| Release | Version |
|---|---|
| buster | 344-1+deb10u2 |
| bullseye | 366-1+deb11u1 |
| bookworm | 379-1 |
| trixie | 384-1 |
| sid | 384-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2023-40359 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | xterm before 380 supports ReGIS reporting for character-set names even ... |
| CVE-2022-45063 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | xterm before 375 allows code execution via font ops, e.g., because an ... |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2006-4447 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtran ... |
| Bug | Description |
|---|---|
| CVE-2022-24130 | xterm through Patch 370, when Sixel support is enabled, allows attacke ... |
| CVE-2021-27135 | xterm before Patch #366 allows remote attackers to execute arbitrary c ... |
| CVE-2008-2383 | CRLF injection vulnerability in xterm allows user-assisted attackers t ... |
| CVE-2007-2797 | xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in ... |
| CVE-2007-0823 | xterm on Slackware Linux 10.2 stores information that had been display ... |
| CVE-2006-7236 | The default configuration of xterm on Debian GNU/Linux sid and possibl ... |
| DSA / DLA | Description |
|---|---|
| DLA-2913-1 | xterm - security update |
| DLA-2558-2 | xterm - regression update |
| DLA-2558-1 | xterm - security update |
| DSA-1694-1 | xterm - remote code execution |