Ubuntu alert USN-8078-1 (zutty)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-8078-1] Zutty vulnerability | |
| Date: | Fri, 06 Mar 2026 00:07:39 +0000 | |
| Message-ID: | <E1vyIjD-0007i3-Oc@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-8078-1 March 05, 2026 zutty vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Zutty could be made to execute arbitrary commands. Software Description: - zutty: X terminal emulator Details: Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS zutty 0.11.2.20220109.192032+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8078-1 CVE-2022-41138
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmmqGiQACgkQcpJm3tlz hgGOcxAAvW+59AOsjIJBFuooXkLx0vWkbl0AyqLZxnD5mU9VQvHmMnY2L6YEOyEH IYMPo0mcfu2q17jlOnIctPX6ZgIZiWUKAm7E0oEoU66bxBISFt9fesx8D4d57Hfo 0RdafD0w+yrQJvbB61qj4B4TOOav3RnmbHVx043QvbLkUD89yuVv5ecv5JLo7qss 0QQFas5VkOTabxe96/xHPNLz8idNAc0yE7KXHGsJVhuKQMq9UQEmIy4Rwb4QWDUO CcvQmcfCGs88EKrGHmDu8KZe6e9+WTnhBME3DRy8YeodQVhsArpIkIMVbvlKxS5E 96x4lw1DKP95x9zFaAWAJz8LbMUQWLUwwP4keKUJ0KtDNuKrr5bvp/c2xhG7Dlp7 MNapyLsMZR63Tb28lvWZlUn66QGP/LXk/EOkoyQbis6bVsTaz7haXEUffRpJbdTE 4XBt3r0vJKLTprNuL1I+87R+NPL41Zl0eLCY523qnDpyxM6aMWgw5kC2Cw6Co+0+ k4l4ZaG+y6RfLx/JAyGXzU0ZArQKUGmFojRA2XJrqMCf0TmfZYzydYTD+0pJrwCe vSGxWMgwt2yA+jEYzwank/h5YTp1W3Mrx7OAQDQgrEBKMhJKD6xZz7RP4zGpP2y2 8+NrnqqPKhUXTSBvjweXRMYSamsrzvFUuNslj/toeC2TXmoGC3o= =xoD6 -----END PGP SIGNATURE-----