Debian changelog in Git: ncurses (6.4+20230603-1) UNRELEASED; urgency=low
* New upstream patchlevel.
- Improve checks for malformed terminfo data (report/analysis by
Jonathan Bar Or, Michael Pearse, Emanuele Cozzi (CVE-2023-29491,
Closes: #1034372)).
- Drop compatibility with obsolete versions of tack, e.g., pre-1.08
(Closes: #1034549).
* Drop cherry-picked patches, applied upstream.
* Configure with "--disable-setuid-environ" instead of
"--disable-root-environ" and drop patch debian-env-access.diff.
* Refresh remaining Debian patches.
- Drop the hunk for screen-base from 02-debian-backspace.diff.
Upstream sets kbs in screen-base to xterm+kbs now, so this is
handled via the "--with-xterm-kbs" configure option.
* Update symbols files for the new symbols tiparm_s and tiscan_s.
* Remove the ncurses{w,}5-config compatibility symlinks
(Closes: #1029977).
* Remove old upstream SHA1 signing key C52048C0C0748FEE from
debian/upstream/signing-key.asc.
* Export ARFLAGS = -crv in debian/rules to ensure deterministic static
libraries (see #1029404).
* Stop building the empty transitional packages libtinfo-dev
and libncurses{,w}5-dev (Closes: #1032708, #1032740, #1032741).
* Move the ncurses-base terminfo files to /usr/share/terminfo
(Closes: #1028202).
- Add a Breaks on cryptsetup-initramfs (<< 2:2.6.1) to ncurses-base
(see #1028234).
-- Sven Joachim <svenjoac@gmx.de> Mon, 05 Jun 2023 18:14:09 +0200
Git log: commit 58f57c940097647020d0f308d01c3be5127a4f6a
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 21:44:31 2023 +0200
Close bug #1034549
As of the 20230423 upstream patchlevel, the problematic tic.h and
nc_tparm.h header files are no longer installed.
Closes: #1034549
commit dd14dc3ff9c25ea44b200b73dea6d4759ce7034f
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 21:44:05 2023 +0200
Close bug #1034372
CVE-2023-29491 has been addressed in the 20230408 upstream patchlevel,
with some additional fixups in the 20230415 and 20230423 patchlevels.
Closes: #1034372
commit 07a6c78e0ca7816cf9693ede7de9242159041356
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 21:32:06 2023 +0200
Add Breaks on cryptsetup-initramfs (<< 2:2.6.1) to ncurses-base
Older versions of cryptsetup-initramfs will only look for the "linux"
terminfo entry under /lib/terminfo and fail if is not there, see
https://bugs.debian.org/1028234.
This especially impacts derivatives with a different release schedule
than Debian, for instance partial upgrades from Ubuntu 22.04 to 24.04
are prone to see that happening.
commit 8ca43ad240d4386c8dd70a91b574bf71365566fe
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 21:28:11 2023 +0200
Move the ncurses-base terminfo files to /usr/share/terminfo
Update the Depends/Replaces/Breaks relationships between ncurses-base
and ncurses-term accordingly, as some symlinks in ncurses-term have
been taken over by ncurses-base.
Closes: #1028202
commit 5de2c473dd38e387a86da3e14c977acb8c457610
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 21:25:53 2023 +0200
Stop building the empty transitional packages
The transitional packages libtinfo-dev, libncurses5-dev and
libncursesw5-dev are empty and have been around for five years. While
there are still many reverse (build-)dependencies, they are all
fulfilled by the versioned Provides in libncurses-dev, so it should be
safe to drop the transitional packages.
Closes: #1032708, #1032740, #1032741
commit bd2267f6ffb70709c48ea286565ba9d37152b553
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:48:13 2023 +0200
Set ARFLAGS = -crv to ensure deterministic static libraries
We should build the static libraries reproducibly even if they are not
stripped, e.g. when dh_strip fails (see #875780 and #1029404), or when
"nostrip" is in DEB_BUILD_OPTIONS.
Upstream sets ARFLAGS=-curvU by default, which is good during
development as it avoids unnecessary rebuilds of the static libraries,
but bad if you care about reproducibility.
