… | |
… | |
45 | |
45 | |
46 | TODO: rclock horribly time-biased |
46 | TODO: rclock horribly time-biased |
47 | TODO: rclock iso mode? |
47 | TODO: rclock iso mode? |
48 | |
48 | |
49 | TODO: printf "\e[4:3m" - "undercurl" - should probbaly be interpreted as underline, rather than \e[43m |
49 | TODO: printf "\e[4:3m" - "undercurl" - should probbaly be interpreted as underline, rather than \e[43m |
50 | TODO: pkg-config to find Xext |
|
|
51 | |
50 | |
52 | - implement a fix for CVE-2022-4170 (reported and analyzed by David Leadbeater). |
51 | - implement a fix for CVE-2022-4170 (reported and analyzed by David Leadbeater). |
53 | While present in version 9.30, it should not be exploitable. It is exploitable |
52 | While present in version 9.30, it should not be exploitable. It is exploitable |
54 | in versions 9.25 and 9.26, at least, and allows anybody controlling output to |
53 | in versions 9.25 and 9.26, at least, and allows anybody controlling output to |
55 | the terminal to execute arbitrary code in the urxvt process. |
54 | the terminal to execute arbitrary code in the urxvt process. |