rxvt, mrxvt, eterm: Mark vulnerable to unexpected command execution

https://www.openwall.com/lists/oss-security/2021/05/17/1
3 years ago · 6205c47b02
parent d6c64b2816
commit 6205c47b02
3 changed files with 9 additions and 0 deletions
--- a/pkgs/applications/terminal-emulators/eterm/default.nix
+++ b/pkgs/applications/terminal-emulators/eterm/default.nix
@ -39,5 +39,8 @@ stdenv.mkDerivation rec {
    license = licenses.bsd2;
    maintainers = [ maintainers.AndersonTorres ];
    platforms = platforms.linux;
+    knownVulnerabilities = [
+      "Usage of ANSI escape sequences causes unexpected newline-termination, leading to unexpected command execution (https://www.openwall.com/lists/oss-security/2021/05/17/1)"
+    ];
  };
 }
--- a/pkgs/applications/terminal-emulators/mrxvt/default.nix
+++ b/pkgs/applications/terminal-emulators/mrxvt/default.nix
@ -36,5 +36,8 @@ stdenv.mkDerivation {
    homepage = "https://sourceforge.net/projects/materm";
    license = licenses.gpl2;
    platforms = platforms.linux;
+    knownVulnerabilities = [
+      "Usage of ANSI escape sequences causes unexpected newline-termination, leading to unexpected command execution (https://www.openwall.com/lists/oss-security/2021/05/17/1)"
+    ];
  };
 }
--- a/pkgs/applications/terminal-emulators/rxvt/default.nix
+++ b/pkgs/applications/terminal-emulators/rxvt/default.nix
@ -35,5 +35,8 @@ stdenv.mkDerivation rec {
    maintainers = with maintainers; [ AndersonTorres ];
    license = licenses.gpl2;
    platforms = platforms.linux;
+    knownVulnerabilities = [
+      "Usage of ANSI escape sequences causes unexpected newline-termination, leading to unexpected command execution (https://www.openwall.com/lists/oss-security/2021/05/17/1)"
+    ];
  };
 }