maemo.org Bugzilla – Bug 12647
vte: CVE-2012-2738: DoS
Last modified: 2012-08-10 16:02:47 UTC
You need to
before you can comment on or make changes to this bug.
allows remote authenticated users to cause a denial of service (long loop and
CPU consumption) via an escape sequence with a large repeat count value.
See https://bugzilla.gnome.org/show_bug.cgi?id=676090 and the related commits
Looking at http://gitorious.org/community-ssu/vte/blobs/master/src/vteseq.c I
see some changes in the code, so applying this won't be totally straight
<andre__> somebody please tell me if I should file a ticket
<freemangordon> BTW openssh is in extras, not CSSU material aiui
<DocScrutinizer05> andre__: denial of service or privilege escalation?
<DocScrutinizer05> DOS is "harmless"
<andre__> you can probably judge it way better than I can
<DocScrutinizer05> file it please
<DocScrutinizer05> we can triage later