Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/x11-terms
diff options
context:
space:
mode:
authorChristian Hoffmann <hoffie@gentoo.org>2008-05-03 12:55:04 +0000
committerChristian Hoffmann <hoffie@gentoo.org>2008-05-03 12:55:04 +0000
commit57d39fbf0e4408f12267d98e1aa60fcd75410450 (patch)
tree8eb4498cc66e07f930db2d6559e7585604850467 /x11-terms
parentVersion bump. (diff)
downloadhistorical-57d39fbf0e4408f12267d98e1aa60fcd75410450.tar.gz
historical-57d39fbf0e4408f12267d98e1aa60fcd75410450.tar.bz2
historical-57d39fbf0e4408f12267d98e1aa60fcd75410450.zip
revbump to include a patch to fix CVE-2008-1142 (do not default to :0 if DISPLAY is unset), bug 217819; stable on amd64
Package-Manager: portage-2.1.5_rc6 RepoMan-Options: --force
Diffstat (limited to 'x11-terms')
-rw-r--r--x11-terms/rxvt/ChangeLog12
-rw-r--r--x11-terms/rxvt/Manifest14
-rw-r--r--x11-terms/rxvt/files/rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch52
-rw-r--r--x11-terms/rxvt/rxvt-2.7.10-r4.ebuild98
-rw-r--r--x11-terms/wterm/Manifest14
5 files changed, 186 insertions, 4 deletions
diff --git a/x11-terms/rxvt/ChangeLog b/x11-terms/rxvt/ChangeLog
index 6cf9371ac797..2a9ec98136b0 100644
--- a/x11-terms/rxvt/ChangeLog
+++ b/x11-terms/rxvt/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for x11-terms/rxvt
-# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-terms/rxvt/ChangeLog,v 1.57 2007/12/25 17:17:15 phreak Exp $
+# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/x11-terms/rxvt/ChangeLog,v 1.58 2008/05/03 12:55:03 hoffie Exp $
+
+*rxvt-2.7.10-r4 (03 May 2008)
+
+ 03 May 2008; Christian Hoffmann <hoffie@gentoo.org>
+ +files/rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch, +rxvt-2.7.10-r4.ebuild:
+ revbump to include a patch to fix CVE-2008-1142 (do not default to :0 if
+ DISPLAY is unset), bug 217819; ebuild cleanups (quoting, bindnow); stable
+ on amd64
25 Dec 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
Removing usata from metadata.xml as per #22931. Assigning to maintainer-needed.
diff --git a/x11-terms/rxvt/Manifest b/x11-terms/rxvt/Manifest
index 9d22c7030bad..42666a7b7fcc 100644
--- a/x11-terms/rxvt/Manifest
+++ b/x11-terms/rxvt/Manifest
@@ -1,3 +1,7 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+AUX rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch 1850 RMD160 0419acad74e4f9ece5a1341ee0a9c86c533ae069 SHA1 57a89c98ce1cfd725d19d4148439b8bf72faba97 SHA256 bcb38b2141d704799ae88ab1ba5004a4d4cec558d0f5231cb2eac74ba85f2c5c
AUX rxvt-2.7.10-asneeded.patch 631 RMD160 7d66f1b7770f58cc8e4195f1e6d8993eef91b293 SHA1 3155c8ad80570e8e6aa106aae2046dccad7cee60 SHA256 a0e1c98c38affd0f1bf7275927719c488f997d456596c9557cf7484b1c31f69d
