diff -Nru vte-0.28.2/debian/changelog vte-0.28.2/debian/changelog --- vte-0.28.2/debian/changelog 2012-03-21 20:36:18.000000000 +0000 +++ vte-0.28.2/debian/changelog 2012-10-09 01:56:03.000000000 +0000 @@ -1,3 +1,44 @@ +vte (1:0.28.2-5ubuntu1) quantal; urgency=low + + * Resynchronise with Debian (libexecdir fix closes LP: #864609). + Remaining changes: + - debian/patches/91_keep_fds.patch: + - vte does not support G_SPAWN_LEAVE_DESCRIPTORS_OPEN when calling + vte_terminal_fork_command_full(). + - debian/patches/93_add_alt_screen_scroll_toggle.patch: + - Handle scrolling differently when using alternate screen or + scrolling is restricted. + - debian/patches/lp246701_scroll_region_updates.patch: + - Fix update glitch related to scroll regions. + - debian/patches/backscroll-stream-mem.patch: + - Provide a memory-based scrollback stream backend to avoid hitting + disk with terminal contents. + * Add version for vte_terminal_set_alternate_screen_scroll to + libvte9.symbols (probably a bit too tight, but due to changelog + truncation this is the best I could readily manage). + + -- Colin Watson Tue, 09 Oct 2012 02:55:15 +0100 + +vte (1:0.28.2-5) unstable; urgency=medium + + * Update repository URL. + * 03_CVE-2012-2738.patch, 04_CVE-2012-2738.patch: backport upstream + patches to fix a memory exhaustion vulnerability. Closes: #677717. + + -- Josselin Mouette Sat, 23 Jun 2012 16:02:46 +0200 + +vte (1:0.28.2-4) unstable; urgency=low + + * debian/control.in: + - Remove obsolete Conflicts and Replaces. + * debian/rules: + - Correctly pass libexecdir to configure so libvte has the correct path to + gnome-pty-helper. Closes: #645104 + * Add symbols file for libvte9 for improved shlibs dependencies and bump + shlibs accordingly. Closes: #633798 + + -- Michael Biebl Sun, 11 Dec 2011 23:04:54 +0100 + vte (1:0.28.2-3ubuntu2) precise; urgency=low * Add debian/patches/backscroll-stream-mem.patch: provide a memory-based diff -Nru vte-0.28.2/debian/control vte-0.28.2/debian/control --- vte-0.28.2/debian/control 2012-03-21 20:40:38.000000000 +0000 +++ vte-0.28.2/debian/control 2012-10-09 01:56:12.000000000 +0000 @@ -2,7 +2,6 @@ # # Modifications should be made to debian/control.in instead. # This file is regenerated automatically in the clean target. - Source: vte Section: libs Priority: optional @@ -37,11 +36,11 @@ libvte-common (= ${source:Version}) Description: Terminal emulator widget for GTK+ 2.0 - runtime files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the runtime library, needed by programs using the + This package contains the runtime library, needed by programs using the VTE widget with GTK+ 2.0. Package: libvte9-udeb @@ -53,11 +52,11 @@ ${shlibs:Depends} Description: Terminal emulator widget for GTK+ 2.0 - minimal runtime The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the minimal runtime library for GTK+ 2.0 needed + This package contains the minimal runtime library for GTK+ 2.0 needed by the Debian installer. Package: libvte-dev @@ -75,26 +74,25 @@ Provides: python-vte-dev Description: Terminal emulator widget for GTK+ 2.0 - development files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains development files for the VTE library and its - Python bindings. It is needed to develop and build programs using the + This package