A NULL pointer dereference was found in the way the _nc_parse_entry function parses terminfo data for compilation.
Change-Id: I5715236650d076ff7938c97c1c3858e05b67c420
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5363
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,18 @@ |
0 |
+--- a/ncurses/tinfo/parse_entry.c 2018-07-17 19:44:55.333567209 +0530 |
|
1 |
+@@ -543,11 +543,12 @@ |
|
2 |
+ * Otherwise, look for a base entry that will already |
|
3 |
+ * have picked up defaults via translation. |
|
4 |
+ */ |
|
5 |
+- for (i = 0; i < entryp->nuses; i++) |
|
6 |
+- if (!strchr((char *) entryp->uses[i].name, '+')) |
|
7 |
++ for (i = 0; i < entryp->nuses; i++) { |
|
8 |
++ if (entryp->uses[i].name != 0 |
|
9 |
++ && !strchr(entryp->uses[i].name, '+')) |
|
10 |
+ has_base_entry = TRUE; |
|
11 |
++ } |
|
12 |
+ } |
|
13 |
+- |
|
14 |
+ postprocess_termcap(&entryp->tterm, has_base_entry); |
|
15 |
+ } else |
|
16 |
+ postprocess_terminfo(&entryp->tterm); |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: Libraries for terminal handling of character screens |
2 | 2 |
Name: ncurses |
3 | 3 |
Version: 6.0 |
4 |
-Release: 13%{?dist} |
|
4 |
+Release: 14%{?dist} |
|
5 | 5 |
License: MIT |
6 | 6 |
URL: http://invisible-island.net/ncurses/ |
7 | 7 |
Group: Applications/System |
... | ... |
@@ -11,6 +11,7 @@ Distribution: Photon |
11 | 11 |
Source0: ftp://ftp.invisible-island.net/ncurses/current/%{name}-%{version}-20171125.tgz |
12 | 12 |
%define sha1 ncurses=179d79d707ac5040499294e3206fd558d52b604a |
13 | 13 |
Requires: ncurses-libs = %{version}-%{release} |
14 |
+Patch0: CVE-2018-10754.patch |
|
14 | 15 |
%description |
15 | 16 |
The Ncurses package contains libraries for terminal-independent |
16 | 17 |
handling of character screens. |
... | ... |
@@ -47,6 +48,7 @@ It contains all terminfo files |
47 | 47 |
|
48 | 48 |
%prep |
49 | 49 |
%setup -q -n %{name}-%{version}-%{ncursessubversion} |
50 |
+%patch0 -p1 |
|
50 | 51 |
|
51 | 52 |
%build |
52 | 53 |
mkdir v6 |
... | ... |
@@ -183,6 +185,8 @@ make |
183 | 183 |
%exclude %{_datadir}/terminfo/l/linux |
184 | 184 |
|
185 | 185 |
%changelog |
186 |
+* Tue Jul 17 2018 Tapas Kundu <tkundu@vmware.com> 6.0-14 |
|
187 |
+- Fix for CVE-2018-10754 |
|
186 | 188 |
* Wed Dec 06 2017 Xiaolin Li <xiaolinl@vmware.com> 6.0-13 |
187 | 189 |
- version bump to 20171007, fix CVE-2017-16879 |
188 | 190 |
* Tue Oct 10 2017 Bo Gan <ganb@vmware.com> 6.0-12 |