This commit is contained in:
parent
3c856baad4
commit
1839d56a04
@ -1,7 +1,6 @@
|
|||||||
diff -ru xterm-228.orig/XTerm.ad xterm-228/XTerm.ad
|
--- xterm-238/XTerm.ad
|
||||||
--- xterm-228.orig/XTerm.ad 2007-03-18 23:41:40.000000000 +0100
|
+++ xterm-238/XTerm.ad
|
||||||
+++ xterm-228/XTerm.ad 2007-07-24 17:30:25.000000000 +0200
|
@@ -3,7 +3,7 @@
|
||||||
@@ -4,7 +4,7 @@
|
|
||||||
*saveLines: 1024
|
*saveLines: 1024
|
||||||
|
|
||||||
*SimpleMenu*BackingStore: NotUseful
|
*SimpleMenu*BackingStore: NotUseful
|
||||||
|
3
xterm-238.tar.bz2
Normal file
3
xterm-238.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:eb5ebe2ea7f82a110de4cb595bd0156c11c1c1bb6ed314cbbd9170d091143614
|
||||||
|
size 697301
|
34
xterm-disallow-window-and-fonts-ops.patch
Normal file
34
xterm-disallow-window-and-fonts-ops.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
--- XTerm.ad
|
||||||
|
+++ XTerm.ad
|
||||||
|
@@ -209,6 +209,11 @@
|
||||||
|
! Alternatively,
|
||||||
|
!*on2Clicks: regex [[:alpha:]]+://([[:alnum:]!#+,./=?@_~-]|(%[[:xdigit:]][[:xdigit:]]))+
|
||||||
|
|
||||||
|
+! Security: Disallow operations that might allow raw text being pasted to xterm to
|
||||||
|
+! execute code.
|
||||||
|
+*allowWindowOps: false
|
||||||
|
+*allowFontOps: false
|
||||||
|
+
|
||||||
|
!! We want a 8bit clean xterm
|
||||||
|
*eightBitInput: true
|
||||||
|
*eightBitOutput: true
|
||||||
|
--- xterm.man
|
||||||
|
+++ xterm.man
|
||||||
|
@@ -1449,7 +1449,7 @@
|
||||||
|
.TP
|
||||||
|
.B "allowFontOps (\fPclass\fB AllowFontOps)"
|
||||||
|
Specifies whether control sequences that set/query the font should be allowed.
|
||||||
|
-The default is ``true.''
|
||||||
|
+The default is ``false.''
|
||||||
|
.TP 8
|
||||||
|
.B "allowSendEvents (\fPclass\fB AllowSendEvents)"
|
||||||
|
Specifies whether or not synthetic key and button events (generated using
|
||||||
|
@@ -1473,7 +1473,7 @@
|
||||||
|
.B "allowWindowOps (\fPclass\fB AllowWindowOps)"
|
||||||
|
Specifies whether extended window control sequences (as used in dtterm)
|
||||||
|
should be allowed.
|
||||||
|
-The default is ``true.''
|
||||||
|
+The default is ``false.''
|
||||||
|
.TP 8
|
||||||
|
.B "altIsNotMeta (\fPclass\fB AltIsNotMeta\fP)"
|
||||||
|
If ``true'', treat the Alt-key as if it were the Meta-key.
|
@ -1,3 +1,56 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jan 5 15:03:09 CET 2009 - meissner@suse.de
|
||||||
|
|
||||||
|
- update to release xterm-238, Linux relevant changes:
|
||||||
|
|
||||||
|
- Various security fixes for CVE-2008-2383 (ANSI command injection)
|
||||||
|
|
||||||
|
- xterm-disallow-window-and-fonts-ops.patch: add allowWindowOps and
|
||||||
|
allowFontOps as "false" for default. bnc#462917
|
||||||
|
|
||||||
|
- Patch #238 - 2008/12/30
|
||||||
|
# reset the screen wrapping-flag at the end of ClearRight to fix an
|
||||||
|
occasional case where the last character of a scrolled and wrapped
|
||||||
|
line would be cleared (patch by Joe Peterson).
|
||||||
|
# modify to use POSIX coding for comparing resource settings such as
|
||||||
|
locale, to work with locales such as Turkish (report by M Vefa
|
||||||
|
Bicakci).
|
||||||
|
# turn on configure paste64 feature by default (request by Jean-Philippe
|
||||||
|
Bernardy). It is runtime enabled/disabled with allowWindowOps.
