mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-26 18:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

screen: update 5.0.0 -> 5.0.1

Browse Source 
This includes CVE-fix for CVE-2025-46805, CVE-2025-46804,
CVE-2025-46803, CVE-2025-46802 and CVE-2025-23395.

Changelog:
=========
https://cgit.git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.5.0.1

* Fixes:
	- CVE-2025-46805: do NOT send signals with root privileges
	- CVE-2025-46804: avoid file existence test information leaks
	- CVE-2025-46803: apply safe PTY default mode of 0620
	- CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
	- CVE-2025-23395: reintroduce lf_secreopen() for logfile
	- buffer overflow due bad strncpy()
	- uninitialized variables warnings
	- typos
	- combining char handling that could lead to a segfault

(From OE-Core rev: 9e608022b287bfdb4f547f5e2d418536758bc82f)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Divya Chellam
2025-05-30 17:22:09 +05:30
committed by Richard Purdie
parent ffe1dcbdca
commit 58238ee55c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta/recipes-extended/screen/screen_5.0.0.bb → meta/recipes-extended/screen/screen_5.0.1.bb
View File

@@ -20,7 +20,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'file://screen.pam', '', d)} \
"
SRC_URI[sha256sum] = "f04a39d00a0e5c7c86a55338808903082ad5df4d73df1a2fd3425976aed94971"
SRC_URI[sha256sum] = "2dae36f4db379ffcd14b691596ba6ec18ac3a9e22bc47ac239789ab58409869d"
inherit autotools-brokensep texinfo