[pkgsrc/trunk]: pkgsrc/x11/eterm eterm: apply patch for CVE-2021-33477

[nia <nia%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/3979c92890b7
branches:  trunk
changeset: 458653:3979c92890b7
user:      nia <nia%pkgsrc.org@localhost>
date:      Sun Sep 19 08:49:01 2021 +0000

description:
eterm: apply patch for CVE-2021-33477

diffstat:

 x11/eterm/Makefile                 |   4 ++--
 x11/eterm/distinfo                 |   3 ++-
 x11/eterm/patches/patch-src_term.c |  23 +++++++++++++++++++++++
 3 files changed, 27 insertions(+), 3 deletions(-)

diffs (55 lines):

diff -r 24efc450ed8f -r 3979c92890b7 x11/eterm/Makefile
--- a/x11/eterm/Makefile        Sun Sep 19 08:41:56 2021 +0000
+++ b/x11/eterm/Makefile        Sun Sep 19 08:49:01 2021 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.86 2021/05/24 19:55:59 wiz Exp $
+# $NetBSD: Makefile,v 1.87 2021/09/19 08:49:01 nia Exp $
 
 DISTNAME=      Eterm-0.9.6
 PKGNAME=       ${DISTNAME:S/^E/e/}
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    x11
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=eterm/}
 DISTFILES=     ${DEFAULT_DISTFILES} ${PIXMAP_FILES}
diff -r 24efc450ed8f -r 3979c92890b7 x11/eterm/distinfo
--- a/x11/eterm/distinfo        Sun Sep 19 08:41:56 2021 +0000
+++ b/x11/eterm/distinfo        Sun Sep 19 08:49:01 2021 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2020/04/20 00:47:34 joerg Exp $
+$NetBSD: distinfo,v 1.24 2021/09/19 08:49:01 nia Exp $
 
 SHA1 (Eterm-0.9.6.tar.gz) = b4cb00f898ffd2de9bf7ae0ecde1cc3a5fee9f02
 RMD160 (Eterm-0.9.6.tar.gz) = 96e2ebf7ee7464ffab8bbecec2976a1e5935712e
@@ -14,3 +14,4 @@
 SHA1 (patch-src_Makefile.in) = 3000a407bed7d7c23bfc127fd09b0723d9c0b395
 SHA1 (patch-src_command.c) = 0b5b3dbde8eba16b1690155a28764ec7ea0f6bff
 SHA1 (patch-src_screen.c) = f820501e3a67cfc59dedd1dd5e3eb6f06ae2be23
+SHA1 (patch-src_term.c) = 45b1fecdb9b0f726f4ce5c001c27cc20340cd687
diff -r 24efc450ed8f -r 3979c92890b7 x11/eterm/patches/patch-src_term.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/eterm/patches/patch-src_term.c        Sun Sep 19 08:49:01 2021 +0000
@@ -0,0 +1,23 @@
+$NetBSD: patch-src_term.c,v 1.1 2021/09/19 08:49:01 nia Exp $
+
+Add patch from rxvt-unicode to fix CVE-2021-33477.
+https://sources.debian.org/patches/eterm/0.9.6-6.1/CVE-2021-33477.patch/
+
+--- src/term.c.orig    2011-03-16 05:16:59.000000000 +0000
++++ src/term.c
+@@ -1176,6 +1176,7 @@ process_escape_seq(void)
+         case 'E':
+             scr_add_lines((unsigned char *) "\n\r", 1, 2);
+             break;
++#if 0 /* disabled because embedded newlines can make exploits easier */
+         case 'G':
+             if ((ch = cmd_getc()) == 'Q') {     /* query graphics */
+                 tt_printf((unsigned char *) "\033G0\n");        /* no graphics */
+@@ -1185,6 +1186,7 @@ process_escape_seq(void)
+                 } while (ch != ':');
+             }
+             break;
++#endif
+         case 'H':
+             scr_set_tab(1);
+             break;