{"affected":[{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP3","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses6":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ncurses-devel":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ncurses-devel":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-devel-32bit":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-devel-32bit":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-devel-32bit":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libncurses5":"5.9-58.1","libncurses5-32bit":"5.9-58.1","libncurses6":"5.9-58.1","libncurses6-32bit":"5.9-58.1","ncurses-devel":"5.9-58.1","ncurses-devel-32bit":"5.9-58.1","ncurses-utils":"5.9-58.1","tack":"5.9-58.1","terminfo":"5.9-58.1","terminfo-base":"5.9-58.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"ncurses","purl":"pkg:rpm/suse/ncurses&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.9-58.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ncurses fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2017-13734: Prevent illegal address access in the _nc_safe_strcat\n  function in strings.c that might have lead to a remote denial of service attack\n  (bsc#1056126).\n- CVE-2017-13733: Prevent illegal address access in the fmt_entry function in\n  progs/dump_entry.c that might have lead to a remote denial of service attack\n  (bsc#1056127).\n- CVE-2017-13732: Prevent illegal address access in the function dump_uses() in\n  progs/dump_entry.c that might have lead to a remote denial of service attack\n  (bsc#1056128).\n- CVE-2017-13731: Prevent illegal address access in the function\n  postprocess_termcap() in parse_entry.c that might have lead to a remote denial\n  of service attack (bsc#1056129).\n- CVE-2017-13730: Prevent illegal address access in the function\n  _nc_read_entry_source() in progs/tic.c that might have lead to a remote denial\n  of service attack (bsc#1056131).\n- CVE-2017-13729: Prevent illegal address access in the _nc_save_str function\n  in alloc_entry.c that might have lead to a remote denial of service attack\n  (bsc#1056132).\n- CVE-2017-13728: Prevent infinite loop in the next_char function in\n  comp_scan.c that might have lead to a remote denial of service attack\n  (bsc#1056136).\n","id":"SUSE-SU-2018:0284-1","modified":"2018-01-30T09:54:08Z","published":"2018-01-30T09:54:08Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20180284-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056126"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056127"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056128"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056129"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056131"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056132"},{"type":"REPORT","url":"https://bugzilla.suse.com/1056136"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13728"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13729"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13731"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13733"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-13734"}],"related":["CVE-2017-13728","CVE-2017-13729","CVE-2017-13730","CVE-2017-13731","CVE-2017-13732","CVE-2017-13733","CVE-2017-13734"],"summary":"Security update for ncurses","upstream":["CVE-2017-13728","CVE-2017-13729","CVE-2017-13730","CVE-2017-13731","CVE-2017-13732","CVE-2017-13733","CVE-2017-13734"]}