[Git][security-tracker-team/security-tracker][master] Update status for ncurses issues according to the maintainer
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 28 08:52:55 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1cd172c1 by Salvatore Bonaccorso at 2023-08-28T09:52:12+02:00
Update status for ncurses issues according to the maintainer
Thanks: Sven Joachim
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -226256,23 +226256,37 @@ CVE-2020-19192
CVE-2020-19191
RESERVED
CVE-2020-19190 (Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:7 ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
+ NOTE: CVE-2020-19190 seems to be a duplicate of CVE-2019-17594 but keep distinct for now
CVE-2020-19189 (Buffer Overflow vulnerability in postprocess_terminfo function in tinf ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
CVE-2020-19188 (Buffer Overflow vulnerability in fmt_entry function in progs/dump_entr ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
CVE-2020-19187 (Buffer Overflow vulnerability in fmt_entry function in progs/dump_entr ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
+ NOTE: CVE-2020-19187 seems to be a duplicate of CVE-2019-17595 but keep distinct for now
CVE-2020-19186 (Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
CVE-2020-19185 (Buffer Overflow vulnerability in one_one_mapping function in progs/dum ...)
- - ncurses <undetermined>
+ - ncurses 6.1+20191019-1
NOTE: https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md
+ NOTE: Fixed in 20191012 with followups in 20191015 and 20191019 patchlevels
+ NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/index.html
CVE-2020-19184
RESERVED
CVE-2020-19183
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd172c198c45bdca0a4cc0122f60e365446a5f8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd172c198c45bdca0a4cc0122f60e365446a5f8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230828/d94892a3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list