diff options
| author | Ovidiu Panait <ovidiu.panait@windriver.com> | 2017-09-20 13:13:49 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-21 09:24:25 +0100 |
| commit | 455877548e7a685f0dacf3b10056ff85c7aeedf2 (patch) | |
| tree | cb53bf66b49a2df64ecee67b5fa2933fdee3addf /meta/recipes-core/ncurses/ncurses_6.0+20170715.bb | |
| parent | 59106e5dce83abfd3d5c58883df4cee028cea5e0 (diff) | |
| download | poky-455877548e7a685f0dacf3b10056ff85c7aeedf2.tar.gz | |
ncurses: CVE-2017-13732, CVE-2017-13734, CVE-2017-13730, CVE-2017-13729, CVE-2017-13728, CVE-2017-13731
There is an illegal address access in the function dump_uses() in progs/dump_entry.c
in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_safe_strcat function in
strings.c in ncurses 6.0 that will lead to a remote denial of service attack.
There is an illegal address access in the function _nc_read_entry_source()
in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack.
There is an illegal address access in the _nc_save_str function in
alloc_entry.c in ncurses 6.0. It will lead to a remote denial of service attack.
There is an infinite loop in the next_char function in comp_scan.c in
ncurses 6.0, related to libtic. A crafted input will lead to a remote denial of service attack.
There is an illegal address access in the function postprocess_termcap()
in parse_entry.c in ncurses 6.0 that will lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-13734
https://nvd.nist.gov/vuln/detail/CVE-2017-13732
https://nvd.nist.gov/vuln/detail/CVE-2017-13731
https://nvd.nist.gov/vuln/detail/CVE-2017-13730
https://nvd.nist.gov/vuln/detail/CVE-2017-13729
https://nvd.nist.gov/vuln/detail/CVE-2017-13728
Upstream patch:
https://anonscm.debian.org/cgit/collab-maint/ncurses.git/commit/?id=129aac80802d997b86ab0663836b7fdafb8e3926
(From OE-Core rev: 52d0f351062da730055ffc6b953ff4e68ddb437f)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/ncurses/ncurses_6.0+20170715.bb')
| -rw-r--r-- | meta/recipes-core/ncurses/ncurses_6.0+20170715.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb b/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb index 127394c006..d1da5d16e0 100644 --- a/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb +++ b/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb | |||
| @@ -3,6 +3,7 @@ require ncurses.inc | |||
| 3 | SRC_URI += "file://0001-tic-hang.patch \ | 3 | SRC_URI += "file://0001-tic-hang.patch \ |
| 4 | file://0002-configure-reproducible.patch \ | 4 | file://0002-configure-reproducible.patch \ |
| 5 | file://config.cache \ | 5 | file://config.cache \ |
| 6 | file://CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch \ | ||
| 6 | " | 7 | " |
| 7 | # commit id corresponds to the revision in package version | 8 | # commit id corresponds to the revision in package version |
| 8 | SRCREV = "52681a6a1a18b4d6eb1a716512d0dd827bd71c87" | 9 | SRCREV = "52681a6a1a18b4d6eb1a716512d0dd827bd71c87" |