Описание
Security update for ncurses
This update for ncurses fixes the following issue:
Security issue fixed:
- CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Desktop 12 SP4
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Server 12 SP3
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-devel-32bit-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Server 12 SP4
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-devel-32bit-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-devel-32bit-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libncurses5-5.9-61.1
libncurses5-32bit-5.9-61.1
libncurses6-5.9-61.1
libncurses6-32bit-5.9-61.1
ncurses-devel-5.9-61.1
ncurses-devel-32bit-5.9-61.1
ncurses-utils-5.9-61.1
tack-5.9-61.1
terminfo-5.9-61.1
terminfo-base-5.9-61.1
SUSE Linux Enterprise Software Development Kit 12 SP3
ncurses-devel-5.9-61.1
SUSE Linux Enterprise Software Development Kit 12 SP4
ncurses-devel-5.9-61.1
Ссылки
- Link for SUSE-SU-2018:3967-1
- E-Mail link for SUSE-SU-2018:3967-1
- SUSE Security Ratings
- SUSE Bug 1115929
- SUSE CVE CVE-2018-19211 page
Описание
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libncurses5-32bit-5.9-61.1
SUSE Linux Enterprise Desktop 12 SP3:libncurses5-5.9-61.1
SUSE Linux Enterprise Desktop 12 SP3:libncurses6-32bit-5.9-61.1
SUSE Linux Enterprise Desktop 12 SP3:libncurses6-5.9-61.1
Ссылки
- CVE-2018-19211
- SUSE Bug 1115929
- SUSE Bug 1131830