On 2021-03-13 17:27 +0000, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2021-03-07 at 18:21 +0100, Sven Joachim wrote:
>> On 2021-02-18 17:54 +0100, Sven Joachim wrote:
> [...]
>> > I would like to fix bug #982439/CVE-2021-27135[1] in Buster, a
>> > potential
>> > DoS against xterm when the user selects specially crafted
>> > text. The fix
>> > is already in testing and applies unmodified to the version in
>> > Buster,
>> > the code in question had not seen any changes since then. The
>> > xterm
>> > package in Stretch-LTS has also already been patched.
>>
>> It turned out that the patch was insufficient and introduced new
>> problems reported in bug #984615. Fortunately, upstream had already
>> fixed it in xterm 365e/366.
>>
>> Please find an updated debdiff attached, with it the SaltTextAway()
>> function in question is identical to the one in xterm 366
>> (bullseye/sid). Apologies for not having tested the initial patch
>> thoroughly enough.
>>
>
> Please go ahead.
Thanks, uploaded.
Cheers,
Sven
Attachment:
signature.asc
Description: PGP signature