contains development files for the VTE library and its + Python bindings. It is needed to develop and build programs using the VTE widget with GTK+ 2.0. Package: libvte-common Architecture: all Depends: ${misc:Depends} -Replaces: libvte2 (<= 0.5.1-2) Breaks: libvte9 (<< 1:0.28) Description: Terminal emulator widget for GTK+ 2.x - common files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains internationalization files for the VTE library + This package contains internationalization files for the VTE library and common files for the GTK+ 2.x version. Package: python-vte @@ -105,19 +103,15 @@ ${python:Depends}, python-gtk2, libvte-common (= ${source:Version}) -Conflicts: python2.3-vte, - python2.4-vte -Replaces: python2.3-vte, - python2.4-vte Breaks: gdebi (<< 0.6.1), python-apt (<< 0.8.0~exp2) Description: Python bindings for the VTE widget set The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the Python bindings to the VTE library for GTK+ + This package contains the Python bindings to the VTE library for GTK+ 2.x. Package: libvte-doc @@ -126,9 +120,9 @@ Depends: ${misc:Depends} Description: Terminal emulator widget for GTK+ 2.x - documentation The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains documentation files for the VTE library for GTK+ + This package contains documentation files for the VTE library for GTK+ 2.x. diff -Nru vte-0.28.2/debian/control.in vte-0.28.2/debian/control.in --- vte-0.28.2/debian/control.in 2011-12-12 18:51:13.000000000 +0000 +++ vte-0.28.2/debian/control.in 2012-10-09 01:56:03.000000000 +0000 @@ -32,11 +32,11 @@ libvte-common (= ${source:Version}) Description: Terminal emulator widget for GTK+ 2.0 - runtime files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the runtime library, needed by programs using the + This package contains the runtime library, needed by programs using the VTE widget with GTK+ 2.0. Package: libvte9-udeb @@ -48,11 +48,11 @@ ${shlibs:Depends} Description: Terminal emulator widget for GTK+ 2.0 - minimal runtime The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the minimal runtime library for GTK+ 2.0 needed + This package contains the minimal runtime library for GTK+ 2.0 needed by the Debian installer. Package: libvte-dev @@ -70,26 +70,25 @@ Provides: python-vte-dev Description: Terminal emulator widget for GTK+ 2.0 - development files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains development files for the VTE library and its - Python bindings. It is needed to develop and build programs using the + This package contains development files for the VTE library and its + Python bindings. It is needed to develop and build programs using the VTE widget with GTK+ 2.0. Package: libvte-common Architecture: all Depends: ${misc:Depends} -Replaces: libvte2 (<= 0.5.1-2) Breaks: libvte9 (<< 1:0.28) Description: Terminal emulator widget for GTK+ 2.x - common files The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains internationalization files for the VTE library + This package contains internationalization files for the VTE library and common files for the GTK+ 2.x version. Package: python-vte @@ -100,19 +99,15 @@ ${python:Depends}, python-gtk2, libvte-common (= ${source:Version}) -Conflicts: python2.3-vte, - python2.4-vte -Replaces: