On 2021-03-13 17:27 +0000, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2021-03-07 at 18:21 +0100, Sven Joachim wrote: >> On 2021-02-18 17:54 +0100, Sven Joachim wrote: > [...] >> > I would like to fix bug #982439/CVE-2021-27135[1] in Buster, a >> > potential >> > DoS against xterm when the user selects specially crafted >> > text. The fix >> > is already in testing and applies unmodified to the version in >> > Buster, >> > the code in question had not seen any changes since then. The >> > xterm >> > package in Stretch-LTS has also already been patched. >> >> It turned out that the patch was insufficient and introduced new >> problems reported in bug #984615. Fortunately, upstream had already >> fixed it in xterm 365e/366. >> >> Please find an updated debdiff attached, with it the SaltTextAway() >> function in question is identical to the one in xterm 366 >> (bullseye/sid). Apologies for not having tested the initial patch >> thoroughly enough. >> > > Please go ahead.
Thanks, uploaded.
Cheers,
Sven
signature.asc
Description: PGP signature
