stable

libptytty-2.0-4.el7 and rxvt-unicode-9.31-1.el7

FEDORA-EPEL-2023-a99c56df6a created by carlwgeorge 10 months ago for Fedora EPEL 7

The last update for rxvt-unicode stripped it down to just the rxvt-unicode-terminfo subpackage, leaving the rxvt-unicode package empty with no files. This disruptive change was against EPEL policy. This new update restores the full rxvt-unicode package. It also updates the package to version 9.31 to match the version in EPEL 8, which correctly fixes CVE-2022-4170. It also introduces the libptytty dependency to EPEL 7.

This update has been submitted for testing by carlwgeorge.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon rharwood commented & provided feedback 10 months ago

Oh hey, abuse of provenpackager. So much for caring about policy, eh? :)

User Icon carlwgeorge commented & provided feedback 10 months ago

Quoting the actual policy:

Provenpackagers lend a hand when help is needed, always with a desire to improve the quality of Fedora.

Help was needed and I provided it. This improved the quality of EPEL, which is part of the Fedora project.

Prior to making changes, provenpackagers should try to communicate with owners of a package in bugzilla, irc or email.

They should be careful not to change other people’s packages needlessly and try to do the minimal changes required to fix problems

I performed the minimum changes necessary to undo your policy-breaking change. In no way, shape, or form was me resolving this issue an abuse of proven packager permissions. Next time, follow EPEL policy so I don't have to step in to clean up your mess.

This update has been submitted for stable by bodhi.

9 months ago
User Icon rcxb1 commented & provided feedback 9 months ago
karma

Working well on CentOS-7. Put through its paces with a number of escape/control sequences, links, terminal games, etc. The TERM= change is annoying when SSH'ing to many systems, but perhaps necessary, can be overridden; not the fault of this package. Thanks

BZ#2160952 rxvt-unicode-9.30-2.el7.x86_64 contains NO FILES
BZ#2165151 rxvt-unicode-9.30-2 RPM on Epel7 repository is an invalid RPM
BZ#2170550 EPEL7 - rxvt-unicode package contains no data

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
urgent
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago
approved
9 months ago
BZ#2151598 CVE-2022-4170 rxvt-unicode: remote code execution via background OSC [epel-all]
0
0
BZ#2160952 rxvt-unicode-9.30-2.el7.x86_64 contains NO FILES
0
1
BZ#2165151 rxvt-unicode-9.30-2 RPM on Epel7 repository is an invalid RPM
0
1
BZ#2170550 EPEL7 - rxvt-unicode package contains no data
0
1

Automated Test Results