Note that ARFLAGS = -crvD would be a bit clearer, but unfortunately it
does not work. The CF_AR_FLAGS macro in aclocal.m4 compares ARFLAGS
against a set of known values, and if it is not found, the build
fails.
commit 19fe3d8e5cc4152aaa08622badc5ff2182549b02
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:48:02 2023 +0200
Remove old upstream SHA1 signing key C52048C0C0748FEE
Upstream switched to a newer key in July 2021, it would be rather
suspicious if he started to use the old key again. Remove it so that
we immediately notice if that ever happens.
commit c8ff9407bad5b6bf4968e6a83144fec518e41f1d
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:46:29 2023 +0200
Remove the ncurses{w,}5-config compatibility symlinks
Five years should have been enough for everyone to adapt, although the
three stragglers mentioned in commit cb0ccf3f9bc6 still have not done
that. So be it.
Closes: #1029977
commit 6af21d0dc13fefbdc7a2b53700b89499f127820f
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:44:38 2023 +0200
Drop debian/ncurses-doc.links
This file is no longer neccessary, as of the 20230121 patchlevel the
link will be created by "make install". See the thread at
https://mail.gnu.org/archive/html/bug-ncurses/2023-01/threads.html#00031.
commit b3981d204940d377ce44230697cdce67c507b4de
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:27:54 2023 +0200
Update symbols files
The tiparm_s and tiscan_s symbols are new in the 20230423 patchlevel.
commit 4e50f390bf4711e59fe8ccecb35deb7aca6ff2fe
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:25:02 2023 +0200
Refresh Debian patches
Drop the hunk for screen-base from 02-debian-backspace.diff. Since
the 20230107 patchlevel, kbs in screen-base is set to xterm+kbs, so
this is now handled via the "--with-xterm-kbs" configure option.
The patch 02-debian-xterm.diff failed to apply due to changes in the
20230114 patchlevel, but has no functional changes.
commit b5d90602b80d8aaa2e9886ecb3c4507de0294f7e
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:19:28 2023 +0200
Configure with "--disable-setuid-environ"
Configure with "--disable-setuid-environ" instead of
"--disable-root-environ", making the patch debian-env-access.diff
redundant.
commit 81f669f92474983e5e40d1391fbaa4e58efb611a
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:17:33 2023 +0200
Drop cherry-picked patches
commit 8bdcfb65df1fa82b6a5b7453f4857e0270446720
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:14:38 2023 +0200
New upstream patchlevel
commit f31be7551e616eb1e1b481ef79feeffbddc1e960
Merge: 36b1ebc9f e29a45957
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Jun 5 18:13:01 2023 +0200
Merge tag 'upstream/6.4+20230603'
Upstream patchlevel 6.4+20230603
commit e29a45957ceee0901a35dffbfdb99755b09ad943
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jun 4 08:19:12 2023 +0200
Import upstream patch 20230603
20230603
+ add configure option --with-strip-program, to override program
chosen by the install program for stripping executables (prompted
by discussion with Aapo Rantalainen).
+ fix typo in INSTALL (report/patch by Aapo Rantalainen).
+ improve error-checks for isEILSEQ()
+ increase MB_CUR_MAX to 16, matching glibc's MB_LEN_MAX.
+ corrected mouse mask in test/testcurs.c
+ improve thread lock in lib_trace.c
commit bfa2a33830d0711e0f3be8541e9e19f061b3764a
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun May 28 08:19:26 2023 +0200
Import upstream patch 20230527
20230527
+ fixes for compiler warnings/cppcheck.
commit 172d27409decd716e60f4375e76abfa9071dcc01
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun May 21 08:28:52 2023 +0200
Import upstream patch 20230520
20230520
+ fixes for compiler warnings in MinGW environments.
commit 16452ec77801fe302b904e89b90a91e7faf42311
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon May 15 07:20:38 2023 +0200
Import upstream patch 20230514
20230514
+ modify test-package "ncurses6-doc" to use manpage-aliases, which in
turn required a change to the configure script to factor in the
extra-suffix option when deriving alias names.
