[PATCH v2] screen: Update to version 5.0.1

Adolf Belka Fri, 23 May 2025 09:10:21 -0700

- This v2 version is with the correct tarball, without the binary object files.
- Update from version 5.0.0 to 5.0.1
- Update of rootfile
- 5 CVE fixes included in this version
- Changelog
    5.0.1
        Security fix
            CVE-2025-46805: do NOT send signals with root privileges
            CVE-2025-46804: avoid file existence test information leaks
            CVE-2025-46803: apply safe PTY default mode of 0620
            CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
            CVE-2025-23395: reintroduce lf_secreopen() for logfile
            buffer overflow due bad strncpy()
            uninitialized variables warnings
            typos
            combining char handling that could lead to a segfault


Signed-off-by: Adolf Belka <adolf.be...@ipfire.org>
---
 config/rootfiles/common/screen | 3 +--
 lfs/screen                     | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/common/screen b/config/rootfiles/common/screen
index 3442bff2b..e8b72aaa2 100644
--- a/config/rootfiles/common/screen
+++ b/config/rootfiles/common/screen
@@ -1,7 +1,6 @@
 etc/screenrc
 usr/bin/screen
-usr/bin/screen-5.0.0
-#usr/share/info/screen.info
+usr/bin/screen-5.0.1
 #usr/share/man/man1/screen.1
 #usr/share/screen
 #usr/share/screen/utf8encodings
diff --git a/lfs/screen b/lfs/screen
index 6388002cf..5c7201985 100644
--- a/lfs/screen
+++ b/lfs/screen
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2024  IPFire Team  <i...@ipfire.org>                     #
+# Copyright (C) 2007-2025  IPFire Team  <i...@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 5.0.0
+VER        = 5.0.1
 
 THISAPP    = screen-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 
5ff218afc1692ae201776f759ff2217a51dcf02202e4ba5d12de50a768df83e0e2a7a3511a5f85a3b21362892f31a4fd90d6444918915165ae12a8c0c2b3af39
+$(DL_FILE)_BLAKE2 = 
ce8478718903ea4f9f7d5de2c77008cee304fef1065f3d564844844cb3ba7acb88bfe2cda051cecee0f034b19ea4e52a0fcc1549f9339eac33e7748ab59cd0f5
 
 install : $(TARGET)
 
-- 
2.49.0

[PATCH v2] screen: Update to version 5.0.1

Reply via email to