AXSA:2021-1518:01

Release date: 
Monday, February 22, 2021 - 03:50
Subject: 
xterm-331-1.el8.2
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.

Security Fix(es):

* xterm: crash when processing combining characters (CVE-2021-27135)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2021-27135
xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. xterm-331-1.el8.2.src.rpm
    MD5: 53d7a4c1257dfbb0123fce1b531cd2ab
    SHA-256: a5b0048c823b832effc5be01443178f2c3fb3abdd01ee086819bb23c2dbbe777
    Size: 1.26 MB

Asianux Server 8 for x86_64
  1. xterm-331-1.el8.2.x86_64.rpm
    MD5: f141024e5a84a6aa166a7f018983b454
    SHA-256: c89bd31f6af6e661e73a29e772c9175c3ace064c4aaa6a6ac3923a602cc7b6bc
    Size: 527.38 kB
  2. xterm-resize-331-1.el8.2.x86_64.rpm
    MD5: 49b624c9560f5dd024c1b9c3b70b1e22
    SHA-256: fdb448813da341e8e4dc5805af0fbe9a6bb283e6b035d6e78172bef6df71cec9
    Size: 37.33 kB
Copyright© 2007-2015 Asianux. All rights reserved.