diff options
-rw-r--r-- | data/ncurses/02-debian-backspace.diff | 32 | ||||
-rw-r--r-- | data/ncurses/CVE-2019-17594.diff | 37 | ||||
-rw-r--r-- | data/ncurses/CVE-2019-17595.diff | 36 | ||||
-rw-r--r-- | data/ncurses/_metadata/version | 2 | ||||
-rw-r--r-- | data/ncurses/fix-tic-infloop.diff | 30 | ||||
-rw-r--r-- | data/ncurses/fix-write_it.diff | 23 | ||||
-rw-r--r-- | data/ncurses/make.sh | 51 | ||||
-rw-r--r-- | data/ncurses/ncurses-6.1.tar.gz | bin | 3266617 -> 0 bytes | |||
-rw-r--r-- | data/ncurses/ncurses_6.1+20181013-2+deb10u2.debian.tar.xz | bin | 0 -> 61664 bytes | |||
-rw-r--r-- | data/ncurses/ncurses_6.1+20181013.orig.tar.gz | bin | 0 -> 3411288 bytes |
10 files changed, 204 insertions, 7 deletions
diff --git a/data/ncurses/02-debian-backspace.diff b/data/ncurses/02-debian-backspace.diff new file mode 100644 index 000000000..88af0a794 --- /dev/null +++ b/data/ncurses/02-debian-backspace.diff @@ -0,0 +1,32 @@ +Author: Daniel Jacobowitz <dan@debian.org> +Author: Sven Joachim <svenjoac@gmx.de> +Description: Fix backspace key description in some terminfo entries +Bug-Debian: https://bugs.debian.org/237997 +Bug-Debian: https://bugs.debian.org/602300 +Forwarded: not-needed +Last-Update: 2018-01-28 + +--- + misc/terminfo.src | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/misc/terminfo.src ++++ b/misc/terminfo.src +@@ -5970,7 +5970,7 @@ Eterm|Eterm-color|Eterm with xterm-style + ich1=\E[@, il=\E[%p1%dL, il1=\E[L, ind=\n, + is1=\E[?47l\E>\E[?1l, + is2=\E[r\E[m\E[2J\E[H\E[?7h\E[?1;3;4;6l\E[4l, kNXT@, +- kPRV@, ka1=\E[7~, ka3=\E[5~, kb2=\EOu, kbeg=\EOu, kbs=^H, ++ kPRV@, ka1=\E[7~, ka3=\E[5~, kb2=\EOu, kbeg=\EOu, kbs=^?, + kc1=\E[8~, kc3=\E[6~, kent=\EOM, khlp=\E[28~, kmous=\E[M, + mc4=\E[4i, mc5=\E[5i, rc=\E8, rev=\E[7m, ri=\EM, rmacs=^O, + rmam=\E[?7l, rmcup=\E[2J\E[?47l\E8, rmir=\E[4l, rmkx=, +@@ -6763,7 +6763,7 @@ screen|VT 100/ANSI X3.64 virtual termina + dl=\E[%p1%dM, dl1=\E[M, ed=\E[J, el=\E[K, el1=\E[1K, + enacs=\E(B\E)0, flash=\Eg, home=\E[H, hpa=\E[%i%p1%dG, + ht=^I, hts=\EH, ich=\E[%p1%d@, il=\E[%p1%dL, il1=\E[L, +- ind=\n, indn=\E[%p1%dS, is2=\E)0, kbs=^H, kcbt=\E[Z, ++ ind=\n, indn=\E[%p1%dS, is2=\E)0, kbs=^?, kcbt=\E[Z, + kcub1=\EOD, kcud1=\EOB, kcuf1=\EOC, kcuu1=\EOA, + kdch1=\E[3~, kend=\E[4~, kf1=\EOP, kf10=\E[21~, + kf11=\E[23~, kf12=\E[24~, kf2=\EOQ, kf3=\EOR, kf4=\EOS, diff --git a/data/ncurses/CVE-2019-17594.diff b/data/ncurses/CVE-2019-17594.diff new file mode 100644 index 000000000..7ab8e9e1b --- /dev/null +++ b/data/ncurses/CVE-2019-17594.diff @@ -0,0 +1,37 @@ +Author: Sven Joachim <svenjoac@gmx.de> +Description: Fix for CVE-2019-17594 + Check for invalid hashcode in _nc_find_type_entry and nc_find_entry, + fix cherry-picked from upstream patchlevel 20191012. +Bug-Debian: https://bugs.debian.org/942401 +Bug: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html +Forwarded: not-needed +Last-Update: 2019-11-02 + +--- + ncurses/tinfo/comp_hash.