python2.3-vte, - python2.4-vte Breaks: gdebi (<< 0.6.1), python-apt (<< 0.8.0~exp2) Description: Python bindings for the VTE widget set The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains the Python bindings to the VTE library for GTK+ + This package contains the Python bindings to the VTE library for GTK+ 2.x. Package: libvte-doc @@ -121,9 +116,9 @@ Depends: ${misc:Depends} Description: Terminal emulator widget for GTK+ 2.x - documentation The VTE library provides a terminal emulator widget VteTerminal for - applications using the GTK+ toolkit. It also provides the VtePTY object - containing functions for starting a new process on a new + applications using the GTK+ toolkit. It also provides the VtePTY object + containing functions for starting a new process on a new pseudo-terminal and for manipulating pseudo-terminals. . - This package contains documentation files for the VTE library for GTK+ + This package contains documentation files for the VTE library for GTK+ 2.x. diff -Nru vte-0.28.2/debian/libvte9.symbols vte-0.28.2/debian/libvte9.symbols --- vte-0.28.2/debian/libvte9.symbols 1970-01-01 00:00:00.000000000 +0000 +++ vte-0.28.2/debian/libvte9.symbols 2012-10-09 01:56:03.000000000 +0000 @@ -0,0 +1,136 @@ +libvte.so.9 libvte9 #MINVER# + _vte_debug_flags@Base 1:0.24.0 + _vte_debug_init@Base 1:0.24.0 + _vte_pty_close@Base 1:0.24.0 + _vte_pty_get_size@Base 1:0.24.0 + _vte_pty_open@Base 1:0.24.0 + _vte_pty_set_size@Base 1:0.24.0 + _vte_pty_set_utf8@Base 1:0.24.0 + vte_get_user_shell@Base 1:0.28.0 + vte_pty_child_setup@Base 1:0.28.0 + vte_pty_close@Base 1:0.28.0 + vte_pty_error_get_type@Base 1:0.28.0 + vte_pty_error_quark@Base 1:0.28.0 + vte_pty_flags_get_type@Base 1:0.28.0 + vte_pty_get_fd@Base 1:0.28.0 + vte_pty_get_size@Base 1:0.28.0 + vte_pty_get_type@Base 1:0.28.0 + vte_pty_new@Base 1:0.28.0 + vte_pty_new_foreign@Base 1:0.28.0 + vte_pty_set_size@Base 1:0.28.0 + vte_pty_set_term@Base 1:0.28.0 + vte_pty_set_utf8@Base 1:0.28.0 + vte_reaper_add_child@Base 1:0.24.0 + vte_reaper_get@Base 1:0.24.0 + vte_reaper_get_type@Base 1:0.24.0 + vte_terminal_accessible_factory_get_type@Base 1:0.24.0 + vte_terminal_accessible_factory_new@Base 1:0.24.0 + vte_terminal_accessible_get_type@Base 1:0.24.0 + vte_terminal_accessible_new@Base 1:0.24.0 + vte_terminal_anti_alias_get_type@Base 1:0.24.0 + vte_terminal_copy_clipboard@Base 1:0.24.0 + vte_terminal_copy_primary@Base 1:0.24.0 + vte_terminal_cursor_blink_mode_get_type@Base 1:0.24.0 + vte_terminal_cursor_shape_get_type@Base 1:0.24.0 + vte_terminal_erase_binding_get_type@Base 1:0.24.0 + vte_terminal_feed@Base 1:0.24.0 + vte_terminal_feed_child@Base 1:0.24.0 + vte_terminal_feed_child_binary@Base 1:0.24.0 + vte_terminal_fork_command@Base 1:0.24.0 + vte_terminal_fork_command_full@Base 1:0.28.0 + vte_terminal_forkpty@Base 1:0.24.0 + vte_terminal_get_adjustment@Base 1:0.24.0 + vte_terminal_get_allow_bold@Base 1:0.24.0 + vte_terminal_get_audible_bell@Base 1:0.24.0 + vte_terminal_get_char_ascent@Base 1:0.24.0 + vte_terminal_get_char_descent@Base 1:0.24.0 + vte_terminal_get_char_height@Base 1:0.24.0 + vte_terminal_get_char_width@Base 1:0.24.0 + vte_terminal_get_child_exit_status@Base 1:0.24.0 + vte_terminal_get_column_count@Base 1:0.24.0 + vte_terminal_get_cursor_blink_mode@Base 1:0.24.0 + vte_terminal_get_cursor_position@Base 