ELA-561-1 xterm security update

buffer overflow

2022-02-07
Packagexterm
Version312-2+deb8u4
Related CVEs CVE-2022-24130


xterm, an X terminal emulator, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text.



For Debian 8 jessie, these problems have been fixed in version 312-2+deb8u4.

We recommend that you upgrade your xterm packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.