[Buildroot] [git commit branch/2023.08.x] package/xterm: security bump to version 384
Peter Korsgaard
peter at korsgaard.com
Mon Sep 25 06:41:43 UTC 2023
commit: https://git.buildroot.net/buildroot/commit/?id=c890cf539bc4ad8ecadec153b18f9309ba633ebd
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2023.08.x
- Fix CVE-2023-40359: xterm before 380 supports ReGIS reporting for
character-set names even if they have unexpected characters (i.e.,
neither alphanumeric nor underscore), aka a pointer/overflow issue.
This can only occur for xterm installations that are configured at
compile time to use a certain experimental feature.
- Update COPYING hash (update in year and version)
https://invisible-island.net/xterm/xterm.log.html#xterm_384
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998 at free.fr>
(cherry picked from commit 164d635f3782522c324c710b767ef21c598228c4)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/xterm/xterm.hash | 4 ++--
package/xterm/xterm.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/xterm/xterm.hash b/package/xterm/xterm.hash
index 12cd2e639b..1a2ad8fea0 100644
--- a/package/xterm/xterm.hash
+++ b/package/xterm/xterm.hash
@@ -1,4 +1,4 @@
# Locally calculated after checking pgp signature
-sha256 1e5bb7aad068fb31d6d3cbb77f80c7ad1526cd4c956a4ddcf2c5cf28af5334e1 xterm-376.tgz
+sha256 31ef870740ceae020c3c4b4a9601c7f47bfd46672c1aaf2d213a565d64cbc373 xterm-384.tgz
# Locally calculated
-sha256 9521ef761474cd31ea406f56a751646a7b42a9287cdc6f2f8e52ed4c4d2a73e7 COPYING
+sha256 98d02d0b7f7b8aabb742b05e6960caaa9ae20e26d2f0d0dc57808362f2ac79bc COPYING
diff --git a/package/xterm/xterm.mk b/package/xterm/xterm.mk
index d01b608d99..2fc2f734c8 100644
--- a/package/xterm/xterm.mk
+++ b/package/xterm/xterm.mk
@@ -4,7 +4,7 @@
#
################################################################################
-XTERM_VERSION = 376
+XTERM_VERSION = 384
XTERM_SOURCE = xterm-$(XTERM_VERSION).tgz
XTERM_SITE = http://invisible-mirror.net/archives/xterm
XTERM_DEPENDENCIES = ncurses xlib_libXaw host-pkgconf
More information about the buildroot
mailing list