summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/recipes-core/ncurses/files/CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch541
-rw-r--r--meta/recipes-core/ncurses/ncurses_6.0+20171125.bb (renamed from meta/recipes-core/ncurses/ncurses_6.0+20170715.bb)3
2 files changed, 1 insertions, 543 deletions
diff --git a/meta/recipes-core/ncurses/files/CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch b/meta/recipes-core/ncurses/files/CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch
deleted file mode 100644
index a19332c4b2..0000000000
--- a/meta/recipes-core/ncurses/files/CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch
+++ /dev/null
@@ -1,541 +0,0 @@
1From 4bf72cb8f1d3aa5f33c31eb817a5f0338f4aaf6f Mon Sep 17 00:00:00 2001
2From: Ovidiu Panait <ovidiu.panait@windriver.com>
3Date: Wed, 20 Sep 2017 05:02:00 +0000
4Subject: [PATCH] Import upstream patch 20170826
5
620170826
7 + fixes for "iterm2" (report by Leonardo Brondani Schenkel) -TD
8 + corrected a warning from tic about keys which are the same, to skip
9 over missing/cancelled values.
10 + add check in tic for unnecessary use of "2" to denote a shifted
11 special key.
12 + improve checks in trim_sgr0, comp_parse.c and parse_entry.c, for
13 cancelled string capabilities.
14 + add check in _nc_parse_entry() for invalid entry name, setting the
15 name to "invalid" to avoid problems storing entries.
16 + add/improve checks in tic's parser to address invalid input
17 + add a check in comp_scan.c to handle the special case where a
18 nontext file ending with a NUL rather than newline is given to tic
19 as input (Redhat #1484274).
20 + allow for cancelled capabilities in _nc_save_str (Redhat #1484276).
21 + add validity checks for "use=" target in _nc_parse_entry (Redhat
22 #1484284).
23 + check for invalid strings in postprocess_termcap (Redhat #1484285)
24 + reset secondary pointers on EOF in next_char() (Redhat #1484287).
25 + guard _nc_safe_strcpy() and _nc_safe_strcat() against calls using
26 cancelled strings (Redhat #1484291).
27 + correct typo in curs_memleaks.3x (Sven Joachim).
28 + improve test/configure checks for some curses variants not based on
29 X/Open Curses.
30 + add options for test/configure to disable checks for form, menu and
31 panel libraries.
32
33Upstream-Status: Backport
34CVE: CVE-2017-13732, CVE-2017-13734, CVE-2017-13730, CVE-2017-13729, CVE-2017-13728, CVE-2017-13731
35
36
37Author: Sven Joachim <svenjoac@gmx.de>
38Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
39---
40 dist.mk | 4 +-
41 include/ncurses_defs | 4 +-
42 ncurses/tinfo/alloc_entry.c | 4 +-
43 ncurses/tinfo/comp_parse.c | 10 ++---
44 ncurses/tinfo/comp_scan.c | 6 ++-
45 ncurses/tinfo/parse_entry.c | 91 ++++++++++++++++++++++++++++++---------------
46 ncurses/tinfo/strings.c | 9 +++--
47 ncurses/tinfo/trim_sgr0.c | 4 +-
48 progs/tic.c | 75 ++++++++++++++++++++++++++++++++++++-
49 9 files changed, 157 insertions(+), 50 deletions(-)
50
51diff --git a/dist.mk b/dist.mk
52index 9af2699..2c70472 100644
53--- a/dist.mk
54+++ b/dist.mk
55@@ -25,7 +25,7 @@
56 # use or other dealings in this Software without prior written #
57 # authorization. #
58 ##############################################################################
59-# $Id: dist.mk,v 1.1172 2017/07/13 00:15:27 tom Exp $
60+# $Id: dist.mk,v 1.1179 2017/08/20 15:33:41 tom Exp $
61 # Makefile for creating ncurses distributions.
62 #
63 # This only needs to be used directly as a makefile by developers, but
64@@ -37,7 +37,7 @@ SHELL = /bin/sh
65 # These define the major/minor/patch versions of ncurses.
