Debian Bug report logs -
#982439
xterm: CVE-2021-27135: crash when selecting specially crafted UTF-8 character sequence
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#982439; Package src:xterm.
(Wed, 10 Feb 2021 10:33:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, Debian X Strike Force <debian-x@lists.debian.org>.
(Wed, 10 Feb 2021 10:33:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: xterm
Version: 365-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi
See https://www.openwall.com/lists/oss-security/2021/02/09/7 which was
a followup to the screen issue.
Upstream said that there will be shortly a patch released (#366), cf.
https://www.openwall.com/lists/oss-security/2021/02/09/9
Regards,
Salvatore
Changed Bug title to 'xterm: CVE-2021-27135: crash when selecting specially crafted UTF-8 character sequence' from 'xterm: crash when selecting specially crafted UTF-8 character sequence'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Wed, 10 Feb 2021 16:03:06 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian X Strike Force <debian-x@lists.debian.org>:
Bug#982439; Package src:xterm.
(Thu, 11 Feb 2021 05:39:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian X Strike Force <debian-x@lists.debian.org>.
(Thu, 11 Feb 2021 05:39:03 GMT) (full text, mbox, link).
Message #12 received at 982439@bugs.debian.org (full text, mbox, reply):
Control: tags -1 + fixed-upstream
Hi,
On Wed, Feb 10, 2021 at 11:28:43AM +0100, Salvatore Bonaccorso wrote:
> Source: xterm
> Version: 365-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
>
> Hi
>
> See https://www.openwall.com/lists/oss-security/2021/02/09/7 which was
> a followup to the screen issue.
>
> Upstream said that there will be shortly a patch released (#366), cf.
> https://www.openwall.com/lists/oss-security/2021/02/09/9
This is now adressed:
https://invisible-island.net/xterm/xterm.log.html#xterm_366
Regards,
Salvatore
Added tag(s) fixed-upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to 982439-submit@bugs.debian.org.
(Thu, 11 Feb 2021 05:39:03 GMT) (full text, mbox, link).
Marked as found in versions xterm/344-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Thu, 11 Feb 2021 05:51:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Thu Feb 11 08:02:38 2021;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon