stable

libptytty-2.0-4.el7 and rxvt-unicode-9.31-1.el7

FEDORA-EPEL-2023-a99c56df6a created by carlwgeorge 5 months ago for Fedora EPEL 7

The last update for rxvt-unicode stripped it down to just the rxvt-unicode-terminfo subpackage, leaving the rxvt-unicode package empty with no files. This disruptive change was against EPEL policy. This new update restores the full rxvt-unicode package. It also updates the package to version 9.31 to match the version in EPEL 8, which correctly fixes CVE-2022-4170. It also introduces the libptytty dependency to EPEL 7.

This update has been submitted for testing by carlwgeorge.

5 months ago

This update's test gating status has been changed to 'ignored'.

5 months ago

This update has been pushed to testing.

5 months ago
User Icon rharwood commented & provided feedback 5 months ago

Oh hey, abuse of provenpackager. So much for caring about policy, eh? :)

User Icon carlwgeorge commented & provided feedback 5 months ago

Quoting the actual policy:

Provenpackagers lend a hand when help is needed, always with a desire to improve the quality of Fedora.

Help was needed and I provided it. This improved the quality of EPEL, which is part of the Fedora project.

Prior to making changes, provenpackagers should try to communicate with owners of a package in bugzilla, irc or email.

They should be careful not to change other people’s packages needlessly and try to do the minimal changes required to fix problems

I performed the minimum changes necessary to undo your policy-breaking change. In no way, shape, or form was me resolving this issue an abuse of proven packager permissions. Next time, follow EPEL policy so I don't have to step in to clean up your mess.

This update has been submitted for stable by bodhi.

4 months ago
User Icon rcxb1 commented & provided feedback 4 months ago
karma

Working well on CentOS-7. Put through its paces with a number of escape/control sequences, links, terminal games, etc. The TERM= change is annoying when SSH'ing to many systems, but perhaps necessary, can be overridden; not the fault of this package. Thanks

BZ#2160952 rxvt-unicode-9.30-2.el7.x86_64 contains NO FILES
BZ#2165151 rxvt-unicode-9.30-2 RPM on Epel7 repository is an invalid RPM
BZ#2170550 EPEL7 - rxvt-unicode package contains no data

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
urgent
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
5 months ago
in testing
5 months ago
in stable
4 months ago
approved
4 months ago
BZ#2151598 CVE-2022-4170 rxvt-unicode: remote code execution via background OSC [epel-all]
0
0
BZ#2160952 rxvt-unicode-9.30-2.el7.x86_64 contains NO FILES
0
1
BZ#2165151 rxvt-unicode-9.30-2 RPM on Epel7 repository is an invalid RPM
0
1
BZ#2170550 EPEL7 - rxvt-unicode package contains no data
0
1

Automated Test Results