package/xterm: security bump to version 371

Fix CVE-2022-24130: xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. Update hash of COPYING (update in year) https://invisible-island.net/xterm/xterm.log.html#xterm_371 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 2de5cd8542) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-26 19:15:08 +01:00 · 2022-02-26 19:15:08 +01:00 · 350ff34a73
commit 350ff34a73
parent cfa24865aa
2 changed files with 3 additions and 3 deletions
--- a/package/xterm/xterm.hash
+++ b/package/xterm/xterm.hash
@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256  27f1a8b1c756e269fd5684e60802b545f0be9b36b8b5d6bdbc840c6b000dc51f  xterm-367.tgz
+sha256  32f888277b19e28ebc0a3112bff000607c07bed0679caa0beebb36f9cad484f5  xterm-371.tgz
 # Locally calculated
-sha256  dfb668cc977e24649500f3cc54de3e2b793928d210715a445ab1227930b07ba6  COPYING
+sha256  9521ef761474cd31ea406f56a751646a7b42a9287cdc6f2f8e52ed4c4d2a73e7  COPYING
--- a/package/xterm/xterm.mk
+++ b/package/xterm/xterm.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-XTERM_VERSION = 367
+XTERM_VERSION = 371
 XTERM_SOURCE = xterm-$(XTERM_VERSION).tgz
 XTERM_SITE = http://invisible-mirror.net/archives/xterm
 XTERM_DEPENDENCIES = ncurses xlib_libXaw host-pkgconf