[SECURITY] [DLA 2671-1] rxvt-unicode security update

Utkarsh Gupta Sun, 30 May 2021 06:02:44 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2671-1              [email protected]
https://www.debian.org/lts/security/                      Utkarsh Gupta
May 30, 2021                                https://wiki.debian.org/LTS
- -----------------------------------------------------------------------


Package        : rxvt-unicode
Version        : 9.22-1+deb9u1
CVE ID         : CVE-2021-33477
Debian Bug     : 988763

rxvt-unicode allow (potentially remote) code execution because of
improper handling of certain escape sequences (ESC G Q). A response is
terminated by a newline.

For Debian 9 stretch, this problem has been fixed in version
9.22-1+deb9u1.

We recommend that you upgrade your rxvt-unicode packages.

For the detailed security status of rxvt-unicode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/rxvt-unicode

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmCzjIoACgkQgj6WdgbD
S5YM3A//SDhxz5wYVW6meqVlyt6arkFIksL5c0m37ewS2BqSc06VYx5UVy4uSd1f
TOl5/AUP4LgfoV/CMedkKnQjrTaNRdoENaSBpiKilVk+7YFZwiWloyITsxFCsAij
OGVQ8RPeUXCFUtllD6ZuDcvNsxmEPsSSHw660TTv7lI4iMBEcbR29jEsEwn5hk/Q
Wa18dMiGcF8WKshmS9o2RLBRQp/O1x+qu7JwgWespWS4lUFWC5IyQEkjIplkBz+k
4ImSEeX+G8SLgP7Vv0ODfcnpczJBK0cQvX6uaJk8aL6tMaeYz8qFFHRIsj+ce6p7
z8FQ1dZZ8bneeXT67gu49tsMDzBzygrKd2oEn1QyhT+fpPO76ojpfdnm7zxm/lJJ
1eerMSxEO6/5l0q4KBZ1tSnXiQ59oB1bk4WiZhh1MBLj0nIKYZhVO47u8MxaUQY0
PjxzDwXw3k/DEi9Oyj14afubFxYVQE5RmEdcf+3BdINM02S6x4qXGauvSkZzlVOw
NBMrBG3VLBcuL41vC/4jghLWYDPGybfOgGV91iHEeTaOgmKhjJQPeU1TjeKRkENo
+3ySAp7cKuEvK+99Mg9tjN0jqESaqlfj4ds0jdyEaD0DsWe9P7f7zPYixo3lOtMd
v2JJYF6epgikaBAaPyBzb5K35yYOoBYMkDUb/HJ/O3jr79AlbHM=
=sSnN
-----END PGP SIGNATURE-----

[SECURITY] [DLA 2671-1] rxvt-unicode security update

Reply via email to