Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0120-1

Опубликовано: 17 янв. 2018
Источник: suse-cvrf

Описание

Security update for ncurses

This update for ncurses fixes the following issues:

Security issues fixed:

  • CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136).
  • CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131).
  • CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127).
  • CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132).
  • CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128).
  • CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP3
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Server 12 SP2
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-devel-32bit-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Server 12 SP3
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-devel-32bit-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libncurses5-5.9-55.1
libncurses6-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-devel-32bit-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libncurses5-5.9-55.1
libncurses5-32bit-5.9-55.1
libncurses6-5.9-55.1
libncurses6-32bit-5.9-55.1
ncurses-devel-5.9-55.1
ncurses-devel-32bit-5.9-55.1
ncurses-utils-5.9-55.1
tack-5.9-55.1
terminfo-5.9-55.1
terminfo-base-5.9-55.1
SUSE Linux Enterprise Software Development Kit 12 SP2
ncurses-devel-5.9-55.1
SUSE Linux Enterprise Software Development Kit 12 SP3
ncurses-devel-5.9-55.1

Ссылки

Описание

There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки

Описание

There is an illegal address access in the _nc_save_str function in alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки

Описание

There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки

Описание

There is an illegal address access in the function postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки

Описание

There is an illegal address access in the function dump_uses() in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки

Описание

There is an illegal address access in the fmt_entry function in progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of service attack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses5-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-32bit-5.9-55.1
SUSE Linux Enterprise Desktop 12 SP2:libncurses6-5.9-55.1
Ссылки