[packages/screen] up to 4.9.0 (fixes CVE-2021-26937)
atler
atler at pld-linux.org
Fri Feb 4 14:17:06 CET 2022
commit a565711b51979c7fd65d1818bcd3645ca924c1f8
Author: Jan Palus <atler at pld-linux.org>
Date: Fri Feb 4 14:10:33 2022 +0100
up to 4.9.0 (fixes CVE-2021-26937)
- debian fixes dropped (none of them present in debian anymore)
- statusline encoding patch seems to be upstream now
- 52fix_screen_utf8_nfd works fine without any patches
52fix_screen_utf8_nfd.patch | 41 --------
screen-E3.patch | 2 +-
screen-bracketed_paste_mode.patch | 2 +-
screen-debian_fixed.patch | 192 --------------------------------------
screen-ia64.patch | 2 +-
screen-info.patch | 2 +-
screen-manual.patch | 2 +-
screen-screenrc.patch | 14 +--
screen-statusline-encoding.patch | 33 -------
screen.spec | 12 +--
10 files changed, 13 insertions(+), 289 deletions(-)
---
diff --git a/screen.spec b/screen.spec
index bc6f06d..1f40923 100644
--- a/screen.spec
+++ b/screen.spec
@@ -10,12 +10,12 @@ Summary(ru.UTF-8): Менеджер экрана, поддерживающий
Summary(tr.UTF-8): Bir uçbirimde birden fazla oturumu düzenler
Summary(uk.UTF-8): Менеджер екрану, що підтримує кілька логінів з одного терміналу
Name: screen
-Version: 4.8.0
-Release: 2
+Version: 4.9.0
+Release: 1
License: GPL v3+
Group: Applications/Terminal
Source0: https://ftp.gnu.org/gnu/screen/%{name}-%{version}.tar.gz
-# Source0-md5: d276213d3acd10339cd37848b8c4ab1e
+# Source0-md5: b1ef8ed89134d335e614016634982b6d
Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
# Source1-md5: 236166e774cee788cf594b05dd1dd70d
Source2: %{name}.pamd
@@ -23,16 +23,13 @@ Source3: %{name}rc
Patch2: %{name}-manual.patch
Patch3: %{name}-ia64.patch
Patch4: %{name}-info.patch
-Patch5: %{name}-debian_fixed.patch
Patch7: %{name}-no_hardcoded_term_sequences.patch
Patch8: %{name}-home_etc.patch
Patch9: %{name}-no-libs.patch
Patch12: %{name}-screenrc.patch
Patch13: %{name}-osc.patch
-Patch15: %{name}-statusline-encoding.patch
Patch17: %{name}-E3.patch
Patch18: %{name}-4.1.0-suppress_remap.patch
-Patch22: 52fix_%{name}_utf8_nfd.patch
Patch23: %{name}-bracketed_paste_mode.patch
URL: http://www.gnu.org/software/screen/
BuildRequires: autoconf >= 2.60
@@ -102,7 +99,6 @@ Screen корисний користувачам, які заходять на
%patch2 -p1
%patch3 -p0
%patch4 -p1
-%patch5 -p1
# DON'T ENABLE IT UNLESS YOU REALLY FIX IT
# (it's heavily broken - note that some sequences should be get for
# $TERM before running screen instance, and others for TERM=screen!)
@@ -111,10 +107,8 @@ Screen корисний користувачам, які заходять на
%patch9 -p1
%patch12 -p1
#%patch13 -p1 # my brain farted here, see if you have better luck
-%patch15 -p1
%patch17 -p2
%patch18 -p1
-%patch22 -p1
%patch23 -p1
%build
diff --git a/52fix_screen_utf8_nfd.patch b/52fix_screen_utf8_nfd.patch
deleted file mode 100644
index 0aa72d5..0000000
--- a/52fix_screen_utf8_nfd.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-## 52fix_screen_utf8_nfd.dpatch by Nobuhiro Iwamatsu <iwamatsu at debian.org>
-##
-## DP: screen outputs screen "ÿ" after a connected character.
-## DP: This is a character without the need.
