ncurses 6.2-0ubuntu2.1 source package in Ubuntu

Changelog

ncurses (6.2-0ubuntu2.1) focal-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow in the _nc_captoinfo function
    - debian/patches/CVE-2021-39537.patch: add a check for end-of-string in
      cvtchar to handle a malformed string in infotocap.
    - CVE-2021-39537
  * SECURITY UPDATE: out-of-bounds read in the convert_strings function
    - debian/patches/CVE-2022-29458.patch:add a limit-check to guard against
      corrupt terminfo data.
    - CVE-2022-29458
  * SECURITY UPDATE: memory corruption when processing malformed terminfo data
    entries loaded by setuid/setgid programs
    - debian/patches/CVE-2023-29491-mitigation.patch: change the
      --disable-root-environ configure option behavior.
    - debian/rules: set --disable-root-environ in configuration options.
    - debian/libtinfo5.symbols, debian/libtinfo6.symbols: add _nc_env_access
      to symbols files.
    - CVE-2023-29491
  * debian/patches/fix-off-by-one-loop-convert-strings.patch: correct an
    off-by-one loop-limit in convert_strings function.

 -- Camila Camargo de Matos <email address hidden>  Tue, 16 May 2023 15:47:48 -0300

Upload details

Uploaded by:
Camila Camargo de Matos
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates main libs
Focal security main libs

Downloads

File Size SHA-256 Checksum
ncurses_6.2.orig.tar.gz 3.3 MiB 30306e0c76e0f9f1f0de987cf1c82a5c21e1ce6568b9227f7da5b71cbea86c9d
ncurses_6.2-0ubuntu2.1.debian.tar.xz 62.1 KiB d2bd89264541f781486be54b79a97bcd9f552ae8507a3427c88c8aacb1f66f5c
ncurses_6.2-0ubuntu2.1.dsc 3.5 KiB 44245941b7bbbce0bbd0eb91ed4498071f249f5dee2ede0821446a0a5bc7a8f5

View changes file

Binary packages built by this source

lib32ncurses-dev: developer's libraries for ncurses (32-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the header files, static libraries
 and symbolic links that developers using ncurses will need.
 .
 This package supports the 32-bit ABI variant of your system's
 architecture.

lib32ncurses6: shared libraries for terminal handling (32-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncurses.
 .
 This package supports the 32-bit ABI variant of your system's
 architecture.

lib32ncurses6-dbgsym: debug symbols for lib32ncurses6
lib32ncursesw6: shared libraries for terminal handling (wide character support) (32-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncursesw, which includes support for wide characters.
 .
 This package supports the 32-bit ABI variant of your system's
 architecture.

lib32ncursesw6-dbgsym: debug symbols for lib32ncursesw6
lib32tinfo6: shared low-level terminfo library for terminal handling (32-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared low-level terminfo library.
 .
 This package supports the 32-bit ABI variant of your system's architecture.

lib32tinfo6-dbgsym: debug symbols for lib32tinfo6
lib64ncurses-dev: developer's libraries for ncurses (64-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the header files, static libraries
 and symbolic links that developers using ncurses will need.
 .
 This package supports the 64-bit ABI variant of your system's
 architecture.

lib64ncurses6: shared libraries for terminal handling (64-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncurses.
 .
 This package supports the 64-bit ABI variant of your system's
 architecture.

lib64ncurses6-dbgsym: debug symbols for lib64ncurses6
lib64ncursesw6: shared libraries for terminal handling (wide character support) (64-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncursesw, which includes support for wide characters.
 .
 This package supports the 64-bit ABI variant of your system's
 architecture.

lib64ncursesw6-dbgsym: debug symbols for lib64ncursesw6
lib64tinfo6: shared low-level terminfo library for terminal handling (64-bit)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared low-level terminfo library.
 .
 This package supports the 64-bit ABI variant of your system's architecture.

lib64tinfo6-dbgsym: debug symbols for lib64tinfo6
libncurses-dev: developer's libraries for ncurses

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the header files, static libraries
 and symbolic links that developers using ncurses will need.

libncurses5: shared libraries for terminal handling (legacy version)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the legacy shared libraries necessary to run
 programs compiled with ncurses.

libncurses5-dbgsym: debug symbols for libncurses5
libncurses5-dev: transitional package for libncurses-dev

 This is a transitional package that can safely be removed.

libncurses6: shared libraries for terminal handling

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncurses.

libncurses6-dbgsym: debug symbols for libncurses6
libncursesw5: shared libraries for terminal handling (wide character legacy version)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the legacy shared libraries necessary to run
 programs compiled with ncursesw, which includes support for wide
 characters.

libncursesw5-dbgsym: debug symbols for libncursesw5
libncursesw5-dev: transitional package for libncurses-dev

 This is a transitional package that can safely be removed.

libncursesw6: shared libraries for terminal handling (wide character support)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared libraries necessary to run programs
 compiled with ncursesw, which includes support for wide characters.

libncursesw6-dbgsym: debug symbols for libncursesw6
libtinfo-dev: transitional package for libncurses-dev

 This is a transitional package that can safely be removed.

libtinfo5: shared low-level terminfo library (legacy version)

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the legacy version of the shared low-level
 terminfo library.

libtinfo5-dbgsym: debug symbols for libtinfo5
libtinfo6: shared low-level terminfo library for terminal handling

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the shared low-level terminfo library.

libtinfo6-dbgsym: debug symbols for libtinfo6
libtinfo6-udeb: shared low-level terminfo library for terminal handling - udeb

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the stripped-down udeb version of shared low-level
 terminfo library.

ncurses-base: basic terminal type definitions

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains terminfo data files to support the most common types of
 terminal, including ansi, dumb, linux, rxvt, screen, sun, vt100, vt102, vt220,
 vt52, and xterm.

ncurses-bin: terminal-related programs and man pages

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains the programs used for manipulating the terminfo
 database and individual terminfo entries, as well as some programs for
 resetting terminals and such.

ncurses-bin-dbgsym: debug symbols for ncurses-bin
ncurses-doc: developer's guide and documentation for ncurses

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains an introduction to writing programs with
 ncurses a guide to the internals of the ncurses library. It also
 includes the libraries' man pages.
 .
 Non-developers likely have little use for this package.

ncurses-examples: test programs and examples for ncurses

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains programs demonstrating the possibilities of
 ncurses and testing the library. The examples include an
 analog/digital clock and several classic programs such as solitaire,
 battleships, a knight's tour on a chess board, the towers of Hanoi
 and several others.

ncurses-examples-dbgsym: debug symbols for ncurses-examples
ncurses-term: additional terminal type definitions

 The ncurses library routines are a terminal-independent method of
 updating character screens with reasonable optimization.
 .
 This package contains all of the numerous terminal definitions not found in
 the ncurses-base package.