Bug#511516: hanterm-xf: Window title (DSA-380)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#511516: hanterm-xf: Window title (DSA-380)
From: Paul Szabo <psz@maths.usyd.edu.au>
Date: Mon, 12 Jan 2009 06:22:30 +1100
Message-id: <[🔎] 20090111192230.27547.27207.reportbug@p622.pc.maths.usyd.edu.au>
Reply-to: Paul Szabo <psz@maths.usyd.edu.au>, 511516@bugs.debian.org

Package: hanterm-xf
Version: 1:3.3.1p18-10
Severity: grave
Tags: security
Justification: user security hole

hanterm-xf does not seem vulnerable to DECRQSS (DSA-1694), but is
vulnerable to "window title" (DSA-380).

Cheers,

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-pk03.03-baby
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages hanterm-xf depends on:
ii  libc6                  2.3.6.ds1-13etch8 GNU C Library: Shared libraries
ii  libice6                1:1.0.1-2         X11 Inter-Client Exchange library
ii  libncurses5            5.5-5             Shared libraries for terminal hand
ii  libsm6                 1:1.0.1-3         X11 Session Management library
ii  libx11-6               2:1.0.3-7         X11 client-side library
ii  libxaw7                1:1.0.2-4         X11 Athena Widget library
ii  libxext6               1:1.0.1-2         X11 miscellaneous extension librar
ii  libxmu6                1:1.0.2-2         X11 miscellaneous utility library
ii  libxt6                 1:1.0.2-2         X11 toolkit intrinsics library

hanterm-xf recommends no packages.

-- no debconf information

Reply to:

Prev by Date: Devushka-mechta razdevaetsya
Next by Date: Processing of snownews_1.5.10-1_i386.changes
Previous by thread: Devushka-mechta razdevaetsya
Next by thread: Processing of snownews_1.5.10-1_i386.changes
Index(es):
- Date
- Thread