MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
screen
Recherche

Multiple security issues in Screen

lundi 12 mai 2025, 22:58 , par LWN.net
The SUSE Security Team has published
an article detailing several security
issues it has uncovered with GNU Screen. This includes
a local root exploit when Screen is shipped setuid-root, as it is in
some Linux and BSD distributions. The security team also reports problems
in coordinating disclosure with the upstream Screen project.

We are not satisfied with how this coordinated disclosure developed,
and we will try to be more attentive to such problematic situations
early on in the future. This experience also sheds light on the
overall situation of Screen upstream. It looks like it suffers from a
lack of manpower and expertise, which is worrying for such a
widespread open source utility. We hope this publication can help to
draw attention to this and to improve this situation in the future.

The article includes a table
of operating systems, screen versions, and which vulnerabilities they
may be affected by.
Lire la suite sur LWN.net
https://lwn.net/Articles/1020901/

Voir aussi

screen M365 apps on Windows 10 to get security fixes into 2028 TheRegister13 May
security Security updates for Monday LWN.net12 May
issues CISA/DOGE Software Engineer's Login Credentials Appeared in Multiple Leaks From Info-Stealing Malware in Recent Years Slashdot11 May
multiple Security updates for Friday LWN.net 9 May
situation openSUSE deep sixes Deepin desktop over security stink TheRegister 9 May
which 7 application security startups at RSAC 2025 InfoWorld 9 May
also Security updates for Thursday LWN.net 8 May
such openSUSE removes Deepin from its repositories after long string of security issues and unauthorised security bypass OS News 7 May
disclosure Hollywood Meets Silicon Valley With Google’s New AI on Screen Initiative eWeek 7 May
upstream Employee browser activity creates a security blindspot BetaNews 7 May
includes curl bans “AI” security reports as Zuckerberg claims we’ll all have more “AI” friends than real ones OS News 7 May
article Security updates for Wednesday LWN.net 7 May
future Pentagon Targets Open Source Security Risks in Software Procurement Overhaul Slashdot 7 May
team IBM’s watsonx.data could simplify agentic AI-related data issues InfoWorld 7 May
screen Top sci-fi convention gets an earful from authors after using AI to screen panelists TheRegister 7 May
security Amazon's Zoox Robotaxi Unit Issues Software Recall After Recent Las Vegas Crash Slashdot 7 May
issues Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years Wired: Tech. 6 May
multiple Security updates for Tuesday LWN.net 6 May
situation Security updates for Monday LWN.net 5 May
which Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US Wired: Tech. 5 May
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
mar. 13 mai - 02:27 CEST