|
||||||
|
# turn on configure tcap-query feature by default, add resource
|
||||||
|
allowTcapOps to make this runtime enabled/disabled.
|
||||||
|
# make OSC 3 (change X property, from patch #110) subject to
|
||||||
|
allowWindowOps resource.
|
||||||
|
# make VT220 DSR responses inactive in VT100-mode.
|
||||||
|
# make DECUDK feature inactive in VT100-mode.
|
||||||
|
# respond to incorrectly formatted DECRQSS with a cancel.
|
||||||
|
# add allowFontOps resource to allow the fontsize-switching and font
|
||||||
|
query/set control sequences to be enabled/disabled (prompted by Debian
|
||||||
|
#510030).
|
||||||
|
# some code cleanup based on gcc 4.x -Wconversion warnings in button.c
|
||||||
|
and charproc.c
|
||||||
|
# modify tcap-query feature to not return data for shifted cursor-keys
|
||||||
|
when the keyboard type is set to vt220, since returning the same
|
||||||
|
string for shifted/unshifted keys may confuse some applications
|
||||||
|
(GenToo #212546).
|
||||||
|
|
||||||
|
- Patch #237 - 2008/09/14
|
||||||
|
# improve usability of TrueType fonts by making the font-size switching
|
||||||
|
for shifted keypad plus/minus use the faceSize resources to determine
|
||||||
|
the order of fonts (when TrueType fonts are used) rather than the
|
||||||
|
bitmap fonts, since their sizes may not be in the same order (report
|
||||||
|
by H Merijn Brand)
|
||||||
|
# remove an optimization of ConfigureNotify events from patch #236
|
||||||
|
which seems to interfere with passing SIGWINCH to applications
|
||||||
|
(GenToo #233836).
|
||||||
|
# modify handling of altSendsEscape to reset the eightBitInput mode,
|
||||||
|
like metaSendsEscape (patch by Ted Phelps).
|
||||||
|
# add feature to show the text-cursor as an underline rather than a box,
|
||||||
|
plus command-line options -uc and +uc and resource cursorUnderLine to
|
||||||
|
control the feature (patch by Paul Lampert).
|
||||||
|
# update config.guess, config.sub
|
||||||
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jul 28 11:16:08 CEST 2008 - sndirsch@suse.de
|
Mon Jul 28 11:16:08 CEST 2008 - sndirsch@suse.de
|
||||||
|
|
||||||
|
76
xterm.spec
76
xterm.spec
@ -1,10 +1,17 @@
|
|||||||
#
|
#
|
||||||
# spec file for package xterm (Version 236)
|
# spec file for package xterm (Version 238)
|
||||||
#
|
#
|
||||||
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
# This file and all modifications and additions to the pristine
|
|
||||||
# package are under the same license as the package itself.
|
|
||||||
#
|
#
|
||||||
|
# All modifications and additions to the file contributed by third parties
|
||||||
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
# upon. The license for this file, and modifications and additions to the
|
||||||
|
# file, is the same license as for the pristine package itself (unless the
|
||||||
|
# license for the pristine package is not an Open Source License, in which
|
||||||
|
# case the license is the MIT License). An "Open Source License" is a
|
||||||
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||||
#
|
#
|
||||||
|
|
||||||
@ -19,10 +26,10 @@ License: X11/MIT
|
|||||||
Group: System/X11/Utilities
|
Group: System/X11/Utilities
|
||||||
Provides: xorg-x11:/usr/X11R6/bin/xterm XFree86:/usr/X11R6/bin/xterm
|
Provides: xorg-x11:/usr/X11R6/bin/xterm XFree86:/usr/X11R6/bin/xterm
|
||||||
AutoReqProv: on
|
AutoReqProv: on
|
||||||
Version: 236
|
Version: 238
|
||||||
Release: 1
|
Release: 1
|
||||||
Summary: The basic X terminal program
|
Summary: The basic X terminal program
|
||||||
Source: %name.tar.gz
|
Source: ftp://invisible-island.net/xterm/%name-%version.tar.bz2
|
||||||
Source1: luitx
|
Source1: luitx
|
||||||
Source3: Backarrow2Delete
|
Source3: Backarrow2Delete
|
||||||
Source4: Backarrow2BackSpace
|
