Hello community,
here is the log from the commit of package tmux for openSUSE:Factory checked in
at 2020-11-06 23:45:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tmux (Old)
and /work/SRC/openSUSE:Factory/.tmux.new.11331 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tmux"
Fri Nov 6 23:45:25 2020 rev:51 rq:846426 version:3.1c
Changes:
--------
--- /work/SRC/openSUSE:Factory/tmux/tmux.changes 2020-05-07
14:56:05.954466577 +0200
+++ /work/SRC/openSUSE:Factory/.tmux.new.11331/tmux.changes 2020-11-06
23:46:22.999115632 +0100
@@ -1,0 +2,12 @@
+Sat Oct 31 10:41:19 UTC 2020 - Andreas Stieger <andreas.stie...@gmx.de>
+
+- fix build for SLE 12 PackageHub
+
+-------------------------------------------------------------------
+Fri Oct 30 13:20:43 UTC 2020 - Ismail Dönmez <idon...@suse.com>
+
+- Update to version 3.1c
+ * Fix a stack overflow on colon-separated CSI parsing.
+ boo#1178263 CVE-2020-27347
+
+-------------------------------------------------------------------
Old:
----
tmux-3.1b.tar.gz
New:
----
tmux-3.1c.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ tmux.spec ++++++
--- /var/tmp/diff_new_pack.hUog9H/_old 2020-11-06 23:46:23.639114402 +0100
+++ /var/tmp/diff_new_pack.hUog9H/_new 2020-11-06 23:46:23.639114402 +0100
@@ -17,7 +17,7 @@
Name: tmux
-Version: 3.1b
+Version: 3.1c
Release: 0
Summary: Terminal multiplexer
License: ISC AND BSD-3-Clause AND BSD-2-Clause
@@ -57,7 +57,11 @@
%build
export CFLAGS="%{optflags} -fno-strict-aliasing"
%configure
+%if 0%{?suse_version} >= 1320
%make_build
+%else
+make %{?_smp_mflags}
+%endif
%install
%make_install
@@ -75,6 +79,10 @@
%files
%license COPYING
%doc CHANGES
+%if 0%{?suse_version} < 1320
+%dir %{_datadir}/bash-completion
+%dir %{_datadir}/bash-completion/completions
+%endif
%{_datadir}/bash-completion/completions/tmux
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1%{?ext_man}
++++++ tmux-3.1b.tar.gz -> tmux-3.1c.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tmux-3.1b/CHANGES new/tmux-3.1c/CHANGES
--- old/tmux-3.1b/CHANGES 2020-05-04 10:06:52.000000000 +0200
+++ new/tmux-3.1c/CHANGES 2020-10-30 13:10:45.000000000 +0100
@@ -1,3 +1,7 @@
+CHANGED FROM 3.1b TO 3.1c
+
+* Fix a stack overflow on colon-separated CSI parsing.
+
CHANGES FROM 3.1a TO 3.1b
* Fix build on systems without sys/queue.h.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tmux-3.1b/Makefile.in new/tmux-3.1c/Makefile.in
--- old/tmux-3.1b/Makefile.in 2020-05-04 10:08:19.000000000 +0200
+++ new/tmux-3.1c/Makefile.in 2020-10-30 13:14:17.000000000 +0100
@@ -424,6 +424,7 @@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+runstatedir = @runstatedir@
sbindir = @sbindir@
sharedstatedir = @sharedstatedir@
srcdir = @srcdir@
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tmux-3.1b/configure new/tmux-3.1c/configure
--- old/tmux-3.1b/configure 2020-05-04 10:08:33.000000000 +0200
+++ new/tmux-3.1c/configure 2020-10-30 13:14:29.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for tmux 3.1b.
+# Generated by GNU Autoconf 2.69 for tmux 3.1c.
#
#
# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
# Identity of this package.
PACKAGE_NAME='tmux'
PACKAGE_TARNAME='tmux'
-PACKAGE_VERSION='3.1b'
-PACKAGE_STRING='tmux 3.1b'
+PACKAGE_VERSION='3.1c'
+PACKAGE_STRING='tmux 3.1c'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
@@ -744,6 +744,7 @@
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -831,6 +832,7 @@
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1083,6 +1085,15 @@
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1220,7 +1231,7 @@
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1333,7 +1344,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures tmux 3.1b to adapt to many kinds of systems.
+\`configure' configures tmux 3.1c to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1373,6 +1384,7 @@
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -1403,7 +1415,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of tmux 3.1b:";;
+ short | recursive ) echo "Configuration of tmux 3.1c:";;
esac
cat <<\_ACEOF
@@ -1524,7 +1536,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-tmux configure 3.1b
+tmux configure 3.1c
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1935,7 +1947,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by tmux $as_me 3.1b, which was
+It was created by tmux $as_me 3.1c, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2801,7 +2813,7 @@
# Define the identity of the package.
PACKAGE='tmux'
- VERSION='3.1b'
+ VERSION='3.1c'
cat >>confdefs.h <<_ACEOF
@@ -7806,7 +7818,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by tmux $as_me 3.1b, which was
+This file was extended by tmux $as_me 3.1c, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -7863,7 +7875,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-tmux config.status 3.1b
+tmux config.status 3.1c
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tmux-3.1b/configure.ac new/tmux-3.1c/configure.ac
--- old/tmux-3.1b/configure.ac 2020-05-04 10:06:23.000000000 +0200
+++ new/tmux-3.1c/configure.ac 2020-10-30 13:10:22.000000000 +0100
@@ -1,6 +1,6 @@
# configure.ac
-AC_INIT([tmux], 3.1b)
+AC_INIT([tmux], 3.1c)
AC_PREREQ([2.60])
AC_CONFIG_AUX_DIR(etc)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tmux-3.1b/input.c new/tmux-3.1c/input.c
--- old/tmux-3.1b/input.c 2020-05-04 10:06:23.000000000 +0200
+++ new/tmux-3.1c/input.c 2020-10-30 13:09:52.000000000 +0100
@@ -1929,8 +1929,13 @@
free(copy);
return;
}
- } else
+ } else {
n++;
+ if (n == nitems(p)) {
+ free(copy);
+ return;
+ }
+ }
log_debug("%s: %u = %d", __func__, n - 1, p[n - 1]);
}
free(copy);
