A denial of service flaw was found in the way VTE, a terminal emulator widget, processed certain escape sequences with large repeat counts. A remote attacker could provide a specially-crafted file, which once opened in a terminal using the VTE terminal emulator could lead to excessive CPU consumption. References: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673871#5 [2] https://bugzilla.gnome.org/show_bug.cgi?id=676090 [3] http://git.gnome.org/browse/vte/commit/?id=feeee4b5832b17641e505b7083e0d299fdae318e [4] http://ftp.gnome.org/pub/GNOME/sources/vte/0.32/vte-0.32.2.news [5] http://www.openwall.com/lists/oss-security/2012/05/22/6
Created vte tracking bugs for this issue Affects: fedora-all [bug 832357]
A CVE identifier of CVE-2012-2738 has been assigned to this issue: http://www.openwall.com/lists/oss-security/2012/06/15/11
vte-0.28.2-6.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
vte-0.28.2-6.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.