Debian-Sicherheitsankündigung
DSA-113-1 ncurses -- Pufferüberlauf
- Datum des Berichts:
- 18. Feb 2002
- Betroffene Pakete:
- ncurses
- Verwundbar:
- Ja
- Sicherheitsdatenbanken-Referenzen:
- In Mitres CVE-Verzeichnis: CVE-2002-0062.
- Weitere Informationen:
-
Verschiedene Pufferüberläufe wurden in der »ncurses« Bibliothek im November 2000 behoben. Unglücklicherweise wurde einer übersehen. Er kann zu Abstürzen führen, wenn ncurses-Programme in großen Fenstern verwendet werden.
Das Common Vulnerabilities and Exposures Project hat diesem Problem den Namen CAN-2002-0062 zugewiesen.
Dieses Problem wurde in Version 5.0-6.0potato2 für den stable Release von Debian behoben. Die testing und unstable Releases beinhalten ncurses 5.2, das nicht von diesem Problem betroffen ist.
Es gibt keine bekannte Ausnutzung dieses Problems, aber wir empfehlen allen Benutzern, ncurses unverzüglich zu aktualisieren.
- Behoben in:
-
Debian GNU/Linux 2.2 (potato)
- Quellcode:
- http://security.debian.org/dists/potato/updates/main/source/ncurses_5.0-6.0potato2.diff.gz
- http://security.debian.org/dists/potato/updates/main/source/ncurses_5.0-6.0potato2.dsc
- http://security.debian.org/dists/potato/updates/main/source/ncurses_5.0.orig.tar.gz
- http://security.debian.org/dists/potato/updates/main/source/ncurses_5.0-6.0potato2.dsc
- Architektur-unabhängige Dateien:
- http://security.debian.org/dists/potato/updates/main/binary-all/ncurses-base_5.0-6.0potato2_all.deb
- http://security.debian.org/dists/potato/updates/main/binary-all/ncurses-term_5.0-6.0potato2_all.deb
- http://security.debian.org/dists/potato/updates/main/binary-all/ncurses-term_5.0-6.0potato2_all.deb
- Alpha:
- http://security.debian.org/dists/potato/updates/main/binary-alpha/libncurses5-dbg_5.0-6.0potato2_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/libncurses5-dev_5.0-6.0potato2_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/libncurses5_5.0-6.0potato2_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/ncurses-bin_5.0-6.0potato2_alpha.deb
- http://security.debian.org/dists/potato/updates/main/binary-alpha/libncurses5-dev_5.0-6.0potato2_alpha.deb
- ARM:
- http://security.debian.org/dists/potato/updates/main/binary-arm/libncurses5-dbg_5.0-6.0potato2_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/libncurses5-dev_5.0-6.0potato2_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/libncurses5_5.0-6.0potato2_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/ncurses-bin_5.0-6.0potato2_arm.deb
- http://security.debian.org/dists/potato/updates/main/binary-arm/libncurses5-dev_5.0-6.0potato2_arm.deb
- Intel ia32:
- http://security.debian.org/dists/potato/updates/main/binary-i386/libncurses5-dbg_5.0-6.0potato2_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/libncurses5-dev_5.0-6.0potato2_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/libncurses5_5.0-6.0potato2_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/ncurses-bin_5.0-6.0potato2_i386.deb
- http://security.debian.org/dists/potato/updates/main/binary-i386/libncurses5-dev_5.0-6.0potato2_i386.deb
- Motorola 680x0:
- http://security.debian.org/dists/potato/updates/main/binary-m68k/libncurses5-dbg_5.0-6.0potato2_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/libncurses5-dev_5.0-6.0potato2_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/libncurses5_5.0-6.0potato2_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/ncurses-bin_5.0-6.0potato2_m68k.deb
- http://security.debian.org/dists/potato/updates/main/binary-m68k/libncurses5-dev_5.0-6.0potato2_m68k.deb
- PowerPC:
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/libncurses5-dbg_5.0-6.0potato2_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/libncurses5-dev_5.0-6.0potato2_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/libncurses5_5.0-6.0potato2_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/ncurses-bin_5.0-6.0potato2_powerpc.deb
- http://security.debian.org/dists/potato/updates/main/binary-powerpc/libncurses5-dev_5.0-6.0potato2_powerpc.deb
- Sun Sparc:
- http://security.debian.org/dists/potato/updates/main/binary-sparc/libncurses5-dbg_5.0-6.0potato2_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/libncurses5-dev_5.0-6.0potato2_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/libncurses5_5.0-6.0potato2_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/ncurses-bin_5.0-6.0potato2_sparc.deb
- http://security.debian.org/dists/potato/updates/main/binary-sparc/libncurses5-dev_5.0-6.0potato2_sparc.deb
MD5-Prüfsummen der aufgeführten Dateien stehen in der ursprünglichen Sicherheitsankündigung zur Verfügung.