wterm is vulnerable to the same X11 Display issue as rxvt, "The security issue is caused due to the program using ":0" as it's X11 display if the DISPLAY environment variable is missing. This can be exploited to execute arbitrary commands with the privileges of the user running rxvt via a malicious X server." rxvt bug #217819
Patch committed. Arches, please test and mark stable: =x11-terms/wterm-6.2.9-r3 Target keywords : "ppc release sparc x86"
x86 stable
sparc stable
ppc stable
Fixed in release snapshot.
GLSA 200805-03