-## DP: This happens in UTF-8 environment.
-## DP: Before : screen$ ruby1.9.1 -e 'puts "\u304b\u3099.."'
-## DP: がÿ...
-## DP: patch applied : screen $ ruby1.9.1 -e 'puts "\u304b\u3099.."'
-## DP: が..
-## DP: Report from http://d.hatena.ne.jp/mrkn/20101014/fix_screen_utf8_nfd_bug
-## DP: Copyright Kenta Murata (mrkn) <mrkn at ruby-lang.org>
-## DP: Modified by Nobuhiro Iwamatsu <iwamatsu at debian.org>
-
-Index: screen/ansi.c
-===================================================================
---- screen.orig/ansi.c 2012-03-20 22:15:02.000000000 +0100
-+++ screen/ansi.c 2012-03-20 22:41:45.000000000 +0100
-@@ -725,6 +725,10 @@
- LPutChar(&curr->w_layer, &omc, ox, oy);
- LGotoPos(&curr->w_layer, curr->w_x, curr->w_y);
- }
-+ if (curr->w_mbcs)
-+ {
-+ curr->w_rend.mbcs = curr->w_mbcs = 0;
-+ }
- break;
- }
- font = curr->w_rend.font;
-Index: screen/display.c
-===================================================================
---- screen.orig/display.c 2012-03-20 22:41:28.000000000 +0100
-+++ screen/display.c 2012-03-20 22:41:45.000000000 +0100
-@@ -603,7 +603,7 @@
- D_x += D_AM ? 1 : -1;
- D_mbcs = 0;
- }
-- else if (utf8_isdouble(c))
-+ else if (utf8_isdouble(c) || (c >= 0xd800 && c < 0xe000))
- {
- D_mbcs = c;
- D_x++;
diff --git a/screen-E3.patch b/screen-E3.patch
index 7438929..ba83dc9 100644
--- a/screen-E3.patch
+++ b/screen-E3.patch
@@ -41,7 +41,7 @@ index cc8f565..3efb67b 100644
--- a/src/screen.c
+++ b/src/screen.c
@@ -1967,6 +1967,7 @@ int mode;
- #endif
+
case D_LOCK:
ClearAll();
+ ClearScrollbackBuffer();
diff --git a/screen-bracketed_paste_mode.patch b/screen-bracketed_paste_mode.patch
index 6d1bed6..a780f69 100644
--- a/screen-bracketed_paste_mode.patch
+++ b/screen-bracketed_paste_mode.patch
@@ -153,7 +153,7 @@ diff -ruNp screen-4.8.0.orig/display.h screen-4.8.0/display.h
+ int d_bracketed; /* bracketed paste mode */
+ int d_cursorstyle; /* cursor style */
#ifdef RXVT_OSC
- int d_xtermosc[4]; /* osc used */
+ int d_xtermosc[5]; /* osc used */
#endif
@@ -198,6 +200,8 @@ extern struct display TheDisplay;
diff --git a/screen-debian_fixed.patch b/screen-debian_fixed.patch
deleted file mode 100644
index e71b7e5..0000000
--- a/screen-debian_fixed.patch
+++ /dev/null
@@ -1,192 +0,0 @@
---- screen-4.6.1/doc/screen.1.orig 2017-07-12 19:34:02.890716565 +0200
-+++ screen-4.6.1/doc/screen.1 2017-07-12 19:34:56.057382623 +0200
-@@ -1226,7 +1226,7 @@
- .PP
- Change the filename used for reading and writing with the paste buffer.
- If the optional argument to the \*Qbufferfile\*U command is omitted,
--the default setting (\*Q/tmp/screen\-exchange\*U) is reactivated.
-+the default setting (\*Q$HOME/.screen\-exchange\*U) is reactivated.
- The following example will paste the system's password file into
- the
- .I screen
-@@ -1540,7 +1540,7 @@
- \fBA\fP toggles in append mode and sets a (second) mark.
