diff options
author | Ross Burton <ross.burton@arm.com> | 2023-02-20 16:28:15 +0000 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-02-25 05:52:06 -1000 |
commit | 78c44993a190a706a775e70fa59fd4664b20c9cb (patch) | |
tree | 837171fa88643a364de40bb8a4545c080000b2ef /meta | |
parent | ab1e3000cee9f5f3496a7e67cc59b2e08a681a89 (diff) | |
download | openembedded-core-78c44993a190a706a775e70fa59fd4664b20c9cb.tar.gz |
less: backport the fix for CVE-2022-46663
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 56d31067a34bc1942c7eb4940a41ecfc81110e58)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-extended/less/files/CVE-2022-46663.patch | 28 | ||||
-rw-r--r-- | meta/recipes-extended/less/less_608.bb | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-extended/less/files/CVE-2022-46663.patch b/meta/recipes-extended/less/files/CVE-2022-46663.patch new file mode 100644 index 0000000000..20f9d89ed8 --- /dev/null +++ b/meta/recipes-extended/less/files/CVE-2022-46663.patch @@ -0,0 +1,28 @@ +CVE: CVE-2022-46663 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001 +From: Mark Nudelman <markn@greenwoodsoftware.com> +Date: Fri, 7 Oct 2022 19:25:46 -0700 +Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence. + +--- + line.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/line.c b/line.c +index 236c49ae..cba7bdd1 100644 +--- a/line.c ++++ b/line.c +@@ -633,8 +633,8 @@ ansi_step(pansi, ch) + /* Hyperlink ends with \7 or ESC-backslash. */ + if (ch == '\7') + return ANSI_END; +- if (pansi->prev_esc && ch == '\\') +- return ANSI_END; ++ if (pansi->prev_esc) ++ return (ch == '\\') ? ANSI_END : ANSI_ERR; + pansi->prev_esc = (ch == ESC); + return ANSI_MID; + } diff --git a/meta/recipes-extended/less/less_608.bb b/meta/recipes-extended/less/less_608.bb index f411a8fb53..f907a8159c 100644 --- a/meta/recipes-extended/less/less_608.bb +++ b/meta/recipes-extended/less/less_608.bb @@ -26,6 +26,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \ DEPENDS = "ncurses" SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \ + file://CVE-2022-46663.patch \ " SRC_URI[sha256sum] = "a69abe2e0a126777e021d3b73aa3222e1b261f10e64624d41ec079685a6ac209" |