summary refs log tree commit diff
path: root/gnu/packages/patches/rxvt-unicode-escape-sequences.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/rxvt-unicode-escape-sequences.patch')
-rw-r--r--gnu/packages/patches/rxvt-unicode-escape-sequences.patch35
1 files changed, 0 insertions, 35 deletions
diff --git a/gnu/packages/patches/rxvt-unicode-escape-sequences.patch b/gnu/packages/patches/rxvt-unicode-escape-sequences.patch
deleted file mode 100644
index 064dd51e2d..0000000000
--- a/gnu/packages/patches/rxvt-unicode-escape-sequences.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-This patch prevents a code execution vector involving terminal escape
-sequences when rxvt-unicode is in "secure mode".
-
-This change was spurred by the following conversation on the
-oss-security mailing list:
-
-Problem description and proof of concept:
-http://seclists.org/oss-sec/2017/q2/190
-
-Upstream response:
-http://seclists.org/oss-sec/2017/q2/291
-
-Patch copied from upstream source repository:
-http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583
-
---- rxvt-unicode/src/command.C	2016/07/14 05:33:26	1.582
-+++ rxvt-unicode/src/command.C	2017/05/18 02:43:18	1.583
-@@ -2695,7 +2695,7 @@
-         /* kidnapped escape sequence: Should be 8.3.48 */
-       case C1_ESA:		/* ESC G */
-         // used by original rxvt for rob nations own graphics mode
--        if (cmd_getc () == 'Q')
-+        if (cmd_getc () == 'Q' && option (Opt_insecure))
-           tt_printf ("\033G0\012");	/* query graphics - no graphics */
-         break;
- 
-@@ -2914,7 +2914,7 @@
-         break;
- 
-       case CSI_CUB:		/* 8.3.18: (1) CURSOR LEFT */
--      case CSI_HPB: 		/* 8.3.59: (1) CHARACTER POSITION BACKWARD */
-+      case CSI_HPB:		/* 8.3.59: (1) CHARACTER POSITION BACKWARD */
- #ifdef ISO6429
-         arg[0] = -arg[0];
- #else				/* emulate common DEC VTs */
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-03-31 01:47:15 +0000