- .PP
- \fB>\fP sets the (second) mark and writes the contents of the paste buffer to
--the screen-exchange file (/tmp/screen\-exchange per default) once copy-mode is
-+the screen-exchange file ($HOME/.screen\-exchange per default) once copy-mode is
- finished.
- .PP
- This example demonstrates how to dump the whole scrollback buffer
-@@ -3651,7 +3651,7 @@
- users on the same host. If an encoding is specified the paste buffer
- is recoded on the fly to match the encoding.
- The filename can be set with the \fIbufferfile\fP
--command and defaults to \*Q/tmp/screen\-exchange\*U.
-+command and defaults to \*Q$HOME/.screen\-exchange\*U.
- .RE
- .TP
- .BR "writelock " [ on | "off\fR|\fBauto\fR]"
-@@ -5030,7 +5030,7 @@
- Written by the "termcap" output function
- .IP /tmp/screens/screen\-exchange
- or
--.IP /tmp/screen\-exchange
-+.IP $HOME/.screen\-exchange
- .I screen
- `interprocess communication buffer'
- .IP hardcopy.[0-9]
---- ./doc/screen.texinfo.org Wed Jun 19 13:36:55 2002
-+++ ./doc/screen.texinfo Wed Jun 19 13:49:42 2002
-@@ -3000,7 +3000,7 @@
-
- @noindent
- @kbd{>} sets the (second) mark and writes the contents of the paste buffer
--to the screen-exchange file (@file{/tmp/screen-exchange} per default)
-+to the screen-exchange file (@file{$HOME/.screen-exchange} per default)
- once copy-mode is finished. @xref{Screen Exchange}.@*
- This example demonstrates how to dump the
- whole scrollback buffer to that file: @*@kbd{C-a [ g SPACE G $ >}.
-@@ -3124,7 +3124,7 @@
- (none)@*
- Change the filename used for reading and writing with the paste buffer.
- If the @var{exchange-file} parameter is omitted, @code{screen} reverts
--to the default of @file{/tmp/screen-exchange}. The following example
-+to the default of @file{$HOME/.screen-exchange}. The following example
- will paste the system's password file into the screen window (using the
- paste buffer, where a copy remains):
-
-@@ -4843,7 +4843,7 @@
- Written by the @code{dumptermcap} command
-
- @item /usr/tmp/screens/screen-exchange or
-- at itemx /tmp/screen-exchange
-+ at itemx $HOME/.screen-exchange
- @code{screen} interprocess communication buffer
-
- @item hardcopy.[0-9]
---- ./etc/etcscreenrc.org Sat Apr 28 17:25:34 2001
-+++ ./etc/etcscreenrc Wed Jun 19 13:51:34 2002
-@@ -1,6 +1,6 @@
- #
- # This is an example for the global screenrc file.
--# You may want to install this file as /usr/local/etc/screenrc.
-+# You may want to install this file as /etc/screenrc.
- # Check config.h for the exact location.
- #
- # Flaws of termcap and standard settings are done here.
