Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 502
Alerts This Week
Warning Icon 1 502

SUSE 11-SP4: 2017:3183-1 Important: ncurses Stack Overflow

suse
Calendar Grey December 1, 2017
Dist Suse Esm H88
SUSE Security Patch for openssl tackles urgent problems and supplies crucial solutions for software weaknesses.
An update that fixes 7 vulnerabilities is now available

Summary

This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-13728: Fix infinite loop in the next_char function in comp_scan.c (bsc#1056136). - CVE-2017-13729: Fix illegal address access in the _nc_save_str (bsc#1056132). - CVE-2017-13730: Fix illegal address access in the function _nc_read_entry_source() (bsc#1056131). - CVE-2017-13731: Fix illegal address access in the function postprocess_termcap() (bsc#1056129). - CVE-2017-13732: Fix illegal address access in the function dump_uses() (bsc#1056128). - CVE-2017-13733: Fix illegal address access in the fmt_entry function (bsc#1056127). - CVE-2017-16879: Fix stack-based buffer overflow in the _nc_write_entry() function (bsc#1069530). Patch Instructions: To install this SUSE Security Update use YaST online_update.

References

#1056127 #1056128 #1056129 #1056131 #1056132

#1056136 #1069530

Cross- CVE-2017-13728 CVE-2017-13729 CVE-2017-13730

CVE-2017-13731 CVE-2017-13732 CVE-2017-13733

CVE-2017-16879

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP4

https://www.suse.com/security/cve/CVE-2017-13728.html

https://www.suse.com/security/cve/CVE-2017-13729.html

https://www.suse.com/security/cve/CVE-2017-13730.html

https://www.suse.com/security/cve/CVE-2017-13731.html

https://www.suse.com/security/cve/CVE-2017-13732.html

https://www.suse.com/security/cve/CVE-2017-13733.html

https://www.suse.com/security/cve/CVE-2017-16879.html

https://bugzilla.suse.com/1056127

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2017:3183-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.