A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections (CVE-2008-1142).
The updated packages have been patched to correct this issue.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.