Source4: Backarrow2BackSpace
|
||||||
@ -37,6 +44,7 @@ Patch1: p_xterm-settings.diff
|
|||||||
Patch2: p_xterm-sigwinch.diff
|
Patch2: p_xterm-sigwinch.diff
|
||||||
Patch3: bug-246573-tentative-patch.diff
|
Patch3: bug-246573-tentative-patch.diff
|
||||||
Patch4: desktop.diff
|
Patch4: desktop.diff
|
||||||
|
Patch5: xterm-disallow-window-and-fonts-ops.patch
|
||||||
Patch293793: bugzilla-293793-do-not-insist-on-iso8859-fonts-for-the-menu.patch
|
Patch293793: bugzilla-293793-do-not-insist-on-iso8859-fonts-for-the-menu.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
|
|
||||||
@ -155,11 +163,12 @@ Authors:
|
|||||||
Zarick Lau
|
Zarick Lau
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -n xterm-%version -b7
|
%setup -q -b7
|
||||||
%patch1 -p0 -b .xterm-settings
|
%patch1 -p0 -b .xterm-settings
|
||||||
%patch2 -p0 -b .xterm-sigwinch
|
%patch2 -p0 -b .xterm-sigwinch
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p0
|
%patch4 -p0
|
||||||
|
%patch5 -p0
|
||||||
%patch293793 -p1
|
%patch293793 -p1
|
||||||
cp $RPM_SOURCE_DIR/*bdf.bz2 .
|
cp $RPM_SOURCE_DIR/*bdf.bz2 .
|
||||||
bunzip2 *.bdf.bz2
|
bunzip2 *.bdf.bz2
|
||||||
@ -270,6 +279,51 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
/usr/share/pixmaps/*
|
/usr/share/pixmaps/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jan 05 2009 meissner@suse.de
|
||||||
|
- update to release xterm-238, Linux relevant changes:
|
||||||
|
- Various security fixes for CVE-2008-2383 (ANSI command injection)
|
||||||
|
- xterm-disallow-window-and-fonts-ops.patch: add allowWindowOps and
|
||||||
|
allowFontOps as "false" for default. bnc#462917
|
||||||
|
- Patch #238 - 2008/12/30
|
||||||
|
[#] reset the screen wrapping-flag at the end of ClearRight to fix an
|
||||||
|
occasional case where the last character of a scrolled and wrapped
|
||||||
|
line would be cleared (patch by Joe Peterson).
|
||||||
|
[#] modify to use POSIX coding for comparing resource settings such as
|
||||||
|
locale, to work with locales such as Turkish (report by M Vefa
|
||||||
|
Bicakci).
|
||||||
|
[#] turn on configure paste64 feature by default (request by Jean-Philippe
|
||||||
|
Bernardy). It is runtime enabled/disabled with allowWindowOps.
|
||||||
|
[#] turn on configure tcap-query feature by default, add resource
|
||||||
|
allowTcapOps to make this runtime enabled/disabled.
|
||||||
|
[#] make OSC 3 (change X property, from patch #110) subject to
|
||||||
|
allowWindowOps resource.
|
||||||
|
[#] make VT220 DSR responses inactive in VT100-mode.
|
||||||
|
[#] make DECUDK feature inactive in VT100-mode.
|
||||||
|
[#] respond to incorrectly formatted DECRQSS with a cancel.
|
||||||
|
[#] add allowFontOps resource to allow the fontsize-switching and font
|
||||||
|
query/set control sequences to be enabled/disabled (prompted by Debian
|
||||||
|
[#510030]).
|
||||||
|
[#] some code cleanup based on gcc 4.x -Wconversion warnings in button.c
|
||||||
|
and charproc.c
|
||||||
|
[#] modify tcap-query feature to not return data for shifted cursor-keys
|
||||||
|
when the keyboard type is set to vt220, since returning the same
|
||||||
|
string for shifted/unshifted keys may confuse some applications
|
||||||
|
(GenToo #212546).
|
||||||
|
- Patch #237 - 2008/09/14
|
||||||
|
[#] improve usability of TrueType fonts by making the font-size switching
|
||||||
|
for shifted keypad plus/minus use the faceSize resources to determine
|
||||||
|
the order of fonts (when TrueType fonts are used) rather than the
|
||||||
|
bitmap fonts, since their sizes may not be in the same order (report
|
||||||
|
by H Merijn Brand)
|
||||||
|
[#] remove an optimization of ConfigureNotify events from patch #236
|
||||||
|
which seems to interfere with passing SIGWINCH to applications
|
||||||
|
(GenToo #233836).