1:0.24.0 + vte_terminal_get_cursor_shape@Base 1:0.24.0 + vte_terminal_get_default_emulation@Base 1:0.24.0 + vte_terminal_get_emulation@Base 1:0.24.0 + vte_terminal_get_encoding@Base 1:0.24.0 + vte_terminal_get_font@Base 1:0.24.0 + vte_terminal_get_has_selection@Base 1:0.24.0 + vte_terminal_get_icon_title@Base 1:0.24.0 + vte_terminal_get_mouse_autohide@Base 1:0.24.0 + vte_terminal_get_padding@Base 1:0.24.0 + vte_terminal_get_pty@Base 1:0.24.0 + vte_terminal_get_pty_object@Base 1:0.28.0 + vte_terminal_get_row_count@Base 1:0.24.0 + vte_terminal_get_status_line@Base 1:0.24.0 + vte_terminal_get_text@Base 1:0.24.0 + vte_terminal_get_text_include_trailing_spaces@Base 1:0.24.0 + vte_terminal_get_text_range@Base 1:0.24.0 + vte_terminal_get_type@Base 1:0.24.0 + vte_terminal_get_using_xft@Base 1:0.24.0 + vte_terminal_get_visible_bell@Base 1:0.24.0 + vte_terminal_get_window_title@Base 1:0.24.0 + vte_terminal_im_append_menuitems@Base 1:0.24.0 + vte_terminal_is_word_char@Base 1:0.24.0 + vte_terminal_match_add@Base 1:0.24.0 + vte_terminal_match_add_gregex@Base 1:0.24.0 + vte_terminal_match_check@Base 1:0.24.0 + vte_terminal_match_clear_all@Base 1:0.24.0 + vte_terminal_match_remove@Base 1:0.24.0 + vte_terminal_match_set_cursor@Base 1:0.24.0 + vte_terminal_match_set_cursor_name@Base 1:0.24.0 + vte_terminal_match_set_cursor_type@Base 1:0.24.0 + vte_terminal_new@Base 1:0.24.0 + vte_terminal_paste_clipboard@Base 1:0.24.0 + vte_terminal_paste_primary@Base 1:0.24.0 + vte_terminal_pty_new@Base 1:0.28.0 + vte_terminal_reset@Base 1:0.24.0 + vte_terminal_search_find_next@Base 1:0.28.0 + vte_terminal_search_find_previous@Base 1:0.28.0 + vte_terminal_search_get_gregex@Base 1:0.28.0 + vte_terminal_search_get_wrap_around@Base 1:0.28.0 + vte_terminal_search_set_gregex@Base 1:0.28.0 + vte_terminal_search_set_wrap_around@Base 1:0.28.0 + vte_terminal_select_all@Base 1:0.24.0 + vte_terminal_select_none@Base 1:0.24.0 + vte_terminal_set_allow_bold@Base 1:0.24.0 + vte_terminal_set_alternate_screen_scroll@Base 1:0.28.0-1ubuntu1~ + vte_terminal_set_audible_bell@Base 1:0.24.0 + vte_terminal_set_background_image@Base 1:0.24.0 + vte_terminal_set_background_image_file@Base 1:0.24.0 + vte_terminal_set_background_saturation@Base 1:0.24.0 + vte_terminal_set_background_tint_color@Base 1:0.24.0 + vte_terminal_set_background_transparent@Base 1:0.24.0 + vte_terminal_set_backspace_binding@Base 1:0.24.0 + vte_terminal_set_color_background@Base 1:0.24.0 + vte_terminal_set_color_bold@Base 1:0.24.0 + vte_terminal_set_color_cursor@Base 1:0.24.0 + vte_terminal_set_color_dim@Base 1:0.24.0 + vte_terminal_set_color_foreground@Base 1:0.24.0 + vte_terminal_set_color_highlight@Base 1:0.24.0 + vte_terminal_set_colors@Base 1:0.24.0 + vte_terminal_set_cursor_blink_mode@Base 1:0.24.0 + vte_terminal_set_cursor_blinks@Base 1:0.24.0 + vte_terminal_set_cursor_shape@Base 1:0.24.0 + vte_terminal_set_default_colors@Base 1:0.24.0 + vte_terminal_set_delete_binding@Base 1:0.24.0 + vte_terminal_set_emulation@Base 1:0.24.0 + vte_terminal_set_encoding@Base 1:0.24.0 + vte_terminal_set_font@Base 1:0.24.0 + vte_terminal_set_font_from_string@Base 1:0.24.0 + vte_terminal_set_font_from_string_full@Base 1:0.24.0 + vte_terminal_set_font_full@Base 1:0.24.0 + vte_terminal_set_mouse_autohide@Base 1:0.24.0 + vte_terminal_set_opacity@Base 1:0.24.0 + vte_terminal_set_pty@Base 1:0.24.0 + vte_terminal_set_pty_object@Base 1:0.28.0 + vte_terminal_set_scroll_background@Base 1:0.24.0 + vte_terminal_set_scroll_on_keystroke@Base 1:0.24.0 + vte_terminal_set_scroll_on_output@Base 1:0.24.0 + vte_terminal_set_scrollback_lines@Base 1:0.24.0 + vte_terminal_set_size@Base 1:0.24.0 + vte_terminal_set_visible_bell@Base 1:0.24.0 + vte_terminal_set_word_chars@Base 1:0.24.0 + vte_terminal_watch_child@Base 1:0.28.0 + vte_terminal_write_contents@Base 1:0.24.0 + vte_terminal_write_flags_get_type@Base 1:0.24.0 diff -Nru vte-0.28.2/debian/patches/03_CVE-2012-2738.patch vte-0.28.2/debian/patches/03_CVE-2012-2738.patch --- vte-0.28.2/debian/patches/03_CVE-2012-2738.patch 1970-01-01 00:00:00.000000000 +0000 +++ vte-0.28.2/debian/patches/03_CVE-2012-2738.patch 2012-10-09 01:56:03.000000000 +0000 @@ -0,0 +1,40 @@ +From feeee4b5832b17641e505b7083e0d299fdae318e Mon Sep 17 00:00:00 2001 +From: Christian Persch +Date: Sat, 19 May 2012 17:36:09 +0000 +Subject: emulation: Limit integer arguments to 65535 + +To guard against malicious sequences containing excessively big numbers, +limit all parsed numbers to 16 bit range. Doing this here in the parsing +routine is a catch-all guard; this doesn't preclude enforcing +more stringent limits in the handlers themselves. + +https://bugzilla.gnome.org/show_bug.cgi?id=676090 +--- +diff --git a/src/table.c b/src/table.c +index 140e8c8..85cf631 100644 +--- a/src/table.c ++++ b/src/table.c +@@ -550,7 +550,7 @@ _vte_table_extract_numbers(GValueArray **array, + if (G_UNLIKELY (*array == NULL)) { + *array = g_value_array_new(1); + } +- g_value_set_long(&value, total); ++ g_value_set_long(&value, CLAMP (total, 0, G_MAXUSHORT)); + g_value_array_append(*array, &value); + } while (i++ < arginfo->length); + g_value_unset(&value); +diff --git a/src/vteseq.c b/src/vteseq.c +index 457c06a..46def5b 100644 +--- a/src/vteseq.c ++++ b/src/vteseq.c +@@ -557,7 +557,7 @@ vte_sequence_handler_multiple(VteTerminal *terminal, + GValueArray *params, + VteTerminalSequenceHandler handler) + { +- vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXLONG); ++ vte_sequence_handler_multiple_limited(terminal, params, handler, G_MAXUSHORT); + } + + static void +-- +cgit v0.9.0.2 diff -Nru vte-0.28.2/debian/patches/04_CVE-2012-2738.patch vte-0.28.2/debian/patches/04_CVE-2012-2738.patch --- vte-0.28.2/debian/patches/04_CVE-2012-2738.patch 1970-01-01 00:00:00.000000000 +0000 +++ vte-0.28.2/debian/patches/04_CVE-2012-2738.patch 2012-10-09 01:56:03.000000000 +0000 @@ -0,0 +1,82 @@ +From 98ce2f265f986fb88c38d508286bb5e3716b9e74 Mon Sep 17 00:00:00 2001 +From: Christian Persch +Date: Sat, 19 May 2012 18:04:12 +0000 +Subject: emulation: Limit repetitions + +Don't allow malicious sequences to cause excessive repetitions. + +https://bugzilla.gnome.org/show_bug.cgi?id=676090 +--- +diff --git a/src/vteseq.c b/src/vteseq.c +index 46def5b..7fb4707 100644 +--- a/src/vteseq.c ++++ b/src/vteseq.c +@@ -1397,7 +1397,7 @@ vte_sequence_handler_dc (VteTerminal *terminal, GValueArray *params) + static void + vte_sequence_handler_DC (VteTerminal *terminal, GValueArray *params) + { +- vte_sequence_handler_multiple(terminal, params, vte_sequence_handler_dc); ++ vte_sequence_handler_multiple_r(terminal, params, vte_sequence_handler_dc); + } + + /* Delete a line at the current cursor position. */ +@@ -1790,7 +1790,7 @@ vte_sequence_handler_reverse_index (VteTerminal *terminal, GValueArray *params) + static void + vte_sequence_handler_RI (VteTerminal *terminal, GValueArray *params) + { +- vte_sequence_handler_multiple(terminal, params, vte_sequence_handler_nd); ++ vte_sequence_handler_multiple_r(terminal, params, vte_sequence_handler_nd); + } + + /* Save cursor (position). */ +@@ -2782,8 +2782,7 @@ vte_sequence_handler_insert_lines (VteTerminal *terminal, GValueArray *params) + { + GValue *value; + VteScreen *screen; +- long param, end, row; +- int i; ++ long param, end, row, i, limit; + screen = terminal->pvt->screen; + /* The default is one. */ + param = 1; +@@ -2801,7 +2800,13 @@ vte_sequence_handler_insert_lines (VteTerminal *terminal, GValueArray *params) + } else { + end = screen->insert_delta + terminal->row_count - 1; + } +- /* Insert the new lines at the cursor. */ ++ ++ /* Only allow to insert as many lines as there are between this row ++ * and the end of the scrolling region. See bug #676090. ++ */ ++ limit = end - row + 1; ++ param = MIN (param, limit); ++ + for (i = 0; i < param; i++) { + /* Clear a line off the end of the region and add one to the + * top of the region. */ +@@ -2822,8 +2827,7 @@ vte_sequence_handler_delete_lines (VteTerminal *terminal, GValueArray *params) + { + GValue *value; + VteScreen *screen; +- long param, end, row; +- int i; ++ long param, end, row, i, limit; + + screen = terminal->pvt->screen; + /* The default is one. */ +@@ -2842,6 +2846,13 @@ vte_sequence_handler_delete_lines (VteTerminal *terminal, GValueArray *params) + } else { + end = screen->insert_delta + terminal->row_count - 1; + } ++ ++ /* Only allow to delete as many lines as there are between this row ++ * and the end of the scrolling region. See bug #676090. ++ */ ++ limit = end - row + 1; ++ param = MIN (param, limit); ++ + /* Clear them from below the current cursor. */ + for (i = 0; i < param; i++) { + /* Insert a line at the end of the region and remove one from +-- +cgit v0.9.0.2 diff -Nru vte-0.28.2/debian/patches/series vte-0.28.2/debian/patches/series --- vte-0.28.2/debian/patches/series 2012-03-11 13:21:54.000000000 +0000 +++ vte-0.28.2/debian/patches/series 2012-10-09 01:56:03.000000000 +0000 @@ -1,5 +1,7 @@ 01_scroll_notebook.patch 02_meta.patch +03_CVE-2012-2738.patch +04_CVE-2012-2738.patch 25_optional-ncurses.patch 60_termcap-home-end.patch 91_keep_fds.patch diff -Nru vte-0.28.2/debian/rules vte-0.28.2/debian/rules --- vte-0.28.2/debian/rules 2011-12-12 18:51:13.000000000 +0000 +++ vte-0.28.2/debian/rules 2012-10-09 01:56:03.000000000 +0000 @@ -14,13 +14,13 @@ include /usr/share/gnome-pkg-tools/1/rules/uploaders.mk include /usr/share/gnome-pkg-tools/1/rules/gnome-get-source.mk +DEB_CONFIGURE_LIBEXECDIR := \$${prefix}/lib/$(libvteN) DEB_FIXPERMS_EXCLUDE += gnome-pty-helper -DEB_DH_MAKESHLIBS_ARGS_$(libvteN) += -V '$(libvteN) (>= 1:0.24.0)' --add-udeb=$(udeb) +DEB_DH_MAKESHLIBS_ARGS_$(libvteN) += -V '$(libvteN) (>= 1:0.28.0)' --add-udeb=$(udeb) DEB_CONFIGURE_EXTRA_FLAGS += PYTHON="/usr/bin/$(cdbs_make_curflavor)" DEB_CONFIGURE_FLAGS_main += \ - --libexecdir=/usr/lib/$(libvteN) \ --disable-python DEB_CONFIGURE_FLAGS_udeb += \