ELA 363-1 backported a part of the upstream patch which fails to deal with the realloc failures in Debian stretch. This update reverts that part of the patch since it’s not really needed and just focuses on fixing CVE-2021-27135.
For Debian 8 jessie, these problems have been fixed in version 312-2+deb8u2.
We recommend that you upgrade your xterm packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/