severity 200857 normal thanks On Fri, Jul 11, 2003 at 11:52:19AM +0100, Daniel Silverstone wrote: > Package: xterm > Version: 4.2.1-9 > Severity: important > > With the most recent update I performed to my laptop, xterm has ceased > responding in any way to the dtterm sequence > > ESC [ 2 1 t > > Which should cause xterm to respond on the pty with the OSI sequence for > the current xterm's title. > > This causes various programs to lock-up unless you invoke them with TERM set > to something non xtermish. One such program is dbishell. > > If xterm's functionality in this respect was disabled as it was in PuTTY's > terminal emulator, then could we please have some documentation on how to > re-enable it if we want to?
This change was deliberate, because the behavior of that escape sequence
is regarded as a security vulnerability.
The package changelog for XFree86 4.2.1-9 says the following:
* patch #093: new; SECURITY: disable window title reporting to work around
potentially malicious text being spewed to terminal window
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0063>
Please read the linked URL for more information.
--
G. Branden Robinson | One doesn't have a sense of humor.
Debian GNU/Linux | It has you.
[EMAIL PROTECTED] | -- Larry Gelbart
http://people.debian.org/~branden/ |
pgp00000.pgp
Description: PGP signature
