git.ipfire.org Git - ipfire-2.x.git/commit

author	Adolf Belka <adolf.belka@ipfire.org>
	Fri, 23 May 2025 16:03:44 +0000 (18:03 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 25 May 2025 11:58:05 +0000 (11:58 +0000)
commit	6351c81763fa3c4b198a1751b0b6cbea6e6d1e25
tree	7aa200c5c1cc957f990aadf4e81fba45d344e2e3	tree
parent	50ce4246c034fe21ddf2ff49597bcbb07473f34d	commit \| diff

screen: Update to version 5.0.1

- This v2 version is with the correct tarball, without the binary object files.
- Update from version 5.0.0 to 5.0.1
- Update of rootfile
- 5 CVE fixes included in this version
- Changelog
    5.0.1
Security fix
    CVE-2025-46805: do NOT send signals with root privileges
    CVE-2025-46804: avoid file existence test information leaks
    CVE-2025-46803: apply safe PTY default mode of 0620
    CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
    CVE-2025-23395: reintroduce lf_secreopen() for logfile
    buffer overflow due bad strncpy()
    uninitialized variables warnings
    typos
    combining char handling that could lead to a segfault

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/common/screen		diff \| blob \| blame \| history
lfs/screen		diff \| blob \| blame \| history