Release Info

Advisory: CLSA-2022:1669242003

OS: Ubuntu 16.04 ELS

Public date: 2022-11-23

Project: xterm

Version: 322-1ubuntu1.2+tuxcare.els1

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1669242003.html

Changelog

* SECURITY UPDATE: possible RCE when using OSC 50 sequence - debian/patches/CVE-2022-45063.patch: Improve error recovery when setting a bitmap font for the VT100 window, e.g., in case OSC 50 failed, restoring the most recent valid font so that a subsequent OSC 50 reports this correctly. - CVE-2022-45063 - debian/patches/extra_safety_to_string_comparison_functions.patch: Add NULL pointer checks in x_strcasecmp() and x_strncasecmp() to help with error recovery for a missing font.

Update

Update command: apt-get update apt-get --only-upgrade install xterm*

Packages list

xterm_322-1ubuntu1.2+tuxcare.els1_amd64.deb

CVEs

CVE-2022-45063