package/xterm: security bump to patch 376

Fixes the following security issue:

CVE-2022-45063: xterm before 375 allows code execution via font ops, e.g.,
because an OSC 50 response may have Ctrl-g and therefore lead to command
execution within the vi line-editing mode of Zsh:

https://www.openwall.com/lists/oss-security/2022/11/10/1

Additionally, patch 376 fixes a null pointer access issue:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022942

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0cc7c63f91ffadb0835bb57cdb7bfffdf7803add)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xterm/xterm.hash

@@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256  32f888277b19e28ebc0a3112bff000607c07bed0679caa0beebb36f9cad484f5  xterm-371.tgz
+sha256  1e5bb7aad068fb31d6d3cbb77f80c7ad1526cd4c956a4ddcf2c5cf28af5334e1  xterm-376.tgz
 # Locally calculated
 sha256  9521ef761474cd31ea406f56a751646a7b42a9287cdc6f2f8e52ed4c4d2a73e7  COPYING

package/xterm/xterm.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-XTERM_VERSION = 371
+XTERM_VERSION = 376
 XTERM_SOURCE = xterm-$(XTERM_VERSION).tgz
 XTERM_SITE = http://invisible-mirror.net/archives/xterm
 XTERM_DEPENDENCIES = ncurses xlib_libXaw host-pkgconf