Description of problem: xterm has a security hole that allows attackes to modify files that are displayed in xterm in a way that causes xterm to execute arbitrary commands Version-Release number of selected component (if applicable): xterm-237-1.fc10.i386 How reproducible: always Steps to Reproduce: 1. open xterm 2. perl -e 'print "\eP\$q\nwhoami\n\e\\"' > bla.log 3. cat bla.log Actual results: whoami is executed Expected results: that should not happen Additional info: see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030 there seems to be a patch
xterm-238-1.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/xterm-238-1.fc10
xterm-238-1.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/xterm-238-1.fc9
xterm-238-1.fc8 has been submitted as an update for Fedora 8. http://admin.fedoraproject.org/updates/xterm-238-1.fc8
xterm-238-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
xterm-238-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
xterm-238-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.