Control: tags -1 + confirmed On Sun, 2021-03-07 at 18:21 +0100, Sven Joachim wrote: > On 2021-02-18 17:54 +0100, Sven Joachim wrote: [...] > > I would like to fix bug #982439/CVE-2021-27135[1] in Buster, a > > potential > > DoS against xterm when the user selects specially crafted > > text. The fix > > is already in testing and applies unmodified to the version in > > Buster, > > the code in question had not seen any changes since then. The > > xterm > > package in Stretch-LTS has also already been patched. > > It turned out that the patch was insufficient and introduced new > problems reported in bug #984615. Fortunately, upstream had already > fixed it in xterm 365e/366. > > Please find an updated debdiff attached, with it the SaltTextAway() > function in question is identical to the one in xterm 366 > (bullseye/sid). Apologies for not having tested the initial patch > thoroughly enough. >
Please go ahead. Regards, Adam