Описание
Recommended update for ncurses
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858)
- CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libncurses5-5.6-92.1
libncurses5-32bit-5.6-92.1
libncurses5-x86-5.6-92.1
libncurses6-5.6-92.1
libncurses6-32bit-5.6-92.1
libncurses6-x86-5.6-92.1
ncurses-devel-5.6-92.1
ncurses-devel-32bit-5.6-92.1
ncurses-utils-5.6-92.1
tack-5.6-92.1
terminfo-5.6-92.1
terminfo-base-5.6-92.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libncurses5-5.6-92.1
libncurses5-32bit-5.6-92.1
libncurses5-x86-5.6-92.1
libncurses6-5.6-92.1
libncurses6-32bit-5.6-92.1
libncurses6-x86-5.6-92.1
ncurses-devel-5.6-92.1
ncurses-devel-32bit-5.6-92.1
ncurses-utils-5.6-92.1
tack-5.6-92.1
terminfo-5.6-92.1
terminfo-base-5.6-92.1
SUSE Linux Enterprise Software Development Kit 11 SP4
ncurses-devel-5.6-92.1
ncurses-devel-32bit-5.6-92.1
tack-5.6-92.1
Ссылки
- Link for SUSE-SU-2017:1790-1
- E-Mail link for SUSE-SU-2017:1790-1
- SUSE Security Ratings
- SUSE Bug 1046853
- SUSE Bug 1046858
- SUSE CVE CVE-2017-10684 page
- SUSE CVE CVE-2017-10685 page
Описание
In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libncurses5-32bit-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses5-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses5-x86-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses6-32bit-5.6-92.1
Ссылки
- CVE-2017-10684
- SUSE Bug 1046858
- SUSE Bug 1115932
- SUSE Bug 1175501
Описание
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input will lead to a remote arbitrary code execution attack.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libncurses5-32bit-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses5-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses5-x86-5.6-92.1
SUSE Linux Enterprise Server 11 SP4:libncurses6-32bit-5.6-92.1
Ссылки
- CVE-2017-10685
- SUSE Bug 1046853
- SUSE Bug 1115932
- SUSE Bug 1175501