-@@ -92,3 +92,6 @@
- bind 'O' login off
- bind '}' history
-
-+# On Debian GNU/Linux, `<--' (Backspace key) should send char `\177':
-+bindkey -k kb stuff "\177"
-+
---- ./process.c.org Mon Feb 11 13:30:08 2002
-+++ ./process.c Wed Jun 19 13:52:22 2002
-@@ -2356,7 +2356,7 @@
- #ifdef COPY_PASTE
- case RC_BUFFERFILE:
- if (*args == 0)
-- BufferFile = SaveStr(DEFAULT_BUFFERFILE);
-+ BufferFile = SaveStr(bufferfile);
- else if (ParseSaveStr(act, &BufferFile))
- break;
- if (msgok)
---- screen-4.5.0/screen.c~ 2017-01-19 11:46:42.000000000 +0200
-+++ screen-4.5.0/screen.c 2017-01-19 11:47:53.835503179 +0200
-@@ -109,6 +109,7 @@
- FILE *dfp;
- #endif
-
-+char bufferfile[MAXPATHLEN];
-
- extern char Term[], screenterm[], **environ, Termcap[];
- int force_vt = 1;
-@@ -271,7 +272,7 @@
- char *name;
- struct passwd *ppp;
- {
-- int n;
-+ int n, len;
- #ifdef SHADOWPW
- struct spwd *sss = NULL;
- static char *spw = NULL;
-@@ -303,11 +303,16 @@
- pw_try_again:
- #endif
- n = 0;
-+ len = 13;
- if (ppp->pw_passwd[0] == '#' && ppp->pw_passwd[1] == '#' && strcmp(ppp->pw_passwd + 2, ppp->pw_name) == 0)
- n = 13;
-- for (; n < 13; n++) {
-+ else if (!strncmp(ppp->pw_passwd, "$1$", 3)) { /* MD5-based passwords */
-+ n = 13;
-+ len = 34;
-+ }
-+ for (; n < len; n++) {
- char c = ppp->pw_passwd[n];
-- if (!(c == '.' || c == '/' || c == '$' ||
-+ if (!(c == '.' || c == '/' || (len == 34 && c == '$') ||
- (c >= '0' && c <= '9') ||
- (c >= 'a' && c <= 'z') ||
- (c >= 'A' && c <= 'Z')))
-@@ -479,9 +479,6 @@
- timestring = SaveStr("%c:%s %M %d %H%? %l%?");
- wlisttit = SaveStr(" Num Name%=Flags");
- wliststr = SaveStr("%4n %t%=%f");
--#ifdef COPY_PASTE
-- BufferFile = SaveStr(DEFAULT_BUFFERFILE);
--#endif
- ShellProg = NULL;
- #ifdef POW_DETACH
- PowDetachString = 0;
-@@ -902,6 +905,8 @@
- #endif /* DEBUG */
- }
-
-+ snprintf(bufferfile,sizeof(bufferfile),"%s/.screen-exchange", home);
-+ BufferFile = SaveStr(bufferfile);
- #ifdef _MODE_T
- oumask = umask(0); /* well, unsigned never fails? jw. */
- #else
---- ./screen.h.org Tue Jan 8 16:42:45 2002
-+++ ./screen.h Wed Jun 19 14:01:15 2002
-@@ -44,6 +44,7 @@
- #include "layer.h"
- #include "term.h"
-
-+extern char bufferfile[MAXPATHLEN];
-
- #ifdef DEBUG
- # define STATIC /* a function that the debugger should see */
---- ./window.c.org Tue Jan 8 20:47:31 2002
-+++ ./window.c Wed Jun 19 14:03:39 2002
-@@ -1549,6 +1549,12 @@
- FreePseudowin(w);
- return -1;
- }
-+ if (ioctl(w->w_ptyfd, TIOCPKT, (char *)&flag))
-+ {
-+ Msg(errno, "TIOCPKT ioctl on parent");
-+ FreePseudowin(w);
-+ return -1;
-+ }
- }
- #endif /* TIOCPKT */
-
-@@ -1587,6 +1593,14 @@
- w->w_readev.condpos = w->w_readev.condneg = 0;
- free((char *)pwin);
- w->w_pwin = NULL;
-+#ifdef TIOCPKT
-+ {
-+ int flag = 1;
-+
-+ if (ioctl(w->w_ptyfd, TIOCPKT, (char *)&flag))
-+ Msg(errno, "TIOCPKT reset on parent failed");
-+ }
-+#endif /* TIOCPKT */
- }
-
- #endif /* PSEUDOS */
diff --git a/screen-ia64.patch b/screen-ia64.patch
index 1408121..6dee8f1 100644
--- a/screen-ia64.patch
+++ b/screen-ia64.patch
@@ -1,7 +1,7 @@
--- configure.ac.orig Wed Jun 14 16:04:17 2000
+++ configure.ac Fri Sep 8 19:15:51 2000
@@ -625,6 +625,9 @@
- AC_MSG_ERROR(!!! no tgetent - no screen))))))
+ AC_MSG_ERROR(!!! no tgetent - no screen)))))))))
AC_TRY_RUN([
+
diff --git a/screen-info.patch b/screen-info.patch
index e794016..63c840a 100644
--- a/screen-info.patch
+++ b/screen-info.patch
@@ -9,7 +9,7 @@
@finalout
@setchapternewpage odd
@c %**end of header
- @set version 4.8.0
+ @set version 4.9.0
@direntry
-* Screen: (screen). Full-screen window manager.
diff --git a/screen-manual.patch b/screen-manual.patch
index f3d8bca..20ff301 100644
--- a/screen-manual.patch
+++ b/screen-manual.patch
@@ -46,7 +46,7 @@
See also \*Qsleep\*U.