66 NCURSES_MAJOR = 6
67 NCURSES_MINOR = 0
68-NCURSES_PATCH = 20170715
69+NCURSES_PATCH = 20170826
70
71 # We don't append the patch to the version, since this only applies to releases
72 VERSION = $(NCURSES_MAJOR).$(NCURSES_MINOR)
73diff --git a/include/ncurses_defs b/include/ncurses_defs
74index e6611b7..d237db1 100644
75--- a/include/ncurses_defs
76+++ b/include/ncurses_defs
77@@ -1,4 +1,4 @@
78-# $Id: ncurses_defs,v 1.73 2017/06/24 14:20:57 tom Exp $
79+# $Id: ncurses_defs,v 1.75 2017/08/20 16:50:04 tom Exp $
80 ##############################################################################
81 # Copyright (c) 2000-2016,2017 Free Software Foundation, Inc. #
82 # #
83@@ -50,7 +50,9 @@ HAVE_BSD_STRING_H
84 HAVE_BTOWC
85 HAVE_BUILTIN_H
86 HAVE_CHGAT 1
87+HAVE_COLOR_CONTENT 1
88 HAVE_COLOR_SET 1
89+HAVE_CURSCR 1
90 HAVE_DIRENT_H
91 HAVE_ERRNO
92 HAVE_FCNTL_H
93diff --git a/ncurses/tinfo/alloc_entry.c b/ncurses/tinfo/alloc_entry.c
94index 5de09f1..09374d6 100644
95--- a/ncurses/tinfo/alloc_entry.c
96+++ b/ncurses/tinfo/alloc_entry.c
97@@ -47,7 +47,7 @@
98
99 #include <tic.h>
100
101-MODULE_ID("$Id: alloc_entry.c,v 1.60 2017/06/27 23:48:55 tom Exp $")
102+MODULE_ID("$Id: alloc_entry.c,v 1.61 2017/08/25 09:09:08 tom Exp $")
103
104 #define ABSENT_OFFSET -1
105 #define CANCELLED_OFFSET -2
106@@ -98,7 +98,7 @@ _nc_save_str(const char *const string)
107 size_t old_next_free = next_free;
108 size_t len;
109
110- if (string == 0)
111+ if (!VALID_STRING(string))
112 return _nc_save_str("");
113 len = strlen(string) + 1;
114
115diff --git a/ncurses/tinfo/comp_parse.c b/ncurses/tinfo/comp_parse.c
116index 34e6216..580d4df 100644
117--- a/ncurses/tinfo/comp_parse.c
118+++ b/ncurses/tinfo/comp_parse.c
119@@ -47,7 +47,7 @@
120
121 #include <tic.h>
122
123-MODULE_ID("$Id: comp_parse.c,v 1.96 2017/04/15 15:36:58 tom Exp $")
124+MODULE_ID("$Id: comp_parse.c,v 1.99 2017/08/26 16:15:50 tom Exp $")
125
126 static void sanity_check2(TERMTYPE2 *, bool);
127 NCURSES_IMPEXP void NCURSES_API(*_nc_check_termtype2) (TERMTYPE2 *, bool) = sanity_check2;
128@@ -510,9 +510,9 @@ static void
129 fixup_acsc(TERMTYPE2 *tp, int literal)
130 {
131 if (!literal) {
132- if (acs_chars == 0
133- && enter_alt_charset_mode != 0
134- && exit_alt_charset_mode != 0)
135+ if (acs_chars == ABSENT_STRING
136+ && PRESENT(enter_alt_charset_mode)
137+ && PRESENT(exit_alt_charset_mode))
138 acs_chars = strdup(VT_ACSC);
139 }
140 }
141@@ -568,9 +568,7 @@ sanity_check2(TERMTYPE2 *tp, bool literal)
142 PAIRED(enter_xon_mode, exit_xon_mode);
143 PAIRED(enter_am_mode, exit_am_mode);
144 ANDMISSING(label_off, label_on);
145-#ifdef remove_clock
146 PAIRED(display_clock, remove_clock);
147-#endif
148 ANDMISSING(set_color_pair, initialize_pair);
149 }
150
151diff --git a/ncurses/tinfo/comp_scan.c b/ncurses/tinfo/comp_scan.c
152index 40d7f6a..b207257 100644
153--- a/ncurses/tinfo/comp_scan.c
154+++ b/ncurses/tinfo/comp_scan.c
155@@ -50,7 +50,7 @@
156 #include <ctype.h>
157 #include <tic.h>
158
159-MODULE_ID("$Id: comp_scan.c,v 1.106 2017/04/22 11:41:12 tom Exp $")
160+MODULE_ID("$Id: comp_scan.c,v 1.108 2017/08/25 22:57:21 tom Exp $")
161
162 /*
163 * Maximum length of string capability we'll accept before raising an error.