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +--- a/ncurses/tinfo/comp_hash.c ++++ b/ncurses/tinfo/comp_hash.c +@@ -63,7 +63,9 @@ _nc_find_entry(const char *string, + + hashvalue = data->hash_of(string); + +- if (data->table_data[hashvalue] >= 0) { ++ if (hashvalue >= 0 ++ && (unsigned) hashvalue < data->table_size ++ && data->table_data[hashvalue] >= 0) { + + real_table = _nc_get_table(termcap); + ptr = real_table + data->table_data[hashvalue]; +@@ -96,7 +98,9 @@ _nc_find_type_entry(const char *string, + const HashData *data = _nc_get_hash_info(termcap); + int hashvalue = data->hash_of(string); + +- if (data->table_data[hashvalue] >= 0) { ++ if (hashvalue >= 0 ++ && (unsigned) hashvalue < data->table_size ++ && data->table_data[hashvalue] >= 0) { + const struct name_table_entry *const table = _nc_get_table(termcap); + + ptr = table + data->table_data[hashvalue]; diff --git a/data/ncurses/CVE-2019-17595.diff b/data/ncurses/CVE-2019-17595.diff new file mode 100644 index 000000000..661a40f0e --- /dev/null +++ b/data/ncurses/CVE-2019-17595.diff @@ -0,0 +1,36 @@ +Author: Sven Joachim <svenjoac@gmx.de> +Description: Fix for CVE-2019-17595 + Fix for CVE-2019-17595 cherry-picked from upstream patchlevel + 20191012. Additionally to the CVE fix, this contains a check for + acsc with odd length in dump_entry in check for one-one mapping. +Bug-Debian: https://bugs.debian.org/942401 +Bug: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html +Bug: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00018.html +Forwarded: not-needed +Last-Update: 2019-11-02 + +--- + progs/dump_entry.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/progs/dump_entry.c ++++ b/progs/dump_entry.c +@@ -1110,7 +1110,8 @@ fmt_entry(TERMTYPE2 *tterm, + *d++ = '\\'; + *d = ':'; + } else if (*d == '\\') { +- *++d = *s++; ++ if ((*++d = *s++) == '\0') ++ break; + } + d++; + *d = '\0'; +@@ -1370,7 +1371,7 @@ one_one_mapping(const char *mapping) + + if (VALID_STRING(mapping)) { + int n = 0; +- while (mapping[n] != '\0') { ++ while (mapping[n] != '\0' && mapping[n + 1] != '\0') { + if (isLine(mapping[n]) && + mapping[n] != mapping[n + 1]) { + result = FALSE; diff --git a/data/ncurses/_metadata/version b/data/ncurses/_metadata/version index a435f5a56..2b612c5b1 100644 --- a/data/ncurses/_metadata/version +++ b/data/ncurses/_metadata/version @@ -1 +1 @@ -6.1 +6.1+20181013 diff --git a/data/ncurses/fix-tic-infloop.diff b/data/ncurses/fix-tic-infloop.diff new file mode 100644 index 000000000..02f16ef5d --- /dev/null +++ b/data/ncurses/fix-tic-infloop.diff @@ -0,0 +1,30 @@ +Author: Sven Joachim <svenjoac@gmx.de> +Description: Fix an infinite loop in tic on invalid input + Modify tic to exit if it cannot remove a conflicting name, because + treating that as a partial success can cause an infinite loop in + use-resolution. + . + Fix cherry-picked from upstream patchlevel 20191019. +Bug: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00050.html +Forwarded: not-needed +Last-Update: 2019-11-02 + +--- + ncurses/tinfo/comp_parse.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/ncurses/tinfo/comp_parse.c ++++ b/ncurses/tinfo/comp_parse.c +@@ -180,11 +180,11 @@ remove_collision(char *n1, char *n2) + ++qend; + while ((*qstart++ = *qend++) != '\0') ; + fprintf(stderr, "...now\t%s\n", p2); ++ removed = TRUE; + } else { + fprintf(stderr, "Cannot remove alias '%.*s'\n", + (int) (qend - qstart), qstart); + } +- removed = TRUE; + break; + } + } diff --git a/data/ncurses/fix-write_it.diff b/data/ncurses/fix-write_it.diff new file mode 100644 index 000000000..de9400e30 --- /dev/null +++ b/data/ncurses/fix-write_it.diff @@ -0,0 +1,23 @@ +Author: Sven Joachim <svenjoac@gmx.de> +Description: Check for missing character after backslash in write_it + Fix cherry-picked from upstream patchlevel 20191015. +Bug: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00046.html +Forwarded: not-needed +Last-Update: 2019-11-02 + +--- + progs/tic.