Echo is also useful for online checking of environment variables.
@@ -2397,7 +2397,7 @@
- .B lockscreen
+ .RS 0
.PP
Lock this display.
-Call a screenlock program (/local/bin/lck or /usr/bin/lock or a builtin if no
diff --git a/screen-screenrc.patch b/screen-screenrc.patch
index 9f0cd8f..7c2c1bc 100644
--- a/screen-screenrc.patch
+++ b/screen-screenrc.patch
@@ -3,7 +3,7 @@
@@ -1,21 +1,26 @@
-#
-# This is an example for the global screenrc file.
--# You may want to install this file as /etc/screenrc.
+-# You may want to install this file as /usr/local/etc/screenrc.
-# Check config.h for the exact location.
+# This is global screenrc file.
#
@@ -62,9 +62,9 @@
termcap xterm|fptwist hs@:cs=\E[%i%d;%dr:im=\E[4h:ei=\E[4l
terminfo xterm|fptwist hs@:cs=\E[%i%p1%d;%p2%dr:im=\E[4h:ei=\E[4l
-@@ -71,27 +76,93 @@
- #termcap xterm|xterms|xs ti=\E7\E[?47l
- #terminfo xterm|xterms|xs ti=\E7\E[?47l
+@@ -71,24 +76,89 @@
+ termcap xterm|xterms|xs ti=\E7\E[?47l
+ terminfo xterm|xterms|xs ti=\E7\E[?47l
-#make hp700 termcap/info better
+# make hp700 termcap/info better
@@ -106,7 +106,7 @@
+bind 'I' login on
+bind 'O' login off
+bind '}' history
-+
+
+# Yet another hack:
+# Prepend/append register [/] to the paste if ^a^] is pressed.
+# This lets me have autoindent mode in vi.
@@ -116,10 +116,6 @@
+
+# rebind so the window list is recently used first.
+bind '"' windowlist -m
-
- # On Debian GNU/Linux, `<--' (Backspace key) should send char `\177':
- bindkey -k kb stuff "\177"
-
+######################
+#
+# status bar settings
diff --git a/screen-statusline-encoding.patch b/screen-statusline-encoding.patch
deleted file mode 100644
index ba7460c..0000000
--- a/screen-statusline-encoding.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-https://savannah.gnu.org/bugs/index.php?23955
-
---- ./process.c.orig 2008-05-08 02:37:33.000000000 +0800
-+++ ./process.c 2008-05-08 02:37:49.000000000 +0800
-@@ -3422,6 +3422,7 @@
- {
- WinSwitchEncoding(fore, n);
- ResetCharsets(fore);
-+ RedisplayDisplays(0);
- }
- else if (i && display)
- D_encoding = n;
---- screen-4.5.0/screen.c~ 2017-01-19 11:48:22.000000000 +0200
-+++ screen-4.5.0/screen.c 2017-01-19 11:49:18.766380947 +0200
-@@ -2766,6 +2766,18 @@
- p += strlen(p) - 1;
- break;
-
-+#ifdef ENCODINGS
-+ case 'e':
-+ *p = 0;
-+ D_encoding = nwin_options.encoding > 0 ? nwin_options.encoding : 0;
-+ if (win && win->w_encoding)
-+ {
-+ strcpy(p, EncodingName(win->w_encoding));
-+ }
-+ p += strlen(p) - 1;
-+ break;
-+#endif
-+
- case '{':
- {
- char rbuf[128];
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/screen.git/commitdiff/188c8f365f6221ecf8082430d131fce57805da3e
More information about the pld-cvs-commit
mailing list