diff --git a/SPECS-EXTENDED/screen/screen-4.3.1-crypt.patch b/SPECS-EXTENDED/screen/screen-4.3.1-crypt.patch index ed05049201..9bb5eaef16 100644 --- a/SPECS-EXTENDED/screen/screen-4.3.1-crypt.patch +++ b/SPECS-EXTENDED/screen/screen-4.3.1-crypt.patch @@ -1,15 +1,35 @@ -check crypt output (rhbz#815605) +From de1b63fabfb353f24910da2673e348c731c623b5 Mon Sep 17 00:00:00 2001 +From: Muhammad Falak R Wani +Date: Sat, 2 Sep 2023 10:32:36 +0530 +Subject: [PATCH 5/5] check crypt output (rhbz#815605) + +Signed-off-by: Muhammad Falak R Wani +--- + misc.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/misc.c b/misc.c -index 2022a06..235c82f 100644 +index 95093a9..bd5a050 100644 --- a/misc.c +++ b/misc.c -@@ -57,6 +57,8 @@ register const char *str; +@@ -68,11 +68,13 @@ SaveStr(register const char *str) + char * + SaveStrn(register const char *str, int n) { - register char *cp; +- register char *cp; ++ register char *cp; +- if ((cp = malloc(n + 1)) == NULL) +- Panic(0, "%s", strnomem); +- else { + if(str == NULL) + Panic(0, "SaveStr() received NULL - possibly failed crypt()"); - if ((cp = malloc(strlen(str) + 1)) == NULL) - Panic(0, "%s", strnomem); - else ++ if ((cp = malloc(strlen(str) + 1)) == NULL) ++ Panic(0, "%s", strnomem); ++ else { + bcopy((char *)str, cp, n); + cp[n] = 0; + } +-- +2.40.1 + diff --git a/SPECS-EXTENDED/screen/screen-4.3.1-libs.patch b/SPECS-EXTENDED/screen/screen-4.3.1-libs.patch index 47a4ac68e5..59acb7782a 100644 --- a/SPECS-EXTENDED/screen/screen-4.3.1-libs.patch +++ b/SPECS-EXTENDED/screen/screen-4.3.1-libs.patch @@ -1,8 +1,18 @@ +From 6ec99107916b9d7b6486ea5fadbd8071eef1388f Mon Sep 17 00:00:00 2001 +From: Muhammad Falak R Wani +Date: Sat, 2 Sep 2023 10:26:24 +0530 +Subject: [PATCH 1/5] patch1 + +Signed-off-by: Muhammad Falak R Wani +--- + configure.ac | 18 +++++------------- + 1 file changed, 5 insertions(+), 13 deletions(-) + diff --git a/configure.ac b/configure.ac -index c0f02df..b76c8f5 100644 +index 1a12c04..5b3a883 100644 --- a/configure.ac +++ b/configure.ac -@@ -188,7 +188,8 @@ AC_EGREP_CPP(yes, +@@ -189,7 +189,8 @@ AC_EGREP_CPP(yes, ], AC_NOTE(- you have a SVR4 system) AC_DEFINE(SVR4) svr4=1) if test -n "$svr4" ; then oldlibs="$LIBS" @@ -10,17 +20,20 @@ index c0f02df..b76c8f5 100644 +# Humm we don't actually need to link against libelf for Linux +LIBS="$LIBS" AC_CHECKING(SVR4) - AC_TRY_LINK([#include + AC_TRY_LINK([ + #include +@@ -669,17 +670,13 @@ AC_TRY_LINK([ + tgetent((char *)0, (char *)0); ],, -@@ -626,14 +627,10 @@ dnl - AC_CHECKING(for tgetent) - AC_TRY_LINK(,tgetent((char *)0, (char *)0);,, olibs="$LIBS" -LIBS="-lcurses $olibs" -AC_CHECKING(libcurses) +LIBS="-ltinfo $olibs" +AC_CHECKING(libtinfo) - AC_TRY_LINK(,[ + AC_TRY_LINK([ + #include + #include + ],[ -#ifdef __hpux -__sorry_hpux_libcurses_is_totally_broken_in_10_10(); -#else @@ -29,16 +42,16 @@ index c0f02df..b76c8f5 100644 ],, LIBS="-ltermcap $olibs" AC_CHECKING(libtermcap) -@@ -658,7 +655,7 @@ AC_MSG_ERROR(!!! no tgetent - no screen))))))))) - AC_TRY_RUN([ +@@ -739,7 +736,7 @@ AC_TRY_RUN([ + int main() { -- exit(strcmp(tgoto("%p1%d", 0, 1), "1") ? 