1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
new file mode 100644
index 0000000000..6c3590c311
--- /dev/null
+++ b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
@@ -0,0 +1,33 @@
+Backport patch to fix CVE-2021-33477.
+CVE: CVE-2021-33477
+Upstream-Status: Backport [http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583]
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+ src/command.C | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/src/command.C b/src/command.C
+index 7b79f51..2f7de60 100644
+--- a/src/command.C
+++ b/src/command.C
+@@ -2725,7 +2725,7 @@ rxvt_term::process_escape_seq ()
+         /* kidnapped escape sequence: Should be 8.3.48 */
+       case C1_ESA:             /* ESC G */
+         // used by original rxvt for rob nations own graphics mode
+-        if (cmd_getc () == 'Q')
+        if (cmd_getc () == 'Q' && option (Opt_insecure))
+           tt_printf ("\033G0\012");    /* query graphics - no graphics */
+         break;
+ 
+@@ -2944,7 +2944,7 @@ rxvt_term::process_csi_seq ()
+         break;
+ 
+       case CSI_CUB:            /* 8.3.18: (1) CURSOR LEFT */
+-      case CSI_HPB:            /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+      case CSI_HPB:            /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+ #ifdef ISO6429
+         arg[0] = -arg[0];
+ #else                          /* emulate common DEC VTs */

diff --git a/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch new file mode 100644 index 0000000000..6c3590c311 --- /dev/null +++ b/meta/recipes-sato/rxvt-unicode/rxvt-unicode/rxvt-unicode-fix-CVE-2021-33477.patch
@@ -0,0 +1,33 @@
	1	Backport patch to fix CVE-2021-33477.
	2
	3	CVE: CVE-2021-33477
	4
	5	Upstream-Status: Backport [http://cvs.schmorp.de/rxvt-unicode/src/command.C?r1=1.582&r2=1.583]
	6
	7	Signed-off-by: Kai Kang <kai.kang@windriver.com>
	8	---
	9	src/command.C \| 4 ++--
	10	1 file changed, 2 insertions(+), 2 deletions(-)
	11
	12	diff --git a/src/command.C b/src/command.C
	13	index 7b79f51..2f7de60 100644
	14	--- a/src/command.C
	15	+++ b/src/command.C
	16	@@ -2725,7 +2725,7 @@ rxvt_term::process_escape_seq ()
	17	/* kidnapped escape sequence: Should be 8.3.48 */
	18	case C1_ESA: /* ESC G */
	19	// used by original rxvt for rob nations own graphics mode
	20	- if (cmd_getc () == 'Q')
	21	+ if (cmd_getc () == 'Q' && option (Opt_insecure))
	22	tt_printf ("\033G0\012"); /* query graphics - no graphics */
	23	break;
	24
	25	@@ -2944,7 +2944,7 @@ rxvt_term::process_csi_seq ()
	26	break;
	27
	28	case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */
	29	- case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
	30	+ case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
	31	#ifdef ISO6429
	32	arg[0] = -arg[0];
	33	#else /* emulate common DEC VTs */