gentoo.git - Gentoo ebuild repository mirror. Updates daily.

diff options

author	Marek Szuba <marecki@gentoo.org>	2021-05-18 17:25:01 +0200
committer	Marek Szuba <marecki@gentoo.org>	2021-05-18 17:33:09 +0200
commit	7754b4970254a816210ca814289256a43d7625f7 (patch)
tree	c0a9a85df74c82a69f47e8efc1646b3ec2befcfa /dev-python/GitPython/GitPython-3.1.15.ebuild
parent	a12abdb4564e5b481ca1df21a3d7eeb7d1aaf453 (diff)
download	gentoo-7754b4970254a816210ca814289256a43d7625f7.tar.gz gentoo-7754b4970254a816210ca814289256a43d7625f7.tar.bz2 gentoo-7754b4970254a816210ca814289256a43d7625f7.zip

x11-terms/rxvt-unicode-9.22: mark ANSI sequence ESC G Q as insecure

Can in theory be used to perform remote code execution, see https://seclists.org/oss-sec/2021/q2/145 . This was fixed upstream in 2017 (see http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583) so 9.26 is not vulnerable, that said 9.22 will likely not go away any time soon (if only because of 24-bit colour support) so let's backport this. Reported-by: Roman Dobosz <gryf73@gmail.com> Bug: https://bugs.gentoo.org/790782 Closes: https://github.com/gentoo/gentoo/pull/20863 Signed-off-by: Marek Szuba <marecki@gentoo.org>

Diffstat (limited to 'dev-python/GitPython/GitPython-3.1.15.ebuild')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: