GNU Screen 5.0.1 has been released to address several security issues.

On Monday the SUSE Security Team published an article outlining [1]several security issues with GNU Screen . Screen 5.0.1 is now published with the assortment of security fixes as well as some other issues spotted and resolved:

- CVE-2025-46805: do NOT send signals with root privileges

- CVE-2025-46804: avoid file existence test information leaks

- CVE-2025-46803: apply safe PTY default mode of 0620

- CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher

- CVE-2025-23395: reintroduce lf_secreopen() for logfile

- buffer overflow due bad strncpy()

- uninitialized variables warnings

- typos

- combining char handling that could lead to a segfault

Downloads and more details on GNU Screen 5.0.1 via the [2]mailing list announcement .



[1] https://security.opensuse.org/2025/05/12/screen-security-issues.html

[2] https://lists.gnu.org/archive/html/info-gnu/2025-05/msg00002.html