Debian Security Advisory DSA-014-1 - Splitvt prior to v1.6.5 contains format string vulnerabilities in the -rcfile command line flag, allowing local users to gain access to the tty group.
d940846ee19c1a5b4a9100e965a24819cf6e930fa122210f06a1922f10c02648