AUX rxvt-2.7.10-azz4.diff 5072 RMD160 90688e1cd9c2515ab7620488152f20dc45e01a40 SHA1 d4f97e34b20460a51c3e33a10d8e03e2f7c4b80a SHA256 7add72e2b7c28b7f21c12e66a32e3434df866ae2b02b429776f37f39925a2da2
AUX rxvt-2.7.10-line-scroll.patch 432 RMD160 14615927fe9c697b537d46af69022d5c53125cdf SHA1 fd2f3826db0baeb3da70f44b0a3e5180a711e7e0 SHA256 4d9c73d8b7408bfe162adc87934962e7eab38be6d91952bce664498a8e3b5af5
@@ -5,5 +9,13 @@ AUX rxvt-2.7.10-rk.patch 2772 RMD160 ee65e783fbda978ca2b9c0e0193fa036caa93972 SH
DIST rxvt-2.7.10-xim-fix.patch.gz 602 RMD160 282479993e369b6d6dff8b41c3757c335e35fd47 SHA1 4875ed33354a93eb3fb9dea59cfffddd1ca4b260 SHA256 09ba6a98927e0f60defc399acc0b0d4debfb95d69035d99c1aa779315c2573e9
DIST rxvt-2.7.10.tar.gz 595073 RMD160 1bea3ff456b4f9ddce187b3e3a0ac11a7363c8eb SHA1 dabb960d94703d4f81e9a9a50749210a2977ef2b SHA256 616ad56502820264e6933d07bc4eb752aa6940ec14add6e780ffccf15f38d449
EBUILD rxvt-2.7.10-r3.ebuild 2283 RMD160 99bbd16ac42d45d15315cafee54b89aff7e5ffcf SHA1 d99a5f1fcbf6bc9b274f9d89e0204ac5160aa66e SHA256 ec57c8960b471c013f875e5ca47992291613801bc62fa2814ff6ad36be57d131
-MISC ChangeLog 8960 RMD160 d57ac5cc28f0566c5cd27a80d26e32a5f969abfc SHA1 fc81f5f9a0c721e18894360a823a49138d954edb SHA256 a041cdd8e9aca00aa2e11a86058d2c0f5960961371ff710a4470690867c2ba45
+EBUILD rxvt-2.7.10-r4.ebuild 2332 RMD160 440586c517ebcfcf9f1d3a60cf69cc730738348f SHA1 3b3efc4f6fd60a4ca08e97c98ade014715f63e4d SHA256 89937c585b3d48e4702cb82ef8419d6fa02ddef05fb7cf51917edf8745dc1bb0
+MISC ChangeLog 9282 RMD160 1b90c0ffc14ffae62b7c2140d52d1eb62dc9ddac SHA1 5fb4824595b717360d8420aaffac20fd4b64bcb0 SHA256 35144c73a8f086efcc97b367d1484da08ceade3d5ccb204b02bb615d97383518
MISC metadata.xml 520 RMD160 e8c66720099a0ea953d535432e5a2aeb217fa4ed SHA1 6227dd1bda0b6b10707bd6e24300a7d844037c2b SHA256 88c4f893b5ab8d6bf4d6deb6e5b1df8bb0ce7c33fe441e93e4a86cca77f3bdc3
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.9 (GNU/Linux)
+
+iEYEARECAAYFAkgcYK0ACgkQV6E0EIywUuUhnQCfU2iaVoNC7yZFBmwbLl3Xq8GL
+DhIAoKReE0xOhyN3pCbUcAEUz27cICJm
+=MJdD
+-----END PGP SIGNATURE-----
diff --git a/x11-terms/rxvt/files/rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch b/x11-terms/rxvt/files/rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch
new file mode 100644
index 000000000000..e817f8d0e316
--- /dev/null
+++ b/x11-terms/rxvt/files/rxvt-2.7.10-CVE-2008-1142-DISPLAY.patch
@@ -0,0 +1,52 @@
+# CVE-2008-1142 (rxvt 2.6.4 opens an xterm on :0 if the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections.)
