From: Divya Chellam <divya.chellam@windriver.com>
Date: Fri, 30 May 2025 11:52:09 +0000 (+0530)
Subject: screen: update 5.0.0 -> 5.0.1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9e608022b287bfdb4f547f5e2d418536758bc82f;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

screen: update 5.0.0 -> 5.0.1

This includes CVE-fix for CVE-2025-46805, CVE-2025-46804,
CVE-2025-46803, CVE-2025-46802 and CVE-2025-23395.

Changelog:
=========
https://cgit.git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.5.0.1

* Fixes:
	- CVE-2025-46805: do NOT send signals with root privileges
	- CVE-2025-46804: avoid file existence test information leaks
	- CVE-2025-46803: apply safe PTY default mode of 0620
	- CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
	- CVE-2025-23395: reintroduce lf_secreopen() for logfile
	- buffer overflow due bad strncpy()
	- uninitialized variables warnings
	- typos
	- combining char handling that could lead to a segfault

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---

diff --git a/meta/recipes-extended/screen/screen_5.0.0.bb b/meta/recipes-extended/screen/screen_5.0.1.bb
similarity index 95%
rename from meta/recipes-extended/screen/screen_5.0.0.bb
rename to meta/recipes-extended/screen/screen_5.0.1.bb
index fec5663fc2f..69f40985198 100644
--- a/meta/recipes-extended/screen/screen_5.0.0.bb
+++ b/meta/recipes-extended/screen/screen_5.0.1.bb
@@ -20,7 +20,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
            ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'file://screen.pam', '', d)} \
            "
 
-SRC_URI[sha256sum] = "f04a39d00a0e5c7c86a55338808903082ad5df4d73df1a2fd3425976aed94971"
+SRC_URI[sha256sum] = "2dae36f4db379ffcd14b691596ba6ec18ac3a9e22bc47ac239789ab58409869d"
 
 inherit autotools-brokensep texinfo