+++ This bug was initially created as a clone of Bug #212056 +++ From the screen-users mailing list: I've just released screen-4.0.3. This is not the promised next version with vertical split and other cool things, but just a security release that fixes two bugs in the utf8 combining characters handling. The bugs could be used to crash/hang screen by writing a special string to a window. The fixed version is (as usual) available via: ftp://ftp.uni-erlangen.de/pub/utilities/screen/screen-4.0.3.tar.gz Credits go to cstone & Rich Felker for finding the bugs. Kees Cook of Ubuntu analysed this issue and determined that it's likely an exploitable issue, but it's non trivial to exploit. This will require a fair amount of user interaction to exploit, thus the low severity. This issue also affects FC5
Now I make it for devel. I'll update FC-6 soon.