Описание
Security update for ncurses
This update for ncurses fixes the following issues:
Security issue fixed:
- CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).
Non-security issue fixed:
- Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libncurses5-6.1-lp150.4.3.1
libncurses5-32bit-6.1-lp150.4.3.1
libncurses6-6.1-lp150.4.3.1
libncurses6-32bit-6.1-lp150.4.3.1
ncurses-6.1-lp150.4.3.1
ncurses-devel-6.1-lp150.4.3.1
ncurses-devel-32bit-6.1-lp150.4.3.1
ncurses-utils-6.1-lp150.4.3.1
ncurses5-devel-6.1-lp150.4.3.1
ncurses5-devel-32bit-6.1-lp150.4.3.1
tack-6.1-lp150.4.3.1
terminfo-6.1-lp150.4.3.1
terminfo-base-6.1-lp150.4.3.1
terminfo-iterm-6.1-lp150.4.3.1
terminfo-screen-6.1-lp150.4.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:4055-1
- SUSE Security Ratings
Описание
In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack.
Затронутые продукты
openSUSE Leap 15.0:libncurses5-32bit-6.1-lp150.4.3.1
openSUSE Leap 15.0:libncurses5-6.1-lp150.4.3.1
openSUSE Leap 15.0:libncurses6-32bit-6.1-lp150.4.3.1
openSUSE Leap 15.0:libncurses6-6.1-lp150.4.3.1
Ссылки
- CVE-2018-19211
- SUSE Bug 1115929