Marcus Meissner
884b572c79
- update to 385:
* fixes for ReGIS (report by Ben Wong).
+ correct conversion from HLS to RGB
+ improve font-caching performance.
* update tables in wcwidth.c based on Unicode 15.1.0
* improve fastScroll resource:
+ suppress screen-refreshes for carriage-returns
+ add -jf option to simplify use of this resource.
+ add a control sequence for enabling/disabling the resource.
+ enable this feature by default
* extend title-stack feature to allow an additional parameter to
directly access the stack, like the XTPUSHCOLORS and XTPOPCOLORS
feature.
* correct size and position of box shown for double-cell character
which happens to be missing from the bitmap font (report by Peter
Fabinski).
* improved configure script:
+ add pattern for uClibc-ng to CF_XOPEN_SOURCE (report/patch by
Waldemar Brodkorb).
+ add configure options --with-utmp-path and --with-wtmp-path to
override configure script's check for utmp/wtmp pathnames
which are shown in the manual (Debian #1042767).
+ CF_XOPEN_SOURCE provides for defining _DEFAULT_SOURCE for
MinGW32 and MinGW64.
+ sed expression used to report gcc version now works with MinGW
* ensure that line-attributes are reset after drawing missing
character (report by Christian Weisgerber).
* update config.guess, config.sub
- rebased all patches
OBS-URL: https://build.opensuse.org/request/show/1114902
OBS-URL: https://build.opensuse.org/package/show/X11:terminals/xterm?expand=0&rev=226
34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
# HG changeset patch
|
|
# Parent d5ffae3ffb4d7bccf09feb476eed67e7688d73cf
|
|
# forbid dangerous escape sequences (font loading)
|
|
|
|
Index: xterm-385/XTerm.ad
|
|
===================================================================
|
|
--- xterm-385.orig/XTerm.ad
|
|
+++ xterm-385/XTerm.ad
|
|
@@ -269,6 +269,11 @@
|
|
! Alternatively,
|
|
!*on2Clicks: regex [[:alpha:]]+://([[:alnum:]!#+,./=?@_~-]|(%[[:xdigit:]][[:xdigit:]]))+
|
|
|
|
+! Security: Disallow operations that might allow raw text being pasted to xterm to
|
|
+! execute code.
|
|
+*allowWindowOps: false
|
|
+*allowFontOps: false
|
|
+
|
|
!! We want a 8bit clean xterm
|
|
*eightBitInput: true
|
|
*eightBitOutput: true
|
|
Index: xterm-385/xterm.man
|
|
===================================================================
|
|
--- xterm-385.orig/xterm.man
|
|
+++ xterm-385/xterm.man
|
|
@@ -2277,7 +2277,7 @@ The default is \*(``true\*(''.
|
|
.TP
|
|
.B "allowFontOps\fP (class\fB AllowFontOps\fP)"
|
|
Specifies whether control sequences that set/query the font should be allowed.
|
|
-The default is \*(``true\*(''.
|
|
+The default is \*(``false\*(''.
|
|
.TP
|
|
.B "allowMouseOps\fP (class\fB AllowMouseOps\fP)"
|
|
Specifies whether control sequences that enable \fI\*n\fP to send
|