Information on source package ncurses

Available versions

ReleaseVersion
buster6.1+20181013-2+deb10u2
buster (security)6.1+20181013-2+deb10u3
bullseye6.2+20201114-2+deb11u1
bookworm6.4-4
sid6.4-4

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2023-29491vulnerable (no DSA)vulnerable (no DSA)fixedfixedncurses before 6.4 20230408, when used by a setuid application, allows ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2021-39537vulnerablefixedfixedfixedAn issue was discovered in ncurses through v6.2-1. _nc_captoinfo in ca ...

Resolved issues

BugDescription
CVE-2022-29458ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmen ...
CVE-2019-17595There is a heap-based buffer over-read in the fmt_entry function in ti ...
CVE-2019-17594There is a heap-based buffer over-read in the _nc_find_entry function ...
CVE-2018-19217In ncurses, possibly a 6.x version, there is a NULL pointer dereferenc ...
CVE-2018-19211In ncurses 6.1, there is a NULL pointer dereference at function _nc_pa ...
CVE-2017-16879Stack-based buffer overflow in the _nc_write_entry function in tinfo/w ...
CVE-2017-13734There is an illegal address access in the _nc_safe_strcat function in ...
CVE-2017-13733There is an illegal address access in the fmt_entry function in progs/ ...
CVE-2017-13732There is an illegal address access in the function dump_uses() in prog ...
CVE-2017-13731There is an illegal address access in the function postprocess_termcap ...
CVE-2017-13730There is an illegal address access in the function _nc_read_entry_sour ...
CVE-2017-13729There is an illegal address access in the _nc_save_str function in all ...
CVE-2017-13728There is an infinite loop in the next_char function in comp_scan.c in ...
CVE-2017-11113In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_e ...
CVE-2017-11112In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the ...
CVE-2017-10685In ncurses 6.0, there is a format string vulnerability in the fmt_entr ...
CVE-2017-10684In ncurses 6.0, there is a stack-based buffer overflow in the fmt_entr ...

Security announcements

DSA / DLADescription
DLA-3167-1ncurses - security update

Search for package or bug name: Reporting problems