[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution

* Peter Palfrader:

> On Fri, 02 Jan 2009, Florian Weimer wrote:
>> As an additional precaution, this security update also disables font
>> changing
> Is this really ncessary?  I use that feature a lot and I rely on it for
> most of my desktop setup.  What are other (scriptable) means to change
> font size from within an xterm?

In theory, it should be possible to do this with an Editres client.
Unfortunately, the only such client appears to be editres, which is
not scriptable.

We could backport the allowFontOps change from xterm 238, but we'd
need a tester for that.

Reply to: