/command.c.orig 2021-07-19 12:58:56.475014948 +0000
 +++ src/command.c
-@@ -5207,7 +5207,7 @@ rxvt_process_csi_seq(rxvt_t* r, int page
+@@ -207,7 +207,9 @@ void           rxvt_process_xwsh_seq    
+ int            rxvt_privcases                (rxvt_t*, int, int, uint32_t);
+ void           rxvt_process_terminal_mode    (rxvt_t*, int, int, int, unsigned int, const int*);
+ void           rxvt_process_sgr_mode         (rxvt_t*, int, unsigned int, const int*);
++#if 0
+ void           rxvt_process_graphics         (rxvt_t*, int);
++#endif
+ void         rxvt_process_getc             (rxvt_t*, int, unsigned char);
+ /*--------------------------------------------------------------------*
+  *         END   `INTERNAL' ROUTINE PROTOTYPES                        *
+@@ -5029,10 +5031,12 @@ rxvt_process_escape_seq(rxvt_t* r, int p
+           rxvt_scr_add_lines(r, page, (const unsigned char *)"\n\r", 1, 2);
+           break;
+ 
++#if 0
+       /* kidnapped escape sequence: Should be 8.3.48 */
+       case C1_ESA:        /* ESC G */
+           rxvt_process_graphics(r, page);
+           break;
++#endif
+ 
+       /* 8.3.63: CHARACTER TABULATION SET */
+       case C1_HTS:        /* ESC H */
+@@ -5207,7 +5211,7 @@ rxvt_process_csi_seq(rxvt_t* r, int page
      i = ch - CSI_ICH;
      ndef = get_byte_array_bit(csi_defaults, i);
      for (p = 0; p < nargs; p++)
@@ -13,3 +37,19 @@
            arg[p] = ndef;
  
  #ifdef DEBUG
+@@ -6671,6 +6675,7 @@ rxvt_process_sgr_mode(rxvt_t* r, int pag
+ }
+ /*}}} */
+ 
++#if 0
+ /*{{{ process Rob Nation's own graphics mode sequences */
+ /* INTPROTO */
+ void
+@@ -6707,6 +6712,7 @@ rxvt_process_graphics(rxvt_t* r, int pag
+                                                    printable characters. */
+ }
+ /*}}} */
++#endif
+ 
+ /* ------------------------------------------------------------------------- */
+

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/varnish to 6.6.1
Next by Date: [pkgsrc/trunk]: pkgsrc/lang/llvm llvm: Need socket libraries on SunOS.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/varnish to 6.6.1
Next by Thread: [pkgsrc/trunk]: pkgsrc/lang/llvm llvm: Need socket libraries on SunOS.
Indexes:

Home | Main Index | Thread Index | Old Index