Nom du paquet
aterm
Date
2008-10-29
Advisory ID
MDVSA-2008:221
Affected versions
CS3.0 i586 , CS3.0 x86_64

Problem description

A vulnerability in rxvt allowed it to open a terminal on :0 if the
environment variable was not set, which could be used by a local
user to hijack X11 connections (CVE-2008-1142). This issue also
affects aterm.

The updated packages have been patched to correct this issue.

Updated packages

CS3.0 i586

 7301be6e49535426d49e64d1255028e4  corporate/3.0/i586/aterm-0.4.2-3.1.C30mdk.i586.rpm 
 10d8859dec5f348141b56a40e21e7da5  corporate/3.0/SRPMS/aterm-0.4.2-3.1.C30mdk.src.rpm

CS3.0 x86_64

 8dae1abce15b0ac11e1b2b1dda84998d  corporate/3.0/x86_64/aterm-0.4.2-3.1.C30mdk.x86_64.rpm 
 10d8859dec5f348141b56a40e21e7da5  corporate/3.0/SRPMS/aterm-0.4.2-3.1.C30mdk.src.rpm

References