Описание
ELSA-2023-5249: ncurses security update (MODERATE)
[6.1-9.20180224.1]
- fix buffer overflow on terminfo with too many capabilities (CVE-2023-29491)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
ncurses
6.1-9.20180224.el8_8.1
ncurses-base
6.1-9.20180224.el8_8.1
ncurses-c++-libs
6.1-9.20180224.el8_8.1
ncurses-compat-libs
6.1-9.20180224.el8_8.1
ncurses-devel
6.1-9.20180224.el8_8.1
ncurses-libs
6.1-9.20180224.el8_8.1
ncurses-term
6.1-9.20180224.el8_8.1
Oracle Linux x86_64
ncurses
6.1-9.20180224.el8_8.1
ncurses-base
6.1-9.20180224.el8_8.1
ncurses-c++-libs
6.1-9.20180224.el8_8.1
ncurses-compat-libs
6.1-9.20180224.el8_8.1
ncurses-devel
6.1-9.20180224.el8_8.1
ncurses-libs
6.1-9.20180224.el8_8.1
ncurses-term
6.1-9.20180224.el8_8.1
Связанные CVE
Связанные уязвимости
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.
ncurses before 6.4 20230408, when used by a setuid application, allows ...