Oval Definition:oval:com.redhat.rhsa:def:20090018
Revision Date:2009-01-07Version:641
Title:RHSA-2009:0018: xterm security update (Important)
Description:The xterm program is a terminal emulator for the X Window System.

  • A flaw was found in the xterm handling of Device Control Request Status String (DECRQSS) escape sequences. An attacker could create a malicious text file (or log entry, if unfiltered) that could run arbitrary commands if read by a victim inside an xterm window. (CVE-2008-2383)

    All xterm users are advised to upgrade to the updated package, which contains a backported patch to resolve this issue. All running instances of xterm must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-2383
    RHSA-2009:0018
    RHSA-2009:0018-01
    RHSA-2009:0018-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND xterm is earlier than 0:179-11.EL3
  • AND xterm is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND xterm is earlier than 0:192-8.el4_7.2
  • AND xterm is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND xterm is earlier than 0:215-5.el5_2.2
  • AND xterm is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND xterm is earlier than 0:179-11.EL3
  • AND xterm is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND xterm is earlier than 0:192-8.el4_7.2
  • AND xterm is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND xterm is earlier than 0:215-5.el5_2.2
  • AND xterm is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND xterm is earlier than 0:192-8.el4_7.2
  • AND xterm is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND xterm is earlier than 0:215-5.el5_2.2
  • AND xterm is signed with Red Hat redhatrelease2 key
    • BACK