+# Based on http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=41;filename=diff;att=1;bug=469296
+# bug 217819
+
+diff -Naur rxvt-2.7.10.orig/rclock/rclock.c rxvt-2.7.10/rclock/rclock.c
+--- rxvt-2.7.10.orig/rclock/rclock.c 2008-05-03 14:23:07.264082222 +0200
++++ rxvt-2.7.10/rclock/rclock.c 2008-05-03 14:24:55.433082735 +0200
+@@ -324,9 +324,6 @@
+ CheckMaildir();
+ #endif
+
+- if ((display_name = getenv ("DISPLAY")) == NULL)
+- display_name = ":0";
+-
+ /* parse the command line */
+ for (i = 1; i < argc; i += 2)
+ {
+@@ -424,7 +421,9 @@
+ Xdisplay = XOpenDisplay (display_name);
+ if (!Xdisplay)
+ {
+- print_error ("can't open display %s", display_name);
++ print_error ("can't open display %s", display_name?display_name:
++ getenv("DISPLAY")?getenv("DISPLAY"):
++ "as no -d given and DISPLAY not set");
+ goto Abort;
+ }
+
+diff -Naur rxvt-2.7.10.orig/src/init.c rxvt-2.7.10/src/init.c
+--- rxvt-2.7.10.orig/src/init.c 2008-05-03 14:23:07.247082766 +0200
++++ rxvt-2.7.10/src/init.c 2008-05-03 14:43:44.705227631 +0200
+@@ -532,8 +532,7 @@
+ /*
+ * Open display, get options/resources and create the window
+ */
+- if ((rs[Rs_display_name] = getenv("DISPLAY")) == NULL)
+- rs[Rs_display_name] = ":0";
++ rs[Rs_display_name] = getenv("DISPLAY");
+
+ rxvt_get_options(r, r_argc, r_argv);
+ free(r_argv);
+@@ -550,7 +549,9 @@
+
+ if (r->Xdisplay == NULL
+ && (r->Xdisplay = XOpenDisplay(rs[Rs_display_name])) == NULL) {
+- rxvt_print_error("can't open display %s", rs[Rs_display_name]);
++ rxvt_print_error("can't open display %s",
++ rs[Rs_display_name]?rs[Rs_display_name]:
++ "as no -display option given and DISPLAY not set");
+ exit(EXIT_FAILURE);
+ }
+
diff --git a/x11-terms/rxvt/rxvt-2.7.10-r4.ebuild b/x11-terms/rxvt/rxvt-2.7.10-r4.ebuild
new file mode 100644
index 000000000000..c9fdda923d61
--- /dev/null
+++ b/x11-terms/rxvt/rxvt-2.7.10-r4.ebuild
@@ -0,0 +1,98 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-terms/rxvt/rxvt-2.7.10-r4.ebuild,v 1.1 2008/05/03 12:55:03 hoffie Exp $
+
+inherit eutils flag-o-matic libtool
+
+DESCRIPTION="rxvt -- nice small x11 terminal"
+HOMEPAGE="http://rxvt.sourceforge.net/
+ http://www.giga.it.okayama-u.ac.jp/~ishihara/opensource/"
+SRC_URI="mirror://sourceforge/rxvt/${P}.tar.gz
+ http://www.giga.it.okayama-u.ac.jp/~ishihara/opensource/${P}-xim-fix.patch.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha amd64 ~hppa ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="motif cjk xgetdefault linuxkeys"
+
+RDEPEND="virtual/libc
+ x11-libs/libX11
+ x11-libs/libXpm
+ x11-libs/libXext
+ motif? ( x11-libs/openmotif )"
+DEPEND="${RDEPEND}
+ x11-proto/xproto"
+
+src_unpack() {
+ unpack "${P}.tar.gz"
+ cd "${S}"
+
+ epatch "${FILESDIR}"/${P}-line-scroll.patch
+ epatch "${FILESDIR}"/${P}-asneeded.patch
+ use motif && epatch "${FILESDIR}"/${P}-azz4.diff
+ if use cjk ; then
+ epatch "${DISTDIR}"/${P}-xim-fix.patch.gz
+ if use linguas_ja ; then
+ epatch "${FILESDIR}"/${P}-rk.patch
+ fi
+ fi
+
+ epatch "${FILESDIR}"/${P}-CVE-2008-1142-DISPLAY.patch
+ elibtoolize
+}
+
+src_compile() {
+
+ local term
+ if [ -n "${RXVT_TERM}" ] ; then
+ term="${RXVT_TERM}"
+ else
+ term="rxvt"
+ fi
+
+ # bug #22325
+ use linuxkeys && append-flags -DLINUX_KEYS
+
+ econf \
+ --enable-everything \
+ --enable-rxvt-scroll \
+ --enable-next-scroll \
+ --enable-xterm-scroll \
+ --enable-transparency \
+ --enable-xpm-background \
+ --enable-utmp \
+ --enable-wtmp \
+ --enable-mousewheel \
+ --enable-slipwheeling \
+ --enable-smart-resize \
+ --enable-256-color \
+ --enable-menubar \
+ $(use_enable cjk languages) \
+ --enable-xim \
+ --enable-shared \
+ --enable-keepscrolling \
+ --with-term=${term} \
+ $(use_enable xgetdefault) || die
+
+ emake || die
+}
+
+src_install() {
+
+ einstall mandir="${D}"/usr/share/man/man1 || die
+
+ cd "${S}"/doc
+ dodoc README* *.txt BUGS FAQ
+ dohtml *.html
+}
+
+pkg_postinst() {
+
+ einfo
+ einfo "If you want to change default TERM variable other than rxvt,"
+ einfo "set RXVT_TERM environment variable and then emerge rxvt."