+ add mode 1004 to xterm+sm+1006 from xterm #380 -TD
commit 311b28fd4ce85f11372c36a5e374d2cb920aee82
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun May 7 08:27:05 2023 +0200
Import upstream patch 20230506
20230506
> build-fixes related to configure-options and/or platform:
+ fix for --enable-fvisibility
+ fix for unusual values of --with-rel-version
+ fix for unusual values of --with-abi-version
+ fix for --disable-tcap-names
+ fix for termcap in nc_access.h (report by Werner Fink).
commit 504cdd8b2023a415071b0f58e962a3ab2eec8566
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Apr 30 08:13:48 2023 +0200
Import upstream patch 20230429
20230429
+ revise recent change to _nc_write_entry to isolate it to a Cygwin bug
(cf: 20230311)
+ amend fix for wgetnstr, wgetn_wstr to use cbreak mode unless raw
mode was set (cf: 20210522).
+ fix a few warnings from cppcheck, etc.
+ correct copy/paste error in nc_access.h (report by Werner Fink).
commit ac38515750bb34c2c942354624ac63694ce2c941
Author: Sven Joachim <svenjoac@gmx.de>
Date: Tue Apr 25 06:43:05 2023 +0200
Import upstream patch 20230424
20230424
+ check return value of _nc_save_str(), in special case for tic where
extended capabilities are processed but the terminal description was
not initialized (report by Ziqiao Kong).
+ regenerate llib-* files.
commit 6e8a14861637b5c2aba4fb27ba6d8b858e5f1993
Author: Sven Joachim <svenjoac@gmx.de>
Date: Mon Apr 24 17:24:38 2023 +0200
Import upstream patch 20230423
20230423
+ add tiscan_s() to help applications check formatting capabilities
that would be passed to tiparm_s, etc.
+ add tiparm_s() to provide applications a way to tell ncurses what
the expected parameters are for a capability (tmux #3531).
+ improve check in lib_tparm.c, ensuring that a char* fits into a
TPARM_ARG.
+ add --disable-setuid-environ configure option (request by Sven
Joachim).
+ drop compatibility with obsolete versions of tack, e.g., pre-1.08
(Debian #1034549, cf: 20170722).
commit 3833906205d6f64fbec9d587229f78427643a98b
Author: Sven Joachim <svenjoac@gmx.de>
Date: Wed Apr 19 07:06:26 2023 +0200
Import upstream patch 20230418
20230418
+ improve checks for limits on privileged execution:
+ modify _nc_syserr_abort() to use _nc_env_access(), rather than
only checking root uid.
+ use getauxval() when available, to improve setuid/setgid checks.
+ modify test packages to disable root access/environ options.
+ modify tgoto() to accept no-parameter capabilities, for joe editor
(OpenSUSE #1210485, Gentoo #904263).
commit 181c9eef1a86b93dcc882a8956db7d336340c861
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Apr 16 08:33:22 2023 +0200
Import upstream patch 20230415
20230415
+ configure script fixes:
+ fix copy/paste error in configure option --disable-root-access
(report/patch by Sven Joachim).
+ modify CF_XOPEN_SOURCE macro's amend default case to avoid
undefining _XOPEN_SOURCE if _POSIX_C_SOURCE is defined.
+ modify test_tparm to account for extended capabilities.
+ add checks in tparm() and tiparm() for misuse of numeric parameters,
overlooked in 20230408.
+ fix errata in clear.1 and curs_terminfo.3x
commit a9a9178ee02007a0868896165f6915ce37c788e7
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Apr 9 08:18:35 2023 +0200
Import upstream patch 20230408
20230408
+ document limitations of tparm, and error-returns in curs_terminfo.3x
+ document limitations of tgoto, and error-returns in curs_termcap.3x
+ add xterm+focus to alacritty+common (patch by Christian Duerr).
+ add "-v" option to tput, to show warnings.
> improve checks for malformed terminfo data (report/analysis by
Jonathan Bar Or, Michael Pearse, Emanuele Cozzi).
+ make the parameter type/count checks in _nc_tiparm() more stringent
+ update tgoto() to account for _nc_tiparm() changes
+ add checks in tparm() and tiparm() for misuse of string parameters
+ add special cases in tput to handle extensions Cs/Ms parameters
+ ignore compiled-terminfo where the array sizes exceed the standard
commit 214d61782a57a426a27992cee0ce51700d86d83f
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Apr 2 08:38:40 2023 +0200
Import upstream patch 20230401
20230401
+ modify experimental Windows driver to work with xterm mouse protocol.
