Control: clone -1 -2 Control: retitle -2 ncurses: CVE-2017-13733 On 2017-08-30 15:49 +0200, Raphael Hertzog wrote:
> Source: ncurses > X-Debbugs-CC: t...@security.debian.org > secure-testing-t...@lists.alioth.debian.org > Severity: important > Tags: security > > Hi, > > the following vulnerabilities were published for ncurses. > > CVE-2017-13728[0]: > | There is an infinite loop in the next_char function in comp_scan.c in > | ncurses 6.0, related to libtic. A crafted input will lead to a remote > | denial of service attack. > > CVE-2017-13729[1]: > | There is an illegal address access in the _nc_save_str function in > | alloc_entry.c in ncurses 6.0. It will lead to a remote denial of > | service attack. > > CVE-2017-13730[2]: > | There is an illegal address access in the function > | _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead > | to a remote denial of service attack. > > CVE-2017-13731[3]: > | There is an illegal address access in the function > | postprocess_termcap() in parse_entry.c in ncurses 6.0 that will lead to > | a remote denial of service attack. > > CVE-2017-13732[4]: > | There is an illegal address access in the function dump_uses() in > | progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of > | service attack. > > CVE-2017-13733[5]: > | There is an illegal address access in the fmt_entry function in > | progs/dump_entry.c in ncurses 6.0 that might lead to a remote denial of > | service attack. > > CVE-2017-13734[6]: > | There is an illegal address access in the _nc_safe_strcat function in > | strings.c in ncurses 6.0 that will lead to a remote denial of service > | attack. All but CVE-2017-13733 have been fixed in the latest upstream patchlevel for which I have already prepared a release, cloning the bug to track that one separately. > If you fix the vulnerabilities please also make sure to include the > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. Already done[1]. Cheers, Sven 1. https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=45ee200645d5f299be580db4aeb2a4b5c817301a