164@@ -168,6 +168,8 @@ next_char(void)
165 if (result != 0) {
166 FreeAndNull(result);
167 FreeAndNull(pushname);
168+ bufptr = 0;
169+ bufstart = 0;
170 allocated = 0;
171 }
172 /*
173@@ -222,6 +224,8 @@ next_char(void)
174 }
175 if ((bufptr = bufstart) != 0) {
176 used = strlen(bufptr);
177+ if (used == 0)
178+ return (EOF);
179 while (iswhite(*bufptr)) {
180 if (*bufptr == '\t') {
181 _nc_curr_col = (_nc_curr_col | 7) + 1;
182diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c
183index 3fa2f25..bbbfcb2 100644
184--- a/ncurses/tinfo/parse_entry.c
185+++ b/ncurses/tinfo/parse_entry.c
186@@ -47,7 +47,7 @@
187 #include <ctype.h>
188 #include <tic.h>
189
190-MODULE_ID("$Id: parse_entry.c,v 1.86 2017/06/28 00:53:12 tom Exp $")
191+MODULE_ID("$Id: parse_entry.c,v 1.91 2017/08/26 16:13:34 tom Exp $")
192
193 #ifdef LINT
194 static short const parametrized[] =
195@@ -180,6 +180,20 @@ _nc_extend_names(ENTRY * entryp, char *name, int token_type)
196 }
197 #endif /* NCURSES_XNAMES */
198
199+static bool
200+valid_entryname(const char *name)
201+{
202+ bool result = TRUE;
203+ int ch;
204+ while ((ch = UChar(*name++)) != '\0') {
205+ if (ch <= ' ' || ch > '~' || ch == '/') {
206+ result = FALSE;
207+ break;
208+ }
209+ }
210+ return result;
211+}
212+
213 /*
214 * int
215 * _nc_parse_entry(entry, literal, silent)
216@@ -211,6 +225,7 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
217 int token_type;
218 struct name_table_entry const *entry_ptr;
219 char *ptr, *base;
220+ const char *name;
221 bool bad_tc_usage = FALSE;
222
223 token_type = _nc_get_token(silent);
224@@ -261,7 +276,12 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
225 * results in the terminal type getting prematurely set to correspond
226 * to that of the next entry.
227 */
228- _nc_set_type(_nc_first_name(entryp->tterm.term_names));
229+ name = _nc_first_name(entryp->tterm.term_names);
230+ if (!valid_entryname(name)) {
231+ _nc_warning("invalid entry name \"%s\"", name);
232+ name = "invalid";
233+ }
234+ _nc_set_type(name);
235
236 /* check for overly-long names and aliases */
237 for (base = entryp->tterm.term_names; (ptr = strchr(base, '|')) != 0;
238@@ -283,13 +303,24 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
239 bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0);
240 bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0);
241 if (is_use || is_tc) {
242+ if (!VALID_STRING(_nc_curr_token.tk_valstring)
243+ || _nc_curr_token.tk_valstring[0] == '\0') {
244+ _nc_warning("missing name for use-clause");
245+ continue;
246+ } else if (!valid_entryname(_nc_curr_token.tk_valstring)) {
247+ _nc_warning("invalid name for use-clause \"%s\"",
248+ _nc_curr_token.tk_valstring);
249+ continue;
250+ } else if (entryp->nuses >= MAX_USES) {
251+ _nc_warning("too many use-clauses, ignored \"%s\"",
252+ _nc_curr_token.tk_valstring);
253+ continue;
254+ }
255 entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring);
256 entryp->uses[entryp->nuses].line = _nc_curr_line;
257- if (VALID_STRING(entryp->uses[entryp->nuses].name)) {
258- entryp->nuses++;
259- if (entryp->nuses > 1 && is_tc) {
260- BAD_TC_USAGE
261- }
262+ entryp->nuses++;
263+ if (entryp->nuses > 1 && is_tc) {
264+ BAD_TC_USAGE
265 }
266 } else {
267 /* normal token lookup */
268@@ -641,13 +672,6 @@ static const char C_BS[] = "\b";
269 static const char C_HT[] = "\t";
270
271 /*
272- * Note that WANTED and PRESENT are not simple inverses! If a capability
273- * has been explicitly cancelled, it's not considered WANTED.