|
||||||
|
[#] modify handling of altSendsEscape to reset the eightBitInput mode,
|
||||||
|
like metaSendsEscape (patch by Ted Phelps).
|
||||||
|
[#] add feature to show the text-cursor as an underline rather than a box,
|
||||||
|
plus command-line options -uc and +uc and resource cursorUnderLine to
|
||||||
|
control the feature (patch by Paul Lampert).
|
||||||
|
[#] update config.guess, config.sub
|
||||||
* Mon Jul 28 2008 sndirsch@suse.de
|
* Mon Jul 28 2008 sndirsch@suse.de
|
||||||
- update to release xterm-236
|
- update to release xterm-236
|
||||||
* correct memory reallocation when handling a paste of UTF-8
|
* correct memory reallocation when handling a paste of UTF-8
|
||||||
@ -343,12 +397,12 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
* minor documentation fixes (patch by Slava Semushin)
|
* minor documentation fixes (patch by Slava Semushin)
|
||||||
* add makefile actions to install KOI8RXTerm app-defaults
|
* add makefile actions to install KOI8RXTerm app-defaults
|
||||||
file (patch by Julien Cristau).
|
file (patch by Julien Cristau).
|
||||||
* Wed Jan 02 2008 sndirsch@suse.de
|
* Tue Jan 01 2008 sndirsch@suse.de
|
||||||
- update to xterm-230:
|
- update to xterm-230:
|
||||||
* mainly bugfixes
|
* mainly bugfixes
|
||||||
* Wed Sep 19 2007 sndirsch@suse.de
|
* Wed Sep 19 2007 sndirsch@suse.de
|
||||||
- set foreground color as well; fixes xterm -rv (Bug #283984)
|
- set foreground color as well; fixes xterm -rv (Bug #283984)
|
||||||
* Sat Sep 01 2007 mfabian@suse.de
|
* Fri Aug 31 2007 mfabian@suse.de
|
||||||
- Bugzilla #306943: add xorg-x11 to BuildRequires because of
|
- Bugzilla #306943: add xorg-x11 to BuildRequires because of
|
||||||
‘bdftopcf’. Let the build fail if ‘bdftopcf’ is missing.
|
‘bdftopcf’. Let the build fail if ‘bdftopcf’ is missing.
|
||||||
- change app-defaults to use these fonts for wide characters
|
- change app-defaults to use these fonts for wide characters
|
||||||
@ -427,7 +481,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
(Bug #283984)
|
(Bug #283984)
|
||||||
* Thu Mar 29 2007 dmueller@suse.de
|
* Thu Mar 29 2007 dmueller@suse.de
|
||||||
- add ncurses-devel BuildRequires
|
- add ncurses-devel BuildRequires
|
||||||
* Sun Mar 25 2007 sndirsch@suse.de
|
* Sat Mar 24 2007 sndirsch@suse.de
|
||||||
- Patch #225 - 2007/3/24:
|
- Patch #225 - 2007/3/24:
|
||||||
* add useClipping resource to allow clipping to be disabled.
|
* add useClipping resource to allow clipping to be disabled.
|
||||||
* use XftDrawSetClipRectangles to work around Xft pixel-trash
|
* use XftDrawSetClipRectangles to work around Xft pixel-trash
|
||||||
@ -815,7 +869,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
- adjusted p_xterm-settings.diff
|
- adjusted p_xterm-settings.diff
|
||||||
* Thu Mar 24 2005 sndirsch@suse.de
|
* Thu Mar 24 2005 sndirsch@suse.de
|
||||||
- added missing xterm/resize manual pages (Bug #74467)
|
- added missing xterm/resize manual pages (Bug #74467)
|
||||||
* Mon Feb 07 2005 sndirsch@suse.de
|
* Sun Feb 06 2005 sndirsch@suse.de
|
||||||
- updated to xterm-200
|
- updated to xterm-200
|
||||||
* Fri Jan 28 2005 sndirsch@suse.de
|
* Fri Jan 28 2005 sndirsch@suse.de
|
||||||
- updated to xterm-199
|
- updated to xterm-199
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:80a2e78ba7dfe39326697be5dc9e7cd840b6053c6cb9687d67479dd6e9c2ee13
|
|
||||||
size 859451
|
|
Loading…
x
Reference in New Issue
Block a user