git.ipfire.org Git - ipfire-2.x.git/commit

author	Adolf Belka <adolf.belka@ipfire.org>
	Thu, 15 May 2025 16:25:25 +0000 (18:25 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Thu, 22 May 2025 15:01:02 +0000 (15:01 +0000)
commit	de98f72736d8ee27c31226df46403b4e122733e2
tree	7ff2ebab886d7603ffe32c19d537dd554b12a2a2	tree
parent	753b4d041acb860d2d5ac743e7041732ba1bcdae	commit \| diff

screen: Update to version 5.0.1

- Update from version 5.0.0 to 5.0.1
- Update of rootfile
- 5 CVE fixes included in this version
- Changelog
    5.0.1
Security fix
    CVE-2025-46805: do NOT send signals with root privileges
    CVE-2025-46804: avoid file existence test information leaks
    CVE-2025-46803: apply safe PTY default mode of 0620
    CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
    CVE-2025-23395: reintroduce lf_secreopen() for logfile
    buffer overflow due bad strncpy()
    uninitialized variables warnings
    typos
    combining char handling that could lead to a segfault

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/common/screen		diff \| blob \| blame \| history
lfs/screen		diff \| blob \| blame \| history