| Name | CVE-2005-0023 |
| Description | gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| Debian Bugs | 329156, 330907 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| vte (PTS) | jessie, stretch | 1:0.28.2-5 | vulnerable |
| trixie, buster, bullseye, bookworm | 1:0.28.2-6 | vulnerable |
| sid | 1:0.28.2-6.1 | vulnerable |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| gnome-libs | source | (unstable) | (unfixed) | unimportant | | 329156 |
| vte | source | (unstable) | (unfixed) | unimportant | | 330907 |
Notes
Not considered a security problem, see #329156