0 : 1); +- return(strcmp(tgoto("%p1%d", 0, 1), "1") ? 0 : 1); + return 1; }], AC_NOTE(- you use the termcap database), AC_NOTE(- you use the terminfo database) AC_DEFINE(TERMINFO), AC_NOTE(- skipping check because we are cross compiling; assuming terminfo database is used) AC_DEFINE(TERMINFO)) -@@ -864,11 +861,6 @@ fi +@@ -953,11 +950,6 @@ fi dnl dnl **** loadav **** dnl @@ -49,4 +62,8 @@ index c0f02df..b76c8f5 100644 -fi AC_CHECKING(getloadavg) - AC_TRY_LINK(,[getloadavg((double *)0, 0);], + AC_TRY_LINK([ +-- +2.40.1 + + diff --git a/SPECS-EXTENDED/screen/screen-4.3.1-screenrc.patch b/SPECS-EXTENDED/screen/screen-4.3.1-screenrc.patch index 67e36982bf..e71253d0a6 100644 --- a/SPECS-EXTENDED/screen/screen-4.3.1-screenrc.patch +++ b/SPECS-EXTENDED/screen/screen-4.3.1-screenrc.patch @@ -1,6 +1,18 @@ -diff -up screen-4.0.3/etc/etcscreenrc.screenrc screen-4.0.3/etc/etcscreenrc ---- screen-4.0.3/etc/etcscreenrc.screenrc 2003-12-05 14:46:13.000000000 +0100 -+++ screen-4.0.3/etc/etcscreenrc 2009-09-25 14:20:31.000000000 +0200 +From 6470f541ed0877c0f82d59da351e636cfdf94c74 Mon Sep 17 00:00:00 2001 +From: Muhammad Falak R Wani +Date: Sat, 2 Sep 2023 10:27:42 +0530 +Subject: [PATCH 2/5] patch2 + +Signed-off-by: Muhammad Falak R Wani +--- + etc/etcscreenrc | 12 ++++----- + etc/screenrc | 65 +++++++++++++------------------------------------ + 2 files changed, 23 insertions(+), 54 deletions(-) + +diff --git a/etc/etcscreenrc b/etc/etcscreenrc +index a51d64a..9235e27 100644 +--- a/etc/etcscreenrc ++++ b/etc/etcscreenrc @@ -36,8 +36,8 @@ vbell_msg " Wuff ---- Wuff!! " # IC insert multiple chars # nx terminal uses xon/xoff @@ -12,7 +24,7 @@ diff -up screen-4.0.3/etc/etcscreenrc.screenrc screen-4.0.3/etc/etcscreenrc #the vt100 description does not mention "dl". *sigh* termcap vt100 dl=5\E[M -@@ -55,15 +55,15 @@ terminfo sun 'up=^K:AL=\E[%p1%dL:DL=\E[% +@@ -55,15 +55,15 @@ terminfo sun 'up=^K:AL=\E[%p1%dL:DL=\E[%p1%dM:UP=\E[%p1%dA:DO=\E[%p1%dB:LE=\E[%p #xterm understands both im/ic and doesn't have a status line. #Note: Do not specify im and ic in the real termcap/info file as #some programs (e.g. vi) will (no,no, may (jw)) not work anymore. @@ -32,9 +44,10 @@ diff -up screen-4.0.3/etc/etcscreenrc.screenrc screen-4.0.3/etc/etcscreenrc # # Do not use xterms alternate window buffer. -diff -up screen-4.0.3/etc/screenrc.screenrc screen-4.0.3/etc/screenrc ---- screen-4.0.3/etc/screenrc.screenrc 2006-10-23 15:06:32.000000000 +0200 -+++ screen-4.0.3/etc/screenrc 2009-09-25 14:31:30.000000000 +0200 +diff --git a/etc/screenrc b/etc/screenrc +index ca6561d..2dffb38 100644 +--- a/etc/screenrc ++++ b/etc/screenrc @@ -1,21 +1,11 @@ -# -# Example of a user's .screenrc file @@ -155,3 +168,6 @@ diff -up screen-4.0.3/etc/screenrc.screenrc screen-4.0.3/etc/screenrc # bind = resize = # bind + resize +1 # bind - resize -1 +-- +2.40.1 + diff --git a/SPECS-EXTENDED/screen/screen-4.3.1-suppress_remap.patch b/SPECS-EXTENDED/screen/screen-4.3.1-suppress_remap.patch index a827199920..07c1f8dce4 100644 --- a/SPECS-EXTENDED/screen/screen-4.3.1-suppress_remap.patch +++ b/SPECS-EXTENDED/screen/screen-4.3.1-suppress_remap.patch @@ -1,10 +1,17 @@ -Author: Loic Minier -Description: Unbreak several useful keybindings. +From 729f1df0fcf8165dfc557b00c06fd47e57955149 Mon Sep 17 00:00:00 2001 +From: Loic Minier +Date: Sat, 2 Sep 2023 10:29:02 +0530 +Subject: [PATCH 4/5] Unbreak several useful keybindings. fix for nonworking ^a backspace (rhbz#708698) +Signed-off-by: Muhammad Falak R Wani +--- + termcap.c | 2 -- + 1 file changed, 2 deletions(-) + diff --git a/termcap.c b/termcap.c -index 26cba62..ed9e838 100644 +index 26c8f5a..29684cf 100644 --- a/termcap.c +++ b/termcap.c @@ -553,8 +553,6 @@ int map; @@ -16,3 +23,6 @@ index 26cba62..ed9e838 100644 if (map == 0 && domap) return 0; if (map && !domap) +-- +2.40.1 + diff --git a/SPECS-EXTENDED/screen/screen-4.9.0-braille.patch b/SPECS-EXTENDED/screen/screen-4.9.0-braille.patch deleted file mode 100644 index 634d31711c..0000000000 --- a/SPECS-EXTENDED/screen/screen-4.9.0-braille.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -urNp a/braille_tsi.c b/braille_tsi.c ---- a/braille_tsi.c 2022-03-08 13:31:31.054957126 +0100 -+++ b/braille_tsi.c 2022-03-08 13:32:02.888173116 +0100 -@@ -49,7 +49,7 @@ static int tsi_line_type; /* indicates - - static int display_status_tsi __P((void)); - static int write_line_tsi __P((char*, int, int)); --static void buttonpress_tsi __P((structkey2rc*)); -+static void buttonpress_tsi __P((struct key2rc*)); - static void buttonpress_navigator_40 __P((void)); - static void buttonpress_powerbraille_40 __P((void)); - static void buttonpress_powerbraille_80 __P((void)); diff --git a/SPECS-EXTENDED/screen/screen-E3.patch b/SPECS-EXTENDED/screen/screen-E3.patch index c8e0ecd384..f5a25656ae 100644 --- a/SPECS-EXTENDED/screen/screen-E3.patch +++ b/SPECS-EXTENDED/screen/screen-E3.patch @@ -1,15 +1,27 @@ -Clear scrollback buffer when locking terminal +From 036bf692ea8c4e821a8af8bff8304e683c06ffa4 Mon Sep 17 00:00:00 2001 +From: Muhammad Falak R Wani +Date: Sat, 2 Sep 2023 10:28:37 +0530 +Subject: [PATCH 3/5] Clear scrollback buffer when locking terminal Linux kernel 3.0 adds a new command to clear the scrollback buffer in the linux console. It's available in the ncurses terminfo entry as extended capability E3. This is useful to prevent an attacker to read content of a locked terminal via Shift-PgUp key. + +Signed-off-by: Muhammad Falak R Wani +--- + display.c | 6 ++++++ + extern.h | 1 + + screen.c | 1 + + term.c | 1 + + 4 files changed, 9 insertions(+) + diff --git a/display.c b/display.c -index d0ed6a4..7b534c0 100644 +index a1afbe6..1c56b3e 100644 --- a/display.c +++ b/display.c -@@ -4079,4 +4079,10 @@ char **cmdv; +@@ -4080,4 +4080,10 @@ char **cmdv; #endif /* BLANKER_PRG */ @@ -33,10 +45,10 @@ index d4e57df..4564581 100644 /* resize.c */ extern int ChangeWindowSize __P((struct win *, int, int, int)); diff --git a/screen.c b/screen.c -index 7dcb9af..c934d75 100644 +index 7653cd1..85d52ac 100644 --- a/screen.c +++ b/screen.c -@@ -1952,6 +1952,7 @@ void Detach(int mode) +@@ -1970,6 +1970,7 @@ void Detach(int mode) case D_LOCK: ClearAll(); @@ -56,3 +68,6 @@ index c7a13c9..f49b3a7 100644 /* initialise */ { "is", T_STR }, +-- +2.40.1 + diff --git a/SPECS-EXTENDED/screen/screen.signatures.json b/SPECS-EXTENDED/screen/screen.signatures.json index 50c8dd08c5..8fd8c857d8 100644 --- a/SPECS-EXTENDED/screen/screen.signatures.json +++ b/SPECS-EXTENDED/screen/screen.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { "screen.pam": "0efded3536f5803b583f9101ced3d5e9987476c0cb3596fe19d8c8084553ba3f", - "screen-4.9.0.tar.gz": "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4" + "screen-4.9.1.tar.gz": "26cef3e3c42571c0d484ad6faf110c5c15091fbf872b06fa7aa4766c7405ac69" } } \ No newline at end of file diff --git a/SPECS-EXTENDED/screen/screen.spec b/SPECS-EXTENDED/screen/screen.spec index b10e14c6b0..f743f20cf2 100644 --- a/SPECS-EXTENDED/screen/screen.spec +++ b/SPECS-EXTENDED/screen/screen.spec @@ -1,29 +1,31 @@ -Vendor: Microsoft Corporation -Distribution: Mariner %bcond_with multiuser %global _hardened_build 1 Summary: A screen manager that supports multiple logins on one terminal Name: screen -Version: 4.9.0 +Version: 4.9.1 Release: 1%{?dist} License: GPLv3+ -URL: http://www.gnu.org/software/screen -Requires(pre): /usr/sbin/groupadd -BuildRequires: ncurses-devel pam-devel libutempter-devel autoconf texinfo -BuildRequires: automake gcc -# for %%_tmpfilesdir macro -BuildRequires: systemd - +Vendor: Microsoft Corporation +Distribution: Mariner +URL: https://www.gnu.org/software/screen Source0: https://ftp.gnu.org/gnu/screen/screen-%{version}.tar.gz Source1: screen.pam - Patch1: screen-4.3.1-libs.patch Patch2: screen-4.3.1-screenrc.patch Patch3: screen-E3.patch Patch4: screen-4.3.1-suppress_remap.patch Patch5: screen-4.3.1-crypt.patch -Patch6: screen-4.9.0-braille.patch +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: gcc +BuildRequires: libutempter-devel +BuildRequires: ncurses-devel +BuildRequires: pam-devel +# for %%_tmpfilesdir macro +BuildRequires: systemd +BuildRequires: texinfo +Requires(pre): %{_sbindir}/groupadd %description The screen utility allows you to have multiple logins on just one @@ -34,7 +36,6 @@ login. Install the screen package if you need a screen manager that can support multiple logins on one terminal. - %prep %autosetup -p1 @@ -55,7 +56,7 @@ autoreconf -i # We would like to have braille support. sed -i -e 's/.