+ remove DECCOLM+DECSCLM from foot (patch by Daniel Ekloef).
commit 8a304979ba6d455f580f27dd50e2f38c31801051
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Mar 12 08:28:34 2023 +0100
Import upstream patch 20230311
20230311
+ improve manpage description for addch versus unctrl format used for
non-printable characters.
+ modify version-check for gcc/g++, now works for msys2.
+ modify check in _nc_write_entry() for multiply defined aliases to
report problems within the current runtime of tic rather than for
conflicts with pre-existing terminal descriptions.
+ allow for MinGW32-/64-bit configurations to use _DEFAULT_SOURCE
+ clarify interaction of -R option versus -C, -I and -r in infocmp
manpage.
+ build-fix in lib_win32con.c (cf: 20230211).
commit d5370830930eba7f9535bcc4437792619a42d1d8
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 26 07:34:28 2023 +0100
Import upstream patch 20230225
20230225
+ build-fixes for rpm test-packages.
+ add/user configure check for clock_gettime(), to supersede
gettimeofday().
commit fceb3308ff897e9442eea9f0cd234b617ba2a820
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 19 07:44:29 2023 +0100
Import upstream patch 20230218
20230218
+ configure-script improvements:
+ recent msys2 headers work with _DEFAULT_SOURCE; amend check
+ use $ac_includes_default in most cases where stdlib.h should work
+ use #error consistently vs "make an error"
+ add configure macro for gettimeofday vs inline check
commit 1f2424bc4615e0766395edaebfa35a5c31fc5b2f
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Feb 12 08:33:02 2023 +0100
Import upstream patch 20230211
20230211
+ set dwShareMode in calls to CreateConsoleScreenBuffer() (patch by
Hannes Domani).
+ use CreateFile with "CONIN$", "CONOUT$" rather than GetStdHandle to
obtain a handle on the actual console, avoiding redirection in the
MinGW/Win32 configurations (adapted from patch by LIU Hao).
commit 5ace35328c99ff2da543192dad5251c1882e9558
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 29 08:21:48 2023 +0100
Import upstream patch 20230128
20230128
+ document XF, kxIN and kxOUT -TD
+ add note on sun/wscons/cmdtool/shelltool -TD
+ modify configure script check for pkg-config library directory to
take into account an older version 0.15.0 which used PKG_CONFIG_PATH
but not PKG_CONFIG_LIBDIR
commit e77cf69b15dd67620b82a501c23d239e2b1ab858
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 22 08:16:30 2023 +0100
Import upstream patch 20230121
20230121
+ correct limit-check when dumping tc/use clause via tic -I (report by
Gabriel Ravier).
+ correct a check for manpage-alias in edit_man.sh, to work with out of
tree builds (report by Sven Joachim).
commit d9a7c99c014ea4b2b2442175e31c32d9b09dddf2
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 15 08:31:14 2023 +0100
Import upstream patch 20230114
20230114
+ change RV to XR/xr, to avoid conflict with pre-existing usage in vim,
to use RV/rv to denote DA2 and its response (discussion with Bram
Moolenaar) -TD
+ add XF flag to xterm+focus so that termcap applications can be aware
of terminals which may support focus in/out -TD
+ use xterm+focus in xterm-p370 and tmux -TD
+ improve configure-script macros vs compiler warnings.
commit c931d964af3153fa11d47eaedcaa590fbc0fce2b
Author: Sven Joachim <svenjoac@gmx.de>
Date: Sun Jan 8 08:31:09 2023 +0100
Import upstream patch 20230107
20230107
+ add --with-abi-altered configure option (prompted by discussion with
Brian Inglis).
+ add BSD erase2 to characters handled by tset/reset.
+ improve configure-script macros vs compiler warnings.
+ regenerate configure scripts with autoconf 2.52.20221202
+ add RV report+version (suggested by Bram Moolenaar).
+ add comment to bracketed+paste explaining that vim patch 9.0.1117 is
needed for use with the updated xterm descriptions (suggested by Bram
Moolenaar).
