forked from pool/xterm
Marcus Meissner
884b572c79
- update to 385: * fixes for ReGIS (report by Ben Wong). + correct conversion from HLS to RGB + improve font-caching performance. * update tables in wcwidth.c based on Unicode 15.1.0 * improve fastScroll resource: + suppress screen-refreshes for carriage-returns + add -jf option to simplify use of this resource. + add a control sequence for enabling/disabling the resource. + enable this feature by default * extend title-stack feature to allow an additional parameter to directly access the stack, like the XTPUSHCOLORS and XTPOPCOLORS feature. * correct size and position of box shown for double-cell character which happens to be missing from the bitmap font (report by Peter Fabinski). * improved configure script: + add pattern for uClibc-ng to CF_XOPEN_SOURCE (report/patch by Waldemar Brodkorb). + add configure options --with-utmp-path and --with-wtmp-path to override configure script's check for utmp/wtmp pathnames which are shown in the manual (Debian #1042767). + CF_XOPEN_SOURCE provides for defining _DEFAULT_SOURCE for MinGW32 and MinGW64. + sed expression used to report gcc version now works with MinGW * ensure that line-attributes are reset after drawing missing character (report by Christian Weisgerber). * update config.guess, config.sub - rebased all patches OBS-URL: https://build.opensuse.org/request/show/1114902 OBS-URL: https://build.opensuse.org/package/show/X11:terminals/xterm?expand=0&rev=226
34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
# HG changeset patch
|
|
# Parent d5ffae3ffb4d7bccf09feb476eed67e7688d73cf
|
|
# forbid dangerous escape sequences (font loading)
|
|
|
|
Index: xterm-385/XTerm.ad
|
|
===================================================================
|
|
--- xterm-385.orig/XTerm.ad
|
|
+++ xterm-385/XTerm.ad
|
|
@@ -269,6 +269,11 @@
|
|
! Alternatively,
|
|
!*on2Clicks: regex [[:alpha:]]+://([[:alnum:]!#+,./=?@_~-]|(%[[:xdigit:]][[:xdigit:]]))+
|
|
|
|
+! Security: Disallow operations that might allow raw text being pasted to xterm to
|
|
+! execute code.
|
|
+*allowWindowOps: false
|
|
+*allowFontOps: false
|
|
+
|
|
!! We want a 8bit clean xterm
|
|
*eightBitInput: true
|
|
*eightBitOutput: true
|
|
Index: xterm-385/xterm.man
|
|
===================================================================
|
|
--- xterm-385.orig/xterm.man
|
|
+++ xterm-385/xterm.man
|
|
@@ -2277,7 +2277,7 @@ The default is \*(``true\*(''.
|
|
.TP
|
|
.B "allowFontOps\fP (class\fB AllowFontOps\fP)"
|
|
Specifies whether control sequences that set/query the font should be allowed.
|
|
-The default is \*(``true\*(''.
|
|
+The default is \*(``false\*(''.
|
|
.TP
|
|
.B "allowMouseOps\fP (class\fB AllowMouseOps\fP)"
|
|
Specifies whether control sequences that enable \fI\*n\fP to send
|