Package name
rxvt
Date
2008-08-07
Advisory ID
MDVSA-2008:161
Affected versions
CS4.0 i586 , CS4.0 x86_64 , 2008.0 i586 , 2007.1 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , 2007.1 x86_64

Problem description

A vulnerability in rxvt allowed it to open a terminal on :0 if the
environment variable was not set, which could be used by a local user
to hijack X11 connections (CVE-2008-1142).

The updated packages have been patched to correct this issue.

Updated packages

CS4.0 i586

 500e79ac86c14861a69c2bf8c72f0325  corporate/4.0/i586/rxvt-2.7.10-13.1.20060mlcs4.i586.rpm
 e4d09a0e068739291785382d215ef80d  corporate/4.0/i586/rxvt-CJK-2.7.10-13.1.20060mlcs4.i586.rpm 
 889447e164e762ea80a1b64de69e5a15  corporate/4.0/SRPMS/rxvt-2.7.10-13.1.20060mlcs4.src.rpm

CS4.0 x86_64

 186d8735347752199a6da2f369bf7f93  corporate/4.0/x86_64/rxvt-2.7.10-13.1.20060mlcs4.x86_64.rpm
 fab3e425e1d0d39a298c0000203a7ebb  corporate/4.0/x86_64/rxvt-CJK-2.7.10-13.1.20060mlcs4.x86_64.rpm 
 889447e164e762ea80a1b64de69e5a15  corporate/4.0/SRPMS/rxvt-2.7.10-13.1.20060mlcs4.src.rpm

2008.0 i586

 1ffd0f19c9b1f4e3aaf754ecf93add8e  2008.0/i586/rxvt-2.7.10-16.1mdv2008.0.i586.rpm
 4b5fb452195f84baeb32cb5a34621a65  2008.0/i586/rxvt-CJK-2.7.10-16.1mdv2008.0.i586.rpm 
 8cb62791b100d1d29139755da8395385  2008.0/SRPMS/rxvt-2.7.10-16.1mdv2008.0.src.rpm

2007.1 i586

 57b033071ca6cf454e53679cfc946215  2007.1/i586/rxvt-2.7.10-16.1mdv2007.1.i586.rpm
 987dfd1fc331f8047320a567205f2b0e  2007.1/i586/rxvt-CJK-2.7.10-16.1mdv2007.1.i586.rpm 
 22d14c838873f3a5a12953ddc80b379f  2007.1/SRPMS/rxvt-2.7.10-16.1mdv2007.1.src.rpm

CS3.0 x86_64

 149aef5a3dab942e78e2fb96d7bde221  corporate/3.0/x86_64/rxvt-2.7.10-9.1.C30mdk.x86_64.rpm
 5665b6aca60cb592bccd67cb99cafec2  corporate/3.0/x86_64/rxvt-CJK-2.7.10-9.1.C30mdk.x86_64.rpm 
 ded480e4d648c4639d90de1ac2de935d  corporate/3.0/SRPMS/rxvt-2.7.10-9.1.C30mdk.src.rpm

2008.0 x86_64

 4cfc1a35513ec7132f824451c7c8acf2  2008.0/x86_64/rxvt-2.7.10-16.1mdv2008.0.x86_64.rpm
 d2ecb0199b0077ade4c0547288b94517  2008.0/x86_64/rxvt-CJK-2.7.10-16.1mdv2008.0.x86_64.rpm 
 8cb62791b100d1d29139755da8395385  2008.0/SRPMS/rxvt-2.7.10-16.1mdv2008.0.src.rpm

CS3.0 i586

 cb6ac4354c0d8318a601763eb1bfdbfa  corporate/3.0/i586/rxvt-2.7.10-9.1.C30mdk.i586.rpm
 eebcd4d9b19b4d0656212c6e4d0541da  corporate/3.0/i586/rxvt-CJK-2.7.10-9.1.C30mdk.i586.rpm 
 ded480e4d648c4639d90de1ac2de935d  corporate/3.0/SRPMS/rxvt-2.7.10-9.1.C30mdk.src.rpm

2008.1 x86_64

 35b3cfabfb394776cae6c0b1a10ab964  2008.1/x86_64/rxvt-2.7.10-17.1mdv2008.1.x86_64.rpm
 a3da3ba50a830441972b2543ed67827a  2008.1/x86_64/rxvt-CJK-2.7.10-17.1mdv2008.1.x86_64.rpm 
 ba19748c3c818b097c5f67d00ae43134  2008.1/SRPMS/rxvt-2.7.10-17.1mdv2008.0.src.rpm

2008.1 i586

 71568160ba7e7b8a0491d519c7831681  2008.1/i586/rxvt-2.7.10-17.1mdv2008.1.i586.rpm
 49d36222b49e6259a119aa60d94f6ef6  2008.1/i586/rxvt-CJK-2.7.10-17.1mdv2008.1.i586.rpm 
 ba19748c3c818b097c5f67d00ae43134  2008.1/SRPMS/rxvt-2.7.10-17.1mdv2008.0.src.rpm

2007.1 x86_64

 1aa9086c284832ff0d8bea0df49b2dc0  2007.1/x86_64/rxvt-2.7.10-16.1mdv2007.1.x86_64.rpm
 526300e80d46b885b4c0c2a7f89e5713  2007.1/x86_64/rxvt-CJK-2.7.10-16.1mdv2007.1.x86_64.rpm 
 22d14c838873f3a5a12953ddc80b379f  2007.1/SRPMS/rxvt-2.7.10-16.1mdv2007.1.src.rpm

References