#14639: xterm-366
-------------------------+-----------------------
Reporter: renodr | Owner: renodr
Type: enhancement | Status: assigned
Priority: high | Milestone: 10.1
Component: BOOK | Version: SVN
Severity: normal | Resolution:
Keywords: |
-------------------------+-----------------------
Changes (by renodr):
* priority: normal => high
Comment:
{{{
Patch #366 - 2021/02/10
correct a compiler-warning fix in patch #352 which allowed sign-
extension of coordinate values (report by "CismonX").
correct upper-limit for selection buffer, accounting for combining
characters (report/testcase by Tavis Ormandy).
with alwaysHighlight true, xterm does not properly track focus. The
screen->select FOCUS flag remains always on, which prevents bellIsUrgent
from working, as the urgent WM_HINT flag is only set in setXUrgency() when
the window is not focused. Fix this by updating screen->select in
unselectwindow() regardless of the value of always_highlight (patch by
Jiri Bohac).
improve fix for interaction between SRM and ENQ (report by Grant
Taylor).
build-fix for --with-Xaw3dxft, needed when --with-toolbar is omitted
(report by Jimmy Olgeni, Emanuel Haupt).
}}}
This seems to also contain a fix for CVE-2021-26937
[https://www.openwall.com/lists/oss-security/2021/02/09/7]
and
[https://www.openwall.com/lists/oss-security/2021/02/09/9]
and
[https://www.openwall.com/lists/oss-security/2021/02/11/1]
Note that GNU Screen is impacted as well, and it was the original package
that was used to discover this bug. Screen is still vulnerable, and the
maintainer seems to be working on a patch with the researchers that
discovered it.
[https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00000.html]
--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/14639#comment:2>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