+ einfo "Especially, if you use rxvt under monochrome X you might need to run"
+ einfo "\t RXVT_TERM=rxvt-basic emerge rxvt"
+ einfo "otherwise curses based program will not work."
+ einfo
+}
diff --git a/x11-terms/wterm/Manifest b/x11-terms/wterm/Manifest
index 12bf9c39f072..e21f47e5fda8 100644
--- a/x11-terms/wterm/Manifest
+++ b/x11-terms/wterm/Manifest
@@ -1,4 +1,16 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+AUX wterm-6.2.9-display-security-issue.patch 677 RMD160 e60dd0be8b51c95fbad982bf5e6c7f0ecb64fb1a SHA1 11582cb6351d3ffdaeb7134b3ac6f99063ebe612 SHA256 281a4052c2fd4467e0efe5fb6b8fd68ce0e6c7388bf8c310cd5756a3ef4aeb7e
DIST wterm-6.2.9.tar.gz 316773 RMD160 954c6264998456e90a62e25089fb5adc3924b2a8 SHA1 e3624d44c70f143ec77a6089ce4074357a9c3ae8 SHA256 a389e2c92c6040685b4d74bfb554f07b457c946b72acfae5ff1639096e798839
EBUILD wterm-6.2.9-r2.ebuild 922 RMD160 e5dfb755f3c3aa48262d2211ed3c20ac7149f177 SHA1 3d0292806ef7ba3c9b61d6ea502aeff5bc8ffc63 SHA256 613068667d3fdcfc9666f0c7d80fc7869e3d27ea3714658364711d58bd0f3493
-MISC ChangeLog 2287 RMD160 8bb3945943b8dbec92937f4ac86b83009d54d5f9 SHA1 8ad3acae78e038f1e179e50be26a00bc8e7ad33e SHA256 c24e6f1efb23199614ca2b834cbeb27fcce01a4e364b3b0874ed2de8f705a8f4
+EBUILD wterm-6.2.9-r3.ebuild 1063 RMD160 38c05d9b70f96888ce48044e5c05fd65216c407e SHA1 0fb5168a81887a39166ab4acc73bd3c101b8c329 SHA256 4807380dc54e63026a8c3a8b9b17b9ef0d557b1f8ea6c7af80e7d445a5b7bf49
+MISC ChangeLog 2493 RMD160 998fef6ebd7a08bc3d2e180860723a4fe8df4f0e SHA1 87c1be8a9d1f993f52ebf3023d6066e83ac168e8 SHA256 486892aadf8d8160620b5723894a7ec87ead4bca6f2c6b02860ea05855ca1e63
MISC metadata.xml 233 RMD160 d81ec1a0582856aeac5ef3bfec5c80d9850216f6 SHA1 9b94f113e7f382076b1749c2a856e409c96cade3 SHA256 dce03f6cdd96135caf3c971a5ca4a8c916f44532fe8cfb6df88b7bdade407e8b
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.9 (GNU/Linux)
+
+iEYEARECAAYFAkgcYZkACgkQKfQzuokD2Ire/wCfQqu5Xz/tcyw/SysJBA5QTM6z
+wgUAnAwWDBR9ftNkirdYa53Gg9F6a+Pv
+=gvyh
+-----END PGP SIGNATURE-----