Opened 18 years ago
Closed 18 years ago
#2197 closed defect (fixed)
Screen security vulnerability
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | 6.2.0 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | screen security |
| Cc: |
Description ¶
Vulnerability identified in screen handling of UTF-8 characters. Fixed in new version, 4.0.3.
http://secunia.com/advisories/22583/
http://lists.gnu.org/archive/html/screen-users/2006-10/msg00028.html
The diff is tiny. I could probably paste it here, but you can download it. New release is not on the GNU ftp server yet.
http://ftp.uni-erlangen.de/pub/utilities/screen/screen-4.0.2-4.0.3.diff.gz
http://ftp.uni-erlangen.de/pub/utilities/screen/screen-4.0.3.tar.gz
Change History (3)
comment:1 by , 18 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 18 years ago
Note:
See TracTickets
for help on using tickets.
Just noticed that the screen description says that the UTF-8 support is not supported by LFS. Is this still true? It doesn't seem so. It certainly seems like I'm entering UTF-8 in my screen session and things are working OK.