SUSE-SU-2019:2997-1

UNKNOWN

Security update for ncurses

Published Nov 18, 2019

Modified 6 years ago

Fix available

Details

This update for ncurses fixes the following issues:

Security issues fixed:

CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function (bsc#1154036).
CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037).

Non-security issue fixed:

Removed screen.xterm from terminfo database (bsc#1103320).

Affected Packages(14 packages)

libncurses6

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

6.1-5.6.2

libncurses6-32bit

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

6.1-5.6.2

ncurses

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1SUSE Linux Enterprise Module for Development Tools 15SUSE Linux Enterprise Module for Development Tools 15 SP1SUSE Linux Enterprise Module for Legacy 15

Fixed in:

6.1-5.6.2

ncurses-devel

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

6.1-5.6.2

ncurses-utils

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

6.1-5.6.2

tack

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1