Control: tags -1 confirmed On Fri, 2023-09-29 at 08:35 +0200, Birger Schacht wrote: > The terminal emulator foot contains a vulnerability. The issue is > that, if an XTGETTCAP escape sequence printed to the terminal > contains newline characters, foot will echo the newline characters > back into the PTY as part of the "invalid capability" response. > (XTGETTCAP strings are supposed to be hex-encoded, so it's not valid > for them to contain newline characters.) >
Please go ahead. Regards, Adam
