diff mbox series

[master,walnascar,1/1] screen: update 5.0.0 -> 5.0.1

Message ID 20250530115209.2077098-1-divya.chellam@windriver.com
State New
Headers show
Series [master,walnascar,1/1] screen: update 5.0.0 -> 5.0.1 | expand

Commit Message

dchellam May 30, 2025, 11:52 a.m. UTC 
From: Divya Chellam <divya.chellam@windriver.com>

This includes CVE-fix for CVE-2025-46805, CVE-2025-46804,
CVE-2025-46803, CVE-2025-46802 and CVE-2025-23395.

Changelog:
=========
https://cgit.git.savannah.gnu.org/cgit/screen.git/tree/src/ChangeLog?h=v.5.0.1

* Fixes:
	- CVE-2025-46805: do NOT send signals with root privileges
	- CVE-2025-46804: avoid file existence test information leaks
	- CVE-2025-46803: apply safe PTY default mode of 0620
	- CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
	- CVE-2025-23395: reintroduce lf_secreopen() for logfile
	- buffer overflow due bad strncpy()
	- uninitialized variables warnings
	- typos
	- combining char handling that could lead to a segfault

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
---
 .../screen/{screen_5.0.0.bb => screen_5.0.1.bb}                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/screen/{screen_5.0.0.bb => screen_5.0.1.bb} (95%)
diff mbox series

Patch

diff --git a/meta/recipes-extended/screen/screen_5.0.0.bb b/meta/recipes-extended/screen/screen_5.0.1.bb
similarity index 95%
rename from meta/recipes-extended/screen/screen_5.0.0.bb
rename to meta/recipes-extended/screen/screen_5.0.1.bb
index fec5663fc2..69f4098519 100644
--- a/meta/recipes-extended/screen/screen_5.0.0.bb
+++ b/meta/recipes-extended/screen/screen_5.0.1.bb
@@ -20,7 +20,7 @@  SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
            ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'file://screen.pam', '', d)} \
            "
 
-SRC_URI[sha256sum] = "f04a39d00a0e5c7c86a55338808903082ad5df4d73df1a2fd3425976aed94971"
+SRC_URI[sha256sum] = "2dae36f4db379ffcd14b691596ba6ec18ac3a9e22bc47ac239789ab58409869d"
 
 inherit autotools-brokensep texinfo