[SECURITY] [DLA 2913-1] xterm security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2913-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Utkarsh Gupta
February 07, 2022 https://wiki.debian.org/LTS
- -----------------------------------------------------------------------
Package : xterm
Version : 327-2+deb9u2
CVE ID : CVE-2022-24130
Debian Bug : 1004689
xterm, an X terminal emulator, when Sixel support is enabled, allows
attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c
via crafted text.
For Debian 9 stretch, this problem has been fixed in version
327-2+deb9u2.
We recommend that you upgrade your xterm packages.
For the detailed security status of xterm please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xterm
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmIBY68ACgkQgj6WdgbD
S5Y2CQ//WrBB+RvSy/W8YPAd9HGehSDwDVv0H+HccFvNQa/aqOOXa4hpUqN8nqmG
s8FTQxX3S7ncGdtVqXLV4Z1AdkHNyqMKzjHsRxn7ef4Jamcb7zQlzoFzNTapSXOc
hnHOBVaVzGLhdBJfEGgMRpr7WQnMbjCev3NYRdN5D5+Pdjh6eLD0zqRv+/C/G9kG
S92MXuKFesBk64Cdl8DpeTA4GdLdboQvshq6rBbBTjLfbgn/336E028Dw3c6WD1t
wFIMtPgLqXplGpqXhRDXfRbDkZJO9e0d8oT/SG8RSiBVyf7GBnQMWrw+pOKYqiaK
KDsuadCCEOQddHgxn+sAVpl+3NCE6MBdZdmV33F5a5J5Ls2G5jm76BoKaKSFAUch
/M5A4xRHofl9ODW/73XvnIX5OlnJ74x7D1hssuxNAVqyPIkHH2Y3VMLZ6SKMLyg/
W4Fp7ZYknkmfaXiv5g9+cOScdwtI1skGv0s/OblnkvrCThL7hanc0mDgeKMnz/gO
MApnwbRZGlDJsFeLiocTPXf2xg/kDVBg2LgiXfocLNLJxg5SOpplhoijarGO+sAc
ahQDbV7GV+87iJstOvtQjB4V263XLbe4RzSZtfMCR4KCzWv2HBGKoewFKtoEkg8f
6t4gGxDfevz+/9AQAPrqbeTmGAem5FU0uUvAQxnGxscsPIrgevw=
=ANG/
-----END PGP SIGNATURE-----
Reply to: