aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-05-31 18:09:03 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-05-31 18:10:29 -0600
commitcf8d2c018382202b921826d740e6a2e504de392b (patch)
treeccc09177703cb3c7469d4840f82f4ea4074457ca
parent5649c092fc26b1c9adb22c61cb29225f3f93fae9 (diff)
downloadaports-cf8d2c018382202b921826d740e6a2e504de392b.tar.gz
aports-cf8d2c018382202b921826d740e6a2e504de392b.tar.bz2
aports-cf8d2c018382202b921826d740e6a2e504de392b.tar.xz
main/mrxvt: add mitigation for CVE-2021-33477
-rw-r--r--main/mrxvt/APKBUILD22
-rw-r--r--main/mrxvt/CVE-2021-33477.patch41
2 files changed, 52 insertions, 11 deletions
diff --git a/main/mrxvt/APKBUILD b/main/mrxvt/APKBUILD
index 6c92f3ef5c..5639290652 100644
--- a/main/mrxvt/APKBUILD
+++ b/main/mrxvt/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Mark Constable <markc@renta.net>
pkgname=mrxvt
pkgver=0.5.4
-pkgrel=7
+pkgrel=8
pkgdesc="A multi-tabbed X terminal emulator based on rxvt code"
url="http://materm.sourceforge.net/wiki/pmwiki.php"
arch="all"
@@ -13,9 +13,14 @@ source="
https://downloads.sourceforge.net/sourceforge/materm/$pkgname-$pkgver.tar.gz
mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
musl-fix-includes.patch
+ CVE-2021-33477.patch
mrxvt.desktop
"
+# secfixes:
+# 0.5.4-r8:
+# - CVE-2021-33477
+
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
@@ -58,15 +63,10 @@ package() {
install -Dm644 ../mrxvt.desktop $pkgdir/usr/share/applications/mrxvt.desktop
}
-md5sums="0232c8868484751dcb931a28f0756f69 mrxvt-0.5.4.tar.gz
-e4a8bb2521246aba85f8dcaa01aed527 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
-762a151ed6d4f3ee6928678fda5b477f musl-fix-includes.patch
-6ba3bcd484c8dad1b0b48465ded54de3 mrxvt.desktop"
-sha256sums="f403ad5a908fcd38a55ed0a7e1b85584cb77be8781199653a39b8af1a9ad10d7 mrxvt-0.5.4.tar.gz
-578f52cf072574ccfc8d500fb4d5d3ce97d7ecf610ec0f7798b8a74850b18756 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
-146201eb1f3e525eac3e287dae80575e20c3c09ed9d7c1d2d1f32414cd9ca8cd musl-fix-includes.patch
-3bdaed1adcd443347b01e3c976cd8c0923a75645ae75fcc4b5020dba07d20ac1 mrxvt.desktop"
-sha512sums="572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
+sha512sums="
+572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
27d8a9775a5ea6e5e0e588d84ab5c76cc76aaa4ebeb473950e8f6b3dbf660a380c2d2385356ab9bd12d2e00b98c467f99f8e1aac16c91f8ffa4e29a38124340a mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
4f2cf06484b1b364f7eb9f2acc629d2e600d4e614071fca5035d3654b083347f00162d2077496626fe4184dcac938b0b91f3ffe23f259b53ed475c4b8e85dbb0 musl-fix-includes.patch
-04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop"
+0b299ba3c049e91619a59df4c53053cdea0b3000e633495843518d1676b146214fea567fa1d441aca023e8c6ef0447cd43c7a4c4c0a498121e562d3afbafc59f CVE-2021-33477.patch
+04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop
+"
diff --git a/main/mrxvt/CVE-2021-33477.patch b/main/mrxvt/CVE-2021-33477.patch
new file mode 100644
index 0000000000..b1c6185a08
--- /dev/null
+++ b/main/mrxvt/CVE-2021-33477.patch
@@ -0,0 +1,41 @@
+--- mrxvt-0.5.4/src/command.c.orig
++++ mrxvt-0.5.4/src/command.c
+@@ -207,7 +207,9 @@
+ int rxvt_privcases (rxvt_t*, int, int, uint32_t);
+ void rxvt_process_terminal_mode (rxvt_t*, int, int, int, unsigned int, const int*);
+ void rxvt_process_sgr_mode (rxvt_t*, int, unsigned int, const int*);
++#if 0
+ void rxvt_process_graphics (rxvt_t*, int);
++#endif
+ void rxvt_process_getc (rxvt_t*, int, unsigned char);
+ /*--------------------------------------------------------------------*
+ * END `INTERNAL' ROUTINE PROTOTYPES *
+@@ -5029,10 +5031,12 @@
+ rxvt_scr_add_lines(r, page, (const unsigned char *)"\n\r", 1, 2);
+ break;
+
++#if 0
+ /* kidnapped escape sequence: Should be 8.3.48 */
+ case C1_ESA: /* ESC G */
+ rxvt_process_graphics(r, page);
+ break;
++#endif
+
+ /* 8.3.63: CHARACTER TABULATION SET */
+ case C1_HTS: /* ESC H */
+@@ -6671,6 +6675,7 @@
+ }
+ /*}}} */
+
++#if 0
+ /*{{{ process Rob Nation's own graphics mode sequences */
+ /* INTPROTO */
+ void
+@@ -6707,6 +6712,7 @@
+ printable characters. */
+ }
+ /*}}} */
++#endif
+
+ /* ------------------------------------------------------------------------- */
+