Re: [oss-security] xterm terminal crash due to malicious character sequences in file name

Hi Erik, On 2025-08-17 16:09:37 +0200, Erik Auerswald wrote: > On Sun, Aug 17, 2025 at 03:09:58AM +0200, Vincent Lefevre wrote: > > I see this more than a feature, at least in the case the output > > is done to a terminal. As a general rule, programs are expected > > to sa

Re: [oss-security] xterm terminal crash due to malicious character sequences in file name

, Aug 13, 2025 at 07:00:58PM +0200, Vincent Lefevre wrote: > > > The following makes the xterm terminal crash > > > > > > touch "$(printf "file\e[H\e[c\n\b")" > > > gunzip file* > > > > > > due to malicious character sequ

[oss-security] xterm terminal crash due to malicious character sequences in file name

The following makes the xterm terminal crash touch "$(printf "file\e[H\e[c\n\b")" gunzip file* due to malicious character sequences in the file name and a bug in xterm. Same issue with bunzip2 instead of gunzip. Note that in practice, such a file name is not necessarily created by the end us

Re: [oss-security] CVE-2025-55188: 7-Zip: Arbitrary file write on extraction, may lead to code execution

On 2025-08-09 22:55:14 -0700, lunbun wrote: > If, say, the archive is extracted to `/tmp` and the CWD is `/tmp`, then > yes, the best an attacker can do is guess the user's login name. There are other issues with /tmp. If I understand correctly, the attacker could create /tmp/config.guess and /tmp

[oss-security] StarDict sends the user's X11 selection to the network

With some plugins, StarDict sends the user's X11 selection from other applications to some servers: dict.youdao.com and dict.cn (both Chinese servers). This happens *by default* under Debian testing (future Debian 13) at least, without any warning. These plugins are installed and enabled automatic

Re: [oss-security] Re: CVE-2025-40909: Perl threads have a working directory race condition where file operations may target unintended paths

[Resending, I had dropped perl5-porters by mistake, sorry.] On 2025-06-02 20:06:40 +0200, Florian Weimer wrote: > * Leon Timmermans: > > > On Mon, Jun 2, 2025 at 10:22 AM Florian Weimer via perl5-porters > > wrote: > >> > >> * Stig Palmquist: > >> > >> > References > >> > -- > >> > https

Re: [oss-security] Re: CVE-2025-40909: Perl threads have a working directory race condition where file operations may target unintended paths

On 2025-06-02 20:06:40 +0200, Florian Weimer wrote: > * Leon Timmermans: > > > On Mon, Jun 2, 2025 at 10:22 AM Florian Weimer via perl5-porters > > wrote: > >> > >> * Stig Palmquist: > >> > >> > References > >> > -- > >> > https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b3099445

[oss-security] Perl 5.40 dir dup bug with threading: security consequences

Hi, In February, I reported the following bug in perl: https://github.com/Perl/perl5/issues/23010 The issue is that under some conditions, perl temporarily changes the current working directory at a thread creation, which affects the other threads as a consequence: file accesses related to the