Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Slackware: 2021-086-01 Critical: Xterm Remote Code Execution Advisory

slackware
Calendar Grey March 27, 2021
Dist Slackware Esm H88
Recent updates to xterm packages in Slackware address vulnerabilities related to potential remote code execution and denial of service, thereby enhancing overall system protection.
New xterm packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/xterm-367-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue: xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. For more information, see: https://www.cve.org/CVERecord?id=CVE-2021-27135 (* Security fix *)

Topics%20covered

Topics Covered

security advisory denial of service critical remote code execution slackware xterm

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/xterm-367-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/xterm-367-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/xterm-367-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/xterm-367-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/xterm-367-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp...

Read the Full Advisory

MD5 Signatures

Slackware 14.0 package: 07381abe1845c3dba65612247cf870af xterm-367-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 5a5c338c56b58026cf5be6f27113125b xterm-367-x86_64-1_slack14.0.txz
Slackware 14.1 package: 131d47f4ba7e053aa0f0eac01e231845 xterm-367-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 81f1c0588598c6a0e7f353502928e721 xterm-367-x86_64-1_slack14.1.txz
Slackware 14.2 package: df159890bf2fa7fcf03de7729a9f64b1 xterm-367-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 47300511f8b07d98016192c486545cf9 xterm-367-x86_64-1_slack14.2.txz
Slackware -current package: 103e2dfaf477324b2bb9a9fff21a94d5 x/xterm-367-i586-1.txz
Slackware x86_64 -current package: d3eb8ed3dc3c3ede1ff50e430db03a0f x/xterm-367-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory denial of service critical remote code execution slackware xterm

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg xterm-367-i586-1_slack14.2.txz

Related News

Your message here