On 2015-03-02 02:38 +0100, Vincent Lefevre wrote:
> Moreover it happens that here the buffer overflow was detected
> immediately,
Which has apparently been the case for over three years, since I can
reproduce the problem with wheezy's xterm. This probably means that
very few people use this obsc
On 2015-03-01 23:08:13 +0100, Julien Cristau wrote:
> I don't think bad handling of a command line option qualifies, there's
> no trust boundary to breach there afaict?
I don't understand. Command line options could come from an external
source, after some filtering on the acceptable values (regar
On Sat, Feb 28, 2015 at 03:37:53 +0100, Vincent Lefevre wrote:
> Package: xterm
> Version: 312-1
> Severity: important
> Tags: security
>
> $ xterm -S/dev/pts/20
> *** buffer overflow detected ***: /usr/bin/xterm terminated
> === Backtrace: =
> /lib/x86_64-linux-gnu/libc.so.6(+0x731ff
On 2015-02-28 19:02 +0100, Thomas Dickey wrote:
> - Original Message -
> | From: "Sven Joachim"
> | To: "Thomas Dickey"
> | Cc: 779397-d...@bugs.debian.org, "Vincent Lefevre"
> | Sent: Saturday, February 28, 2015 12:51:13 PM
> | Subject
Processing commands for cont...@bugs.debian.org:
> tags 779397 fixed-in-experimental
Bug #779397 [xterm] xterm: buffer overflow with -S option
Added tag(s) fixed-in-experimental.
> --
Stopping processing here.
Please contact me if you need assistance.
--
779397: http://bugs.debian.org/cgi-bin/bu
On Sat, Feb 28, 2015 at 03:37:53AM +0100, Vincent Lefevre wrote:
> Package: xterm
> Version: 312-1
> Severity: important
> Tags: security
>
> $ xterm -S/dev/pts/20
> *** buffer overflow detected ***: /usr/bin/xterm terminated
This was fixed in #314, two months ago.
--
Thomas E. Dickey
http://i
Package: xterm
Version: 312-1
Severity: important
Tags: security
$ xterm -S/dev/pts/20
*** buffer overflow detected ***: /usr/bin/xterm terminated
=== Backtrace: =
/lib/x86_64-linux-gnu/libc.so.6(+0x731ff)[0x7f4de0b1b1ff]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f4de0b9e
7 matches
Mail list logo
