Hanterm is a replacement for xterm, a X Window System terminal emulator,
that supports Hangul input and output.
A flaw was found in the Hanterm handling of Device Control Request Status
String (DECRQSS) escape sequences. An attacker could create a malicious
text file (or log entry, if unfiltered) that could run arbitrary commands
if read by a victim inside a Hanterm window. (CVE-2008-2383)
All hanterm-xf users are advised to upgrade to the updated package, which
contains a backported patch to resolve this issue. All running instances of
hanterm must be restarted for the update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | hanterm-xf | < 2.0.5-5.AS21.2 | hanterm-xf-2.0.5-5.AS21.2.ia64.rpm |
RedHat | any | i386 | hanterm-xf | < 2.0.5-5.AS21.2 | hanterm-xf-2.0.5-5.AS21.2.i386.rpm |