SUSE-SU-2019:2997-1
- Source
- https://www.suse.com/support/update/announcement/2019/suse-su-20192997-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2997-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2019:2997-1
- Upstream
- Related
- Published
- 2019-11-18T14:16:50Z
- Modified
- 2025-05-08T17:14:39.286255Z
- Summary
- Security update for ncurses
- Details
-
This update for ncurses fixes the following issues:
Security issues fixed:
- CVE-2019-17594: Fixed a heap-based buffer over-read in the ncfind_entry function (bsc#1154036).
- CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function (bsc#1154037).
Non-security issue fixed:
- Removed screen.xterm from terminfo database (bsc#1103320).
- References
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15
ncurses
Package
- Name
- ncurses
- Purl
- pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1-5.6.2
Ecosystem specific
{
"binaries": [
{
"libncurses6-32bit": "6.1-5.6.2",
"ncurses-devel": "6.1-5.6.2",
"libncurses6": "6.1-5.6.2",
"ncurses-utils": "6.1-5.6.2",
"terminfo-base": "6.1-5.6.2",
"terminfo-iterm": "6.1-5.6.2",
"terminfo": "6.1-5.6.2",
"terminfo-screen": "6.1-5.6.2",
"tack": "6.1-5.6.2"
}
]
}SUSE:Linux Enterprise Module for Basesystem 15 SP1
ncurses
Package
- Name
- ncurses
- Purl
- pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1-5.6.2
Ecosystem specific
{
"binaries": [
{
"libncurses6-32bit": "6.1-5.6.2",
"ncurses-devel": "6.1-5.6.2",
"libncurses6": "6.1-5.6.2",
"ncurses-utils": "6.1-5.6.2",
"terminfo-base": "6.1-5.6.2",
"terminfo-iterm": "6.1-5.6.2",
"terminfo": "6.1-5.6.2",
"terminfo-screen": "6.1-5.6.2",
"tack": "6.1-5.6.2"
}
]
}