Download
| Alert*
oval:org.secpod.oval:def:89049672
This update for ncurses fixes the following issues: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry . Non-security issue fixed: - Remove scree.xterm from terminfo data base as with this screen uses fal ... oval:org.secpod.oval:def:114583 ncurses is installed oval:org.secpod.oval:def:114586 The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a terminfo comp ... oval:org.secpod.oval:def:114582 The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a terminfo comp ... oval:org.secpod.oval:def:89044846 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-11112: Illegal address access in append_acs. - CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. - CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap f ... oval:org.secpod.oval:def:89044904 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c . - CVE-2017-13729: Fix illegal address access in the _nc_save_str . - CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_sou ... oval:org.secpod.oval:def:89044969 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-11112: Illegal address access in append_acs. - CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. - CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap f ... oval:org.secpod.oval:def:89002306 This update for ncurses fixes the following issue: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry . oval:org.secpod.oval:def:89044619 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. - CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function oval:org.secpod.oval:def:89002247 This update for ncurses fixes the following issues: Security issue fixed: - CVE-2017-13733: Fix illegal address access in the fmt_entry function . oval:org.secpod.oval:def:89044760 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. - CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. Bugfixes: - Drop patch ncurses-5.9-environ ... oval:org.secpod.oval:def:1700065 A NULL pointer dereference was found in the way the _nc_parse_entry function parses terminfo data for compilation. An attacker able to provide specially crafted terminfo data could use this flaw to crash the application parsing it. oval:org.secpod.oval:def:86340 The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. Security Fix ... oval:org.secpod.oval:def:89003366 This update for ncurses fixes the following issues: Security issue fixed: - - CVE-2019-17594: Fixed a heap-based buffer over-read in _nc_find_entry function in tinfo/comp_hash.c . - CVE-2019-17595: Fixed a heap-based buffer over-read in fmt_entry function in tinfo/comp_hash.c . Bug fixes: - Fixed pp ... oval:org.secpod.oval:def:89050653 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function . - CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function . Non-security issue fixed: - Removed screen.xterm from te ... oval:org.secpod.oval:def:4501319 The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. Security Fix ... oval:org.secpod.oval:def:1505252 [6.1-9.20180224] - fix tput to accept -x option [6.1-8.20180224] - fix buffer overflow in terminfo entry hashtable - handle missing character after backslash in terminfo entry oval:org.secpod.oval:def:2500400 The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. oval:org.secpod.oval:def:89051268 This update for ncurses fixes the following issues: * CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry * Modify reset command to avoid altering clocal if the terminal uses a modem oval:org.secpod.oval:def:89051269 This update for ncurses fixes the following issues: * CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry oval:org.secpod.oval:def:1702033 NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry oval:org.secpod.oval:def:19500561 NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry oval:org.secpod.oval:def:2600399 The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo. oval:org.secpod.oval:def:19500265 ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable oval:org.secpod.oval:def:127080 The curses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses library is a freely distributable replacement for the discontinued 4.4 BSD classic curses library. This package contains support utilities, including a terminfo comp ... oval:org.secpod.oval:def:1702173 ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c oval:org.secpod.oval:def:89051728 This update for ncurses fixes the following issues: * CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file . oval:org.secpod.oval:def:89051720 This update for ncurses fixes the following issues: * CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file . oval:org.secpod.oval:def:89047123 This update for ncurses fixes the following issues: - CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo oval:org.secpod.oval:def:1701090 The ncurses package is susceptible to a heap overflow on crafted input. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability. A segmentation fault vulner ... oval:org.secpod.oval:def:19500153 The ncurses package is susceptible to a heap overflow on crafted input. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability. A segmentation fault vulner ... oval:org.secpod.oval:def:3301258 SUSE Security Update: Security update for ncurses oval:org.secpod.oval:def:89047530 This update for ncurses fixes the following issues: - CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c . oval:org.secpod.oval:def:1702015 There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. Buffer Over ... oval:org.secpod.oval:def:89048815 This update for ncurses fixes the following issues: * CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data . oval:org.secpod.oval:def:89048813 This update for ncurses fixes the following issues: * CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data . |