An updated xterm package that corrects a security issue is now available
for CentOS Linux 4.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
The xterm program is a terminal emulator for the X Window System. It
provides DEC VT102 and Tektronix 4014 compatible terminals for
programs that cannot use the window system directly.
A bug was found in the way xterm packages were built that caused the
pseudo-terminal device files of the xterm emulated terminals to be owned by
the incorrect group. This flaw did not affect CentOS Linux 4
Update 4 and earlier. (CVE-2007-2797)
All users of xterm are advised to upgrade to this updated package, which
contains a patch to correct this issue.