On 2015-03-01 23:08:13 +0100, Julien Cristau wrote: > I don't think bad handling of a command line option qualifies, there's > no trust boundary to breach there afaict?
I don't understand. Command line options could come from an external source, after some filtering on the acceptable values (regarded as safe). Moreover it happens that here the buffer overflow was detected immediately, but problems may be more important if xterm continued with corrupted memory and uncontrolled effects. -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150302013833.gc24...@xvii.vinc17.org
