Advisories ยป MGASA-2018-0001

Updated ncurses packages fix security vulnerabilities

Publication date: 01 Jan 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-10684 , CVE-2017-10685 , CVE-2017-11112 , CVE-2017-11113

Description

Possible RCE via stack-based buffer overflow in the fmt_entry function
(CVE-2017-10684).

Possible RCE with format string vulnerability in the fmt_entry function
(CVE-2017-10685).

Illegal address access in append_acs (CVE-2017-11112).

Dereferencing NULL pointer in _nc_parse_entry (CVE-2017-11113).
                

References

SRPMS

5/core