Bug#983051: buster-pu: package xterm/344-1+deb10u1

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

Control: tags -1 + confirmed

On Sun, 2021-03-07 at 18:21 +0100, Sven Joachim wrote:
> On 2021-02-18 17:54 +0100, Sven Joachim wrote:
[...]
> > I would like to fix bug #982439/CVE-2021-27135[1] in Buster, a
> > potential
> > DoS against xterm when the user selects specially crafted
> > text.  The fix
> > is already in testing and applies unmodified to the version in
> > Buster,
> > the code in question had not seen any changes since then.  The
> > xterm
> > package in Stretch-LTS has also already been patched.
> 
> It turned out that the patch was insufficient and introduced new
> problems reported in bug #984615.  Fortunately, upstream had already
> fixed it in xterm 365e/366.
> 
> Please find an updated debdiff attached, with it the SaltTextAway()
> function in question is identical to the one in xterm 366
> (bullseye/sid).  Apologies for not having tested the initial patch
> thoroughly enough.
> 

Please go ahead.

Regards,

Adam