Context Navigation

← Previous Ticket
Next Ticket →

#19897 closed enhancement (fixed)

vte-0.76.3

Reported by:	Bruce Dubbs	Owned by:	Douglas R. Reno
Priority:	elevated	Milestone:	12.2
Component:	BOOK	Version:	git
Severity:	normal	Keywords:
Cc:

Description ¶

New point version.

Change History (5)

comment:1 by Douglas R. Reno, 11 months ago

Owner:	changed from blfs-book to Douglas R. Reno
Status:	new → assigned

comment:2 by Douglas R. Reno, 11 months ago

There are two commits in this release:

widget: Add safety limit to widget size requests
emulation: Restrict resize request to sane numbers

comment:3 by Douglas R. Reno, 11 months ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at 185abbc6ccb1546dc3b9f2c4d3bf2aecd6bf03af

comment:4 by Douglas R. Reno, 10 months ago

Priority:	normal → elevated

It looks like the two commits up there are related to CVE-2024-37535. The description:

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory 
consumption) via a window resize escape sequence, a related issue to CVE-2000-0476.

I'll file a security advisory later today.

comment:5 by Douglas R. Reno, 10 months ago

SA-12.1-060 issued

Note: See TracTickets for help on using tickets.

Download in other formats: