Control: severity -1 normal
On Mon, 17 Mar 2025 15:48:56 +0100 Vincent Lefevre
wrote:
> Package: screen
> Version: 4.9.1-1
> Severity: grave
> Justification: user security hole
>
> + possible data loss via a symlink attack
>
> The hardcopy (C-a h) in screen works in the following way:
>
> │ ha
On Fri, 28 Mar 2025 14:59:50 -0400 =?utf-8?Q?Antoine_Beaupr=C3=A9?=
wrote:
> On 2025-03-17 15:48:56, Vincent Lefevre wrote:
> > + possible data loss via a symlink attack
> > The screen-exchange feature (">" in copy mode) is also insecure:
> Is it worth keeping screen in Debian at all?
i switche
user debian-rele...@lists.debian.org
usertag 1100699 + bsp-2025-03-ca-montreal
thank you
On 2025-03-17 15:48:56, Vincent Lefevre wrote:
> Package: screen
> Version: 4.9.1-1
> Severity: grave
> Justification: user securi
On 2025-03-29 02:38:26, Vincent Lefevre wrote:
[...]
> I don't know what you mean by that, but there should be a HOWTO
> to tell users how to switch from screen to tmux. In particular,
> each user may have his own .screenrc file, so that a default
> profile might not be very useful. The most comp
On 2025-03-28 14:59:50 -0400, Antoine Beaupré wrote:
> That bug report refers to:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=48 which is marked
>
> as fixed in 2007.
>
> It is, presumably, not fixed?
Well, in the changelog, the fix is just:
Don't create /tmp/screen-exchange wi
Package: screen
Version: 4.9.1-1
Severity: grave
Justification: user security hole
+ possible data loss via a symlink attack
The hardcopy (C-a h) in screen works in the following way:
│ hardcopydir directory
│
│ Defines a directory where hardcopy files will be placed. If unset,
│ hardcopys are d
6 matches
Mail list logo
