rpms/xterm
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import CS xterm-366-12.el9_6

Browse Source
This commit is contained in:
eabdullin 2025-08-19 09:52:06 +00:00
parent 4fdf210d3a
commit 55b932af0c
2 changed files with 73 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
SOURCES/xterm-366-CVE-2022-24130.patch Normal file
View File

@ -0,0 +1,60 @@
commit f4c2576f9b1068a57b7a926b9cdbec6423dd434f
Author: Tomas Korbar <tkorbar@redhat.com>
Date: Wed Jul 9 16:33:46 2025 +0200
Fix CVE-2022-24130
diff --git a/graphics_sixel.c b/graphics_sixel.c
index 304fa8f..2f21dcc 100644
--- a/graphics_sixel.c
+++ b/graphics_sixel.c
@@ -149,7 +149,7 @@ init_sixel_background(Graphic *graphic, SixelContext const *context)
graphic->color_registers_used[context->background] = 1;
}
-static void
+static Boolean
set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
{
const int mh = graphic->max_height;
@@ -183,8 +183,10 @@ set_sixel(Graphic *graphic, SixelContext const *context, int sixel)
}
} else {
TRACE(("sixel pixel %d out of bounds\n", pix));
+ return False;
}
}
+ return True;
}
static void
@@ -462,8 +464,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
init_sixel_background(graphic, &context);
graphic->valid = 1;
}
- if (sixel)
- set_sixel(graphic, &context, sixel);
+ if (sixel) {
+ if (!set_sixel(graphic, &context, sixel)) {
+ context.col = 0;
+ break;
+ }
+ }
context.col++;
} else if (ch == '$') { /* DECGCR */
/* ignore DECCRNLM in sixel mode */
@@ -531,8 +537,12 @@ parse_sixel(XtermWidget xw, ANSI *params, char const *string)
if (sixel) {
int i;
for (i = 0; i < Pcount; i++) {
- set_sixel(graphic, &context, sixel);
- context.col++;
+ if (set_sixel(graphic, &context, sixel)) {
+ context.col++;
+ } else {
+ context.col = 0;
+ break;
+ }
}
} else {
context.col += Pcount;

14
SPECS/xterm.spec
View File

@ -1,7 +1,7 @@
Summary: Terminal emulator for the X Window System
Name: xterm
Version: 366
Release: 10%{?dist}
Release: 12%{?dist}
URL: https://invisible-island.net/xterm
License: MIT
BuildRequires: make
@ -18,6 +18,7 @@ Patch1: xterm-defaults.patch
Patch2: xterm-desktop.patch
Patch3: xterm-man-paths.patch
Patch4: xterm-366-CVE-2022-45063.patch
Patch5: xterm-366-CVE-2022-24130.patch
%bcond_with trace
@ -42,6 +43,7 @@ indicate the current size of the window from which the command is run.
%patch2 -p1 -b .desk
%patch3 -p1 -b .man-paths
%patch4 -p1 -b .CVE-2022-45063
%patch5 -p1 -b .CVE-2022-24130
for f in THANKS; do
iconv -f iso8859-1 -t utf8 -o ${f}{_,} &&
@ -104,6 +106,16 @@ install -m644 -p xterm.appdata.xml $RPM_BUILD_ROOT%{_datadir}/appdata
%{_mandir}/man1/resize.1*
%changelog
* Wed Jul 17 2025 Tomas Korbar <tkorbar@redhat.com> - 366-12
- Rebuild because of build failure
- Resolves: RHEL-94699
- Resolves: RHEL-103430
* Wed Jul 09 2025 Tomas Korbar <tkorbar@redhat.com> - 366-11
- Fix CVE-2022-24130
- Resolves: RHEL-94699
- Resolves: RHEL-103430
* Tue Apr 15 2025 Tomas Korbar <tkorbar@redhat.com> - 366-10
- Fix CVE-2022-45063
- Resolves: RHEL-87485