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/progs/tic.c ++++ b/progs/tic.c +@@ -217,7 +217,8 @@ write_it(ENTRY * ep) + while ((ch = *t++) != 0) { + *d++ = (char) ch; + if (ch == '\\') { +- *d++ = *t++; ++ if ((*d++ = *t++) == '\0') ++ break; + } else if ((ch == '%') + && (*t == L_BRACE)) { + char *v = 0; diff --git a/data/ncurses/make.sh b/data/ncurses/make.sh index c96ec2565..5fde07689 100644 --- a/data/ncurses/make.sh +++ b/data/ncurses/make.sh @@ -1,15 +1,48 @@ shopt -s extglob -pkg:setup +pkg:extract +cd ncurses* +pkg:patch cd .. -dir=$(echo *) +dir=$(echo ncurses*) + +( + # make tic + mkdir bld-host + cd bld-host + ../${dir}/configure + cd include + make -j + cd ../ncurses + make -j + cd ../progs + make -j tic +) & +ticpid=$! + +flags="--with-shared --without-normal --without-debug --enable-sigwinch --disable-mixed-case --enable-termcap --enable-pc-files --with-pkg-config-libdir=${PKG_TAPF}/lib/pkgconfig ac_cv_path_TIC_PATH=${PWD}/bld-host/progs/tic" + mkdir bld-ncurses{,w} +( cd bld-ncurses -flags="--with-shared --without-normal --without-debug --enable-sigwinch --disable-mixed-case --enable-termcap --enable-pc-files --with-pkg-config-libdir=${PKG_TAPF}/lib/pkgconfig" PKG_CONF=../${dir}/configure PKG_MCPU=-marm pkg:configure ${flags} +) & +ncursespid=$! + +( +cd bld-ncursesw +PKG_CONF=../${dir}/configure PKG_MCPU=-marm pkg:configure ${flags} --disable-overwrite --enable-widec +) & +ncurseswpid=$! + +wait ${ncursespid} +wait ${ticpid} +cd bld-ncurses make -j8 pkg:install -cd ../bld-ncursesw -PKG_CONF=../${dir}/configure PKG_MCPU=-marm pkg:configure ${flags} --disable-overwrite --enable-widec +cd .. + +wait ${ncurseswpid} +cd bld-ncursesw make -j8 pkg:install @@ -25,8 +58,14 @@ pkg: ln -s libncurses.6.dylib /usr/lib/libncurses6.dylib pkg: ln -s libncursesw.6.dylib /usr/lib/libncursesw6.dylib rm -f "${PKG_DEST}"/usr/lib/*.a +for ti in ../debian/{xterm,hurd,rxvt,rxvt-unicode}; do \ + TERMINFO="${PKG_DEST}"/usr/share/terminfo \ + ../bld-host/progs/tic -x ../debian/${ti}.ti; \ +done + + for ti in "${PKG_DEST}"/usr/share/terminfo/*/*; do - if [[ ${ti} == */@(?(pc)ansi|cons25|cygwin|dumb|linux|mach|rxvt|screen|sun|vt@(52|100|102|220)|swvt25?(m)|[Exe]term|putty|konsole|gnome|apple|Apple_Terminal|unknown)?([-+.]*) ]]; then + if [[ ${ti} == */@(?(pc)ansi|cons25|cygwin|dumb|linux|mach|rxvt|screen|sun|tmux|vt@(52|100|102|220)|swvt25?(m)|[Exe]term|putty|konsole|gnome|apple|Apple_Terminal|unknown)?([-+.]*) ]]; then echo "keeping terminfo: ${ti}" else rm -f "${ti}" diff --git a/data/ncurses/ncurses-6.1.tar.gz b/data/ncurses/ncurses-6.1.tar.gz Binary files differdeleted file mode 100644 index 98c01a816..000000000 --- a/data/ncurses/ncurses-6.1.tar.gz +++ /dev/null diff --git a/data/ncurses/ncurses_6.1+20181013-2+deb10u2.debian.tar.xz b/data/ncurses/ncurses_6.1+20181013-2+deb10u2.debian.tar.xz Binary files differnew file mode 100644 index 000000000..0404bcffa --- /dev/null +++ b/data/ncurses/ncurses_6.1+20181013-2+deb10u2.debian.tar.xz diff --git a/data/ncurses/ncurses_6.1+20181013.orig.tar.gz b/data/ncurses/ncurses_6.1+20181013.orig.tar.gz Binary files differnew file mode 100644 index 000000000..84369b6d5 --- /dev/null +++ b/data/ncurses/ncurses_6.1+20181013.orig.tar.gz |