*#.*undef.*HAVE_BRAILLE.*/#define HAVE_BRAILLE 1/;' config.h -sed -i -e 's/\(\/usr\)\?\/local\/etc/\/etc/g;' doc/screen.{1,texinfo} +sed -i -e 's/\(\/usr\)\?\/local\%{_sysconfdir}/\%{_sysconfdir}/g;' doc/screen.{1,texinfo} for i in doc/screen.texinfo; do iconv -f iso8859-1 -t utf-8 < $i > $i.utf8 && mv -f ${i}{.utf8,} @@ -67,23 +68,23 @@ rm -f doc/screen.info* make %install -make install DESTDIR=$RPM_BUILD_ROOT -mv -f $RPM_BUILD_ROOT%{_bindir}/screen{-%{version},} +make install DESTDIR=%{buildroot} +mv -f %{buildroot}%{_bindir}/screen{-%{version},} -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir} -install -m 0644 etc/etcscreenrc $RPM_BUILD_ROOT%{_sysconfdir}/screenrc -cat etc/screenrc >> $RPM_BUILD_ROOT%{_sysconfdir}/screenrc +mkdir -p %{buildroot}%{_sysconfdir} +install -m 0644 etc/etcscreenrc %{buildroot}%{_sysconfdir}/screenrc +cat etc/screenrc >> %{buildroot}%{_sysconfdir}/screenrc # Better not forget to copy the pam file around -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d -install -p -m 0644 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/screen +mkdir -p %{buildroot}%{_sysconfdir}/pam.d +install -p -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/pam.d/screen # Create the socket dir -mkdir -p $RPM_BUILD_ROOT%{_rundir}/screen +mkdir -p %{buildroot}%{_rundir}/screen # And tell systemd to recreate it on start with tmpfs -mkdir -p $RPM_BUILD_ROOT%{_tmpfilesdir} -cat < $RPM_BUILD_ROOT%{_tmpfilesdir}/screen.conf +mkdir -p %{buildroot}%{_tmpfilesdir} +cat < %{buildroot}%{_tmpfilesdir}/screen.conf # screen needs directory in /run %if %{with multiuser} d %{_rundir}/screen 0755 root root @@ -93,10 +94,10 @@ d %{_rundir}/screen 0775 root screen EOF # Remove files from the buildroot which we don't want packaged -rm -f $RPM_BUILD_ROOT%{_infodir}/dir +rm -f %{buildroot}%{_infodir}/dir %pre -/usr/sbin/groupadd -g 84 -r -f screen +%{_sbindir}/groupadd -g 84 -r -f screen : %files @@ -117,6 +118,10 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir %endif %changelog +* Thu Aug 31 2023 Muhammad Falak - 4.9.1-1 +- Upgrade version to adress CVE-2021-20230 +- Lint spec + * Wed Nov 09 2022 CBL-Mariner Servicing Account - 4.9.0-1 - Auto-upgrade to 4.9.0 - CVE-2021-26937 diff --git a/cgmanifest.json b/cgmanifest.json index 948dc6cb43..cf04745c2a 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -27335,8 +27335,8 @@ "type": "other", "other": { "name": "screen", - "version": "4.9.0", - "downloadUrl": "https://ftp.gnu.org/gnu/screen/screen-4.9.0.tar.gz" + "version": "4.9.1", + "downloadUrl": "https://ftp.gnu.org/gnu/screen/screen-4.9.1.tar.gz" } } }, @@ -30807,4 +30807,4 @@ } ], "Version": 1 -} +} \ No newline at end of file