On Wed, Apr 01, 2009 at 02:28:24PM -0700, Adam Lazur wrote:
> Moritz Muehlenhoff (j...@inutil.org) said:
> > Hi,
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521123 has been assigned
> > CVE-2009-1215 and CVE-2009-1214.
> >
> > Can you tell us under what circumstances /tmp/screen-exchange is created,
> > so that the risk/required action can be estimated?
>
> writebuf and readbuf (bound to C-a < and C-a >)
>
> It's used by some people to transfer buffers between different screen
> processes.
>
> In practice, I don't know of anyone who regularly uses this... but the
> screen user community is large and ridiculously strange/diverse.
Ok, can you or Jan Christop provide updated packages for oldstable-security
and stable-security?
Cheers,
Moritz