274- */
275-#define WANTED(s) ((s) == ABSENT_STRING)
276-#define PRESENT(s) (((s) != ABSENT_STRING) && ((s) != CANCELLED_STRING))
277-
278-/*
279 * This bit of legerdemain turns all the terminfo variable names into
280 * references to locations in the arrays Booleans, Numbers, and Strings ---
281 * precisely what's needed.
282@@ -672,10 +696,10 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
283
284 /* if there was a tc entry, assume we picked up defaults via that */
285 if (!has_base) {
286- if (WANTED(init_3string) && termcap_init2)
287+ if (WANTED(init_3string) && PRESENT(termcap_init2))
288 init_3string = _nc_save_str(termcap_init2);
289
290- if (WANTED(reset_2string) && termcap_reset)
291+ if (WANTED(reset_2string) && PRESENT(termcap_reset))
292 reset_2string = _nc_save_str(termcap_reset);
293
294 if (WANTED(carriage_return)) {
295@@ -790,7 +814,7 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
296 if (init_tabs != 8 && init_tabs != ABSENT_NUMERIC)
297 _nc_warning("hardware tabs with a width other than 8: %d", init_tabs);
298 else {
299- if (tab && _nc_capcmp(tab, C_HT))
300+ if (PRESENT(tab) && _nc_capcmp(tab, C_HT))
301 _nc_warning("hardware tabs with a non-^I tab string %s",
302 _nc_visbuf(tab));
303 else {
304@@ -867,17 +891,22 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
305 * The magic moment -- copy the mapped key string over,
306 * stripping out padding.
307 */
308- for (dp = buf2, bp = tp->Strings[from_ptr->nte_index]; *bp; bp++) {
309- if (bp[0] == '$' && bp[1] == '<') {
310- while (*bp && *bp != '>') {
311- ++bp;
312- }
313- } else
314- *dp++ = *bp;
315- }
316- *dp = '\0';
317+ bp = tp->Strings[from_ptr->nte_index];
318+ if (VALID_STRING(bp)) {
319+ for (dp = buf2; *bp; bp++) {
320+ if (bp[0] == '$' && bp[1] == '<') {
321+ while (*bp && *bp != '>') {
322+ ++bp;
323+ }
324+ } else
325+ *dp++ = *bp;
326+ }
327+ *dp = '\0';
328
329- tp->Strings[to_ptr->nte_index] = _nc_save_str(buf2);
330+ tp->Strings[to_ptr->nte_index] = _nc_save_str(buf2);
331+ } else {
332+ tp->Strings[to_ptr->nte_index] = bp;
333+ }
334 }
335
336 /*
337@@ -886,7 +915,7 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
338 * got mapped to kich1 and im to kIC to avoid a collision.
339 * If the description has im but not ic, hack kIC back to kich1.
