Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences (CVE-2008-2383). As an additional precaution, this security update also disables font changing, user-defined keys, and X property changes through escape sequences. For the stable distribution (etch), this problem has been fixed in version 222-1etch3. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your xterm package.
Paul Szabo discovered that xterm, a terminal emulator for the X Window System, places arbitrary characters into the input buffer when displaying certain crafted escape sequences (CVE-2008-2383).
As an additional precaution, this security update also disables font changing, user-defined keys, and X property changes through escape sequences.
For the stable distribution (etch), this problem has been fixed in version 222-1etch4.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your xterm package.
MD5 checksums of the listed files are available in the original advisory.