DSA-1694-1 xterm -- design flawID: oval:org.secpod.oval:def:600341 | Date: (C)2011-05-13 (M)2023-11-09 |
Class: PATCH | Family: unix |
Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences . As an additional precaution, this security update also disables font changing, user-defined keys, and X property changes through escape sequences. For the stable distribution , this problem has been fixed in version 222-1etch3. For the unstable distribution , this problem will be fixed soon. We recommend that you upgrade your xterm package.