340 */
341- if (foundim && WANTED(key_ic) && key_sic) {
342+ if (foundim && WANTED(key_ic) && PRESENT(key_sic)) {
343 key_ic = key_sic;
344 key_sic = ABSENT_STRING;
345 }
346@@ -938,9 +967,9 @@ postprocess_termcap(TERMTYPE2 *tp, bool has_base)
347 acs_chars = _nc_save_str(buf2);
348 _nc_warning("acsc string synthesized from XENIX capabilities");
349 }
350- } else if (acs_chars == 0
351- && enter_alt_charset_mode != 0
352- && exit_alt_charset_mode != 0) {
353+ } else if (acs_chars == ABSENT_STRING
354+ && PRESENT(enter_alt_charset_mode)
355+ && PRESENT(exit_alt_charset_mode)) {
356 acs_chars = _nc_save_str(VT_ACSC);
357 }
358 }
359diff --git a/ncurses/tinfo/strings.c b/ncurses/tinfo/strings.c
360index 393d8e7..10ec6c8 100644
361--- a/ncurses/tinfo/strings.c
362+++ b/ncurses/tinfo/strings.c
363@@ -1,5 +1,5 @@
364 /****************************************************************************
365- * Copyright (c) 2000-2007,2012 Free Software Foundation, Inc. *
366+ * Copyright (c) 2000-2012,2017 Free Software Foundation, Inc. *
367 * *
368 * Permission is hereby granted, free of charge, to any person obtaining a *
369 * copy of this software and associated documentation files (the *
370@@ -35,8 +35,9 @@
371 **/
372
373 #include <curses.priv.h>
374+#include <tic.h>
375
376-MODULE_ID("$Id: strings.c,v 1.8 2012/02/22 22:34:31 tom Exp $")
377+MODULE_ID("$Id: strings.c,v 1.9 2017/08/26 13:16:11 tom Exp $")
378
379 /****************************************************************************
380 * Useful string functions (especially for mvcur)
381@@ -105,7 +106,7 @@ _nc_str_copy(string_desc * dst, string_desc * src)
382 NCURSES_EXPORT(bool)
383 _nc_safe_strcat(string_desc * dst, const char *src)
384 {
385- if (src != 0) {
386+ if (PRESENT(src)) {
387 size_t len = strlen(src);
388
389 if (len < dst->s_size) {
390@@ -126,7 +127,7 @@ _nc_safe_strcat(string_desc * dst, const char *src)
391 NCURSES_EXPORT(bool)
392 _nc_safe_strcpy(string_desc * dst, const char *src)
393 {
394- if (src != 0) {
395+ if (PRESENT(src)) {
396 size_t len = strlen(src);
397
398 if (len < dst->s_size) {
399diff --git a/ncurses/tinfo/trim_sgr0.c b/ncurses/tinfo/trim_sgr0.c
400index 4cbcb65..4d92d15 100644
401--- a/ncurses/tinfo/trim_sgr0.c
402+++ b/ncurses/tinfo/trim_sgr0.c
403@@ -36,7 +36,7 @@
404
405 #include <tic.h>
406
407-MODULE_ID("$Id: trim_sgr0.c,v 1.16 2017/04/05 22:33:07 tom Exp $")
408+MODULE_ID("$Id: trim_sgr0.c,v 1.17 2017/08/26 14:54:16 tom Exp $")
409
410 #undef CUR
411 #define CUR tp->
412@@ -263,7 +263,7 @@ _nc_trim_sgr0(TERMTYPE2 *tp)
413 /*
414 * If rmacs is a substring of sgr(0), remove that chunk.
415 */
416- if (exit_alt_charset_mode != 0) {
417+ if (PRESENT(exit_alt_charset_mode)) {
418 TR(TRACE_DATABASE, ("scan for rmacs %s", _nc_visbuf(exit_alt_charset_mode)));
419 j = strlen(off);
420 k = strlen(exit_alt_charset_mode);
421diff --git a/progs/tic.c b/progs/tic.c
422index c5d78e5..6dd4678 100644
423--- a/progs/tic.c
424+++ b/progs/tic.c
425@@ -48,7 +48,7 @@
426 #include <parametrized.h>
427 #include <transform.h>
428
429-MODULE_ID("$Id: tic.c,v 1.233 2017/07/15 17:40:19 tom Exp $")
430+MODULE_ID("$Id: tic.c,v 1.243 2017/08/26 20:56:55 tom Exp $")
431
432 #define STDIN_NAME "<stdin>"
433
434@@ -62,6 +62,10 @@ static bool showsummary = FALSE;
435 static char **namelst = 0;
436 static const char *to_remove;
437
438+#if NCURSES_XNAMES
439+static bool using_extensions = FALSE;
440+#endif
441+
442 static void (*save_check_termtype) (TERMTYPE2 *, bool);
443 static void check_termtype(TERMTYPE2 *tt, bool);
444
445@@ -850,6 +854,7 @@ main(int argc, char *argv[])
446 /* FALLTHRU */
447 case 'x':
448 use_extended_names(TRUE);
449+ using_extensions = TRUE;
450 break;
451 #endif
452 default:
453@@ -2405,10 +2410,17 @@ check_conflict(TERMTYPE2 *tp)
454 const char *a = given[j].value;
455 bool first = TRUE;
456
457+ if (!VALID_STRING(a))
458+ continue;
459+
460 for (k = j + 1; given[k].keycode; k++) {
461 const char *b = given[k].value;
462+
463+ if (!VALID_STRING(b))
464+ continue;
465 if (check[k])
466 continue;
467+
468 if (!_nc_capcmp(a, b)) {
469 check[j] = 1;
470 check[k] = 1;
471@@ -2431,6 +2443,67 @@ check_conflict(TERMTYPE2 *tp)
472 if (!first)
473 fprintf(stderr, "\n");
474 }
475+#if NCURSES_XNAMES
476+ if (using_extensions) {
477+ /* *INDENT-OFF* */
478+ static struct {
479+ const char *xcurses;
480+ const char *shifted;
481+ } table[] = {
482+ { "kDC", NULL },
483+ { "kDN", "kind" },
484+ { "kEND", NULL },
485+ { "kHOM", NULL },
486+ { "kLFT", NULL },
487+ { "kNXT", NULL },
488+ { "kPRV", NULL },
489+ { "kRIT", NULL },
490+ { "kUP", "kri" },
491+ { NULL, NULL },
492+ };
493+ /* *INDENT-ON* */
494+
495+ /*
496+ * SVr4 curses defines the "xcurses" names listed above except for
497+ * the special cases in the "shifted" column. When using these
498+ * names for xterm's extensions, that was confusing, and resulted
499+ * in adding extended capabilities with "2" (shift) suffix. This
500+ * check warns about unnecessary use of extensions for this quirk.
501+ */
502+ for (j = 0; given[j].keycode; ++j) {
503+ const char *find = given[j].name;
504+ int value;
505+ char ch;
506+
507+ if (!VALID_STRING(given[j].value))
508+ continue;
509+
510+ for (k = 0; table[k].xcurses; ++k) {
511+ const char *test = table[k].xcurses;
512+ size_t size = strlen(test);
513+
514+ if (!strncmp(find, test, size) && strcmp(find, test)) {
515+ switch (sscanf(find + size, "%d%c", &value, &ch)) {
516+ case 1:
517+ if (value == 2) {
518+ _nc_warning("expected '%s' rather than '%s'",
519+ (table[k].shifted
520+ ? table[k].shifted
521+ : test), find);
522+ } else if (value < 2 || value > 15) {
523+ _nc_warning("expected numeric 2..15 '%s'", find);
524+ }
525+ break;
526+ default:
527+ _nc_warning("expected numeric suffix for '%s'", find);
528+ break;
529+ }
530+ break;
531+ }
532+ }
533+ }
534+ }
535+#endif
536 free(given);
537 free(check);
538 }
539--
5402.10.2
541
diff --git a/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb b/meta/recipes-core/ncurses/ncurses_6.0+20171125.bb
index d1da5d16e0..6c4b96f428 100644
--- a/meta/recipes-core/ncurses/ncurses_6.0+20170715.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.0+20171125.bb
@@ -3,10 +3,9 @@ require ncurses.inc
3SRC_URI += "file://0001-tic-hang.patch \ 3SRC_URI += "file://0001-tic-hang.patch \
4 file://0002-configure-reproducible.patch \ 4 file://0002-configure-reproducible.patch \
5 file://config.cache \ 5 file://config.cache \
6 file://CVE-2017-13732-CVE-2017-13734-CVE-2017-13730-CVE-2017-13729-CVE-2017-13728-CVE-2017-13731.patch \
7" 6"
8# commit id corresponds to the revision in package version 7# commit id corresponds to the revision in package version
9SRCREV = "52681a6a1a18b4d6eb1a716512d0dd827bd71c87" 8SRCREV = "5d849e836052459901cfe0b85a0b2939ff8d2b2a"
10S = "${WORKDIR}/git" 9S = "${WORKDIR}/git"
11EXTRA_OECONF += "--with-abi-version=5" 10EXTRA_OECONF += "--with-abi-version=5"
12UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+(\+\d+)*)" 11UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+(\+\d+)*)"