Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#14 Bugtraq Security Hole Fixes?

closed
Geoff Wing
None
5
2003-04-01
2003-03-18
David Coulthart
No

On February 24, 2003, there was an announcement posted
to the Bugtraq mailing list detailing security
vulnerabilities in rxvt as well as other terminal
emulators
(http://www.securityfocus.com/archive/1/313007). There
were quite a few responses from the Eterm maintainers,
but I saw nothing from the rxvt developers. It appears
Red Hat took it upon themselves to simply disable the
vulnerable code in their updated rxvt packages for
their older distributions (8.0 doesn't carry rxvt any
more, and they updated the vulnerable vte much earlier,
although i'm not sure if it's a similar disable the
feature hack).

Is there any official response from the rxvt
developers? Will an appropriate fix be made available?

Discussion

  • Geoff Wing
    Geoff Wing
    2003-04-01

    • assigned_to: nobody --> gcw
    • status: open --> closed
     
  • Geoff Wing
    Geoff Wing
    2003-04-01

    Logged In: YES
    user_id=22709

    Fixed in 2.7.10