Fix for CVE-2011-0768, an off-by-one error in handling large pixmap
filenames which resulted in an overflow of a single NUL character if
the filename exceeded PATH_MAX bytes. This bug is NOT exploitable.
Again, thanks to Jonathan Brossard and the team at Toucan System for
responsibly disclosing this vulnerability and to CERT for assisting
with coordination and disclosure.
----------------------------------------------------------------------
SVN revision: 59414
Fix for CVE-2011-0409 (CERT VU#285156), a use-after-free error in the
XIM code. This only affects versions where XIM support is compiled in
(which it is by default). There are no known exploits for this bug,
but it is theoretically exploitable. Thanks to Jonathan Brossard and
the team at Toucan System for responsibly disclosing this
vulnerability and to CERT for assisting with coordination and
disclosure.
----------------------------------------------------------------------
SVN revision: 59413
Modified patch from Paolo Ferrario <skooks@tiscali.it> based on input
from Kim Woelders <kim@woelders.dk> to allow Eterm to respond to
selection requests in UTF-8, compound text, or string only.
Previously, exotic selection request types would receive a string
back, but it would claim to be whatever type was requested. Now it
claims to be a string, which is probably more correct. This should
also eliminate server round-trips when clients ask for UTF-8, get a
string, then ask for a string (Opera).
----------------------------------------------------------------------
SVN revision: 50916
Fix off-by-one error that was causing crashes with visual bell. Found
by d_willsc@cojobo.bonn.de.
----------------------------------------------------------------------
SVN revision: 43285
Revert bad change to borderless code. We're now doing best effort
borderless with no override_redirect (which may come back some day as
a separate option if there's a need) based on advice from raster and
kwo.
----------------------------------------------------------------------
SVN revision: 43284
Support font effects in 8 directions. Patch supplied by Joern
Bernhardt <Joern.Bernhardt@gmx.net>.
----------------------------------------------------------------------
SVN revision: 43283
Fix for scrolling limitations from Cliff Miller <cbm@whatexit.org>.
----------------------------------------------------------------------
SVN revision: 43282
Patch for FreeBSD UNIX98 pty support from Ed Schouten <ed@80386.nl>.
----------------------------------------------------------------------
SVN revision: 43281
Re-enable SIGPIPE after fork() for child processes who might not
re-enable it on their own.
----------------------------------------------------------------------
SVN revision: 43280
Remove fontset fallbacks. I think this might help speed up the load
time slowness some people are seeing. Let's find out.
----------------------------------------------------------------------
SVN revision: 38477
Fix compile errors related to the removal of unnecessary typecasting
macros.
----------------------------------------------------------------------
SVN revision: 38171
(Correct) fix for CVE-2008-1692. Eterm no longer defaults to using
":0" for $DISPLAY due to the possibility that an attacker can create a
fake X server on a shared system, intercept the Eterm X connection,
and send fake keystrokes to the victim's Eterm to execute arbitrary
commands as that user.
The previous fix, while it did indeed correct the vulnerability, broke
the --display option. The original fix from Bernhard Link was more
correct, albeit not quite on target.
----------------------------------------------------------------------
SVN revision: 34574
Patch from Emmanuel Anne <emmanuel.anne@gmail.com> to fix cut/paste
with KDE applications.
----------------------------------------------------------------------
SVN revision: 34573
Modified patch from hsim@gmx.li to allow setting of the "Urgent" hint
on beep.
----------------------------------------------------------------------
SVN revision: 34572
Patch from Kim Woelders <kim@woelders.dk>:
There is a race problem with Eterm during startup related to the
shell LINES/COLUMNS env vars.
If the WM changes the window size (e.g. due to saved settings)
before mapping the window, sometimes the shell will set LINES and
COLUMNS according to the old/incorrect size and sometimes to the
new/correct size, depending on wheter the call to tt_winsize() at
command.c line 2322 (by the shell child process) or the
tt_resize() (by the Eterm process) due to the ConfigureNotify
caused by the resize (or WM ICCCM ConfigureNotify) operation
happens first.
The call in question was added by Azundris for Escreen. So far
Escreen seems to be behaving properly with this patch applied, but all
my Eterm windows (Escreen and otherwise) are pre-sized with -g anyway.
So I'm going to keep my eye on it for awhile. In case of trouble,
change the "#if 0" to "#ifdef ESCREEN" to revert to previous behavior
when in Escreen mode. Normal operation should not require the call in
question.
----------------------------------------------------------------------
SVN revision: 34568
Patch from Jason McCarver <slam@parasite.cc> to support -S/--sticky
option for "sticky" (i.e., present on all desktops) startup.
----------------------------------------------------------------------
SVN revision: 26874
Fixed a typo and some logic errors in libscream located by Mike
Frysinger <vapier@gentoo.org>.
----------------------------------------------------------------------
SVN revision: 26691
Fixed a problem that's been bugging me for ages: Instead of a
hard-coded delay, wait until we can connect to the ssh forwarding port
before starting the Escreen session via ssh.
Add usleep() to system() wait so as to not peg the CPU while sitting
and spinning.
----------------------------------------------------------------------
SVN revision: 22752
Patch from Kim Woelders <kim@woelders.dk> to optimize transparent
Eterms moved an even multiple of the desktop size (i.e., to another
desktop area).
----------------------------------------------------------------------
SVN revision: 22674
Add fallback attempt to open display in case NEED_LINUX_HACK is set
and shouldn't be.
----------------------------------------------------------------------
SVN revision: 20766
DragonFly BSD fixes from Joerg Sonnenberger <joerg@britannica.bec.de>.
Also some type mismatch fixes.
----------------------------------------------------------------------
SVN revision: 20313
Applied patches from Tres Melton <tres@mindspring.com> for SSE2
alignment and other shading-related issues.
----------------------------------------------------------------------
SVN revision: 19521
Fixed an incredibly-difficult-to-track-down missing "break" statement
which caused the "New..." and Ctrl-T functionality to fail to prompt
for a tab name.
----------------------------------------------------------------------
SVN revision: 17208
Applied a fix from benny@sweetfactory.org for a typo in keysym
handling.
Fixed percent signs in menu files thanks to Yasufumi Haga
<yasufumi.haga@nifty.com>.
Fixed E IPC version check to work with old and new schemes.
----------------------------------------------------------------------
SVN revision: 16213
Attempt to fix autogen.sh for Gentoo and Solaris.
Detect and avoid E 0.17 faking E 0.16.x's IPC mechanisms.
----------------------------------------------------------------------
SVN revision: 15535
Added SSE2 support patch thanks to Tres Melton <tres@mindspring.com>
and John Ellson <ellson@research.att.com>.
----------------------------------------------------------------------
SVN revision: 15322
Cleanups and optimizations from Tres Melton <tres@mindspring.com>.
----------------------------------------------------------------------
SVN revision: 15316