*** This bug is a security vulnerability *** Public security bug reported:
screen <4.8.0 has a buffer overflow that can be triggered by program output. It doesn't seem to be clear yet how exploitable it is: https://nvd.nist.gov/vuln/detail/CVE-2020-9366 https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html 4.8.0 seems to have made its way into focal but not bionic. ** Affects: screen (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1915205 Title: CVE-2020-9366 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/screen/+bug/1915205/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
