security update for xterm needed
Horst H. von Brand
vonbrand at inf.utfsm.cl
Tue Jan 6 14:36:17 UTC 2009
Christoph Höger <choeger at cs.tu-berlin.de> wrote:
> I will file a bug becasue of this, but you should be sure to update
> xterm asap, if you use it:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030
>
> I testet on fedora 10 accordign to
> http://www.heise.de/newsticker/Terminal-Emulator-xterm-fuehrt-untergeschobene-Befehle-aus--/meldung/121196
> (sorry, german)
>
> I tried:
>
> [choeger at choeger5 ~]$ perl -e 'print "\eP\$q\nwhoami\n\e\\"' > bla.log
>
> and in xterm:
>
> [choeger at choeger5 ~]$ cat bla.log
> ^[P0$r
>
> whoami
>
> ^[\[choeger at choeger5 ~]$
> [choeger at choeger5 ~]$ whoami
> choeger
> [choeger at choeger5 ~]$
> [choeger at choeger5 ~]$
>
> As you can see, its valid.
This is bog-standard VT100 behaviour, AFAIKS.
--
Dr. Horst H. von Brand User #22616 counter.li.org
Departamento de Informatica Fono: +56 32 2654431
Universidad Tecnica Federico Santa Maria +56 32 2654239
Casilla 110-V, Valparaiso, Chile 2340000 Fax: +56 32 2797513
More information about the fedora-devel-list
mailing list