screen: crash when processing combining chars (CVE-2021-26937)

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence.

References:

https://www.openwall.com/lists/oss-security/2021/02/09/3
https://nvd.nist.gov/vuln/detail/CVE-2021-26937

Affected branches:

Edited